www.ocorian.com Open in urlscan Pro
2606:4700:20::681a:330 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sites-estera.vuturevx.com/e/hm0sfnkb7bwjkfa/491a28b2-eb79-48d3-900c-1e1a40cbb564
Effective URL:
https://www.ocorian.com/
Submission: On April 20 via api (April 20th 2020, 2:57:54 pm UTC) from US

Summary HTTP 42 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 23 domains to perform 42 HTTP transactions. The main IP is 2606:4700:20::681a:330, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ocorian.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 9th 2020. Valid for: 7 months.

This is the only time www.ocorian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	83.138.131.51 83.138.131.51	15395 (RACKSPACE...) (RACKSPACE-LON)
17	2606:4700:20:... 2606:4700:20::681a:330	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10c... 2a02:26f0:10c:39e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
2	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::681b:bea7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.17.91.205 52.17.91.205	16509 (AMAZON-02) (AMAZON-02)
2 2	52.211.144.161 52.211.144.161	16509 (AMAZON-02) (AMAZON-02)
1	92.123.150.214 92.123.150.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
2	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	23.52.120.31 23.52.120.31	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.213.164.135 23.213.164.135	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:6ea0:c71... 2a02:6ea0:c710::2	60068 (CDN77) (CDN77)
1	54.209.164.148 54.209.164.148	14618 (AMAZON-AES) (AMAZON-AES)
1 1	68.67.153.53 68.67.153.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.174.78.146 35.174.78.146	14618 (AMAZON-AES) (AMAZON-AES)
1	18.232.28.189 18.232.28.189	14618 (AMAZON-AES) (AMAZON-AES)
42	22

3 83.138.131.51 (United Kingdom) 3 redirects

ASN15395 (RACKSPACE-LON, GB)
PTR: v118.vx-email.com

sites-estera.vuturevx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
estera.vuturevx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:20::681a:330 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ocorian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::681b:bea7 (United States)

ASN13335 (CLOUDFLARENET, US)

re.tc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.91.205 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-91-205.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.144.161 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-144-161.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.150.214 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.120.31 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-31.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.164.135 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-135.deploy.static.akamaitechnologies.com

v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c710::2 (Germany)

ASN60068 (CDN77, GB)

s2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.164.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-164-148.compute-1.amazonaws.com

dash.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.53 (United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: one.progmxs.pxlsrv.net

one.progmxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.174.78.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.232.28.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-6-ue1.aws.pardot.com

insights.ocorian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ocorian.com www.ocorian.com insights.ocorian.com	2 MB
4	getsitecontrol.com l.getsitecontrol.com s2.getsitecontrol.com dash.getsitecontrol.com	23 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	vuturevx.com 3 redirects sites-estera.vuturevx.com estera.vuturevx.com	390 B
2	pardot.com pi.pardot.com	4 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	addthis.com s7.addthis.com	189 KB
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	417 B
2	avct.cloud 2 redirects ads.avct.cloud	896 B
2	re.tc re.tc	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	cookiebot.com consent.cookiebot.com	62 KB
1	progmxs.com 1 redirects one.progmxs.com	221 B
1	addthisedge.com v1.addthisedge.com	790 B
1	moatads.com z.moatads.com	1 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	186 B
1	bluekai.com tags.bluekai.com	329 B
1	avocet.io 1 redirects ads.avocet.io	249 B
1	crazyegg.com script.crazyegg.com	22 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
42	23

	Domain	Requested by
17	www.ocorian.com	www.ocorian.com
2	pi.pardot.com	www.ocorian.com pi.pardot.com
2	secure.adnxs.com	1 redirects www.ocorian.com
2	s7.addthis.com	www.ocorian.com s7.addthis.com
2	px.ads.linkedin.com	1 redirects www.ocorian.com
2	ads.avct.cloud	2 redirects
2	re.tc	www.googletagmanager.com
2	l.getsitecontrol.com	www.googletagmanager.com l.getsitecontrol.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	consent.cookiebot.com	www.ocorian.com consent.cookiebot.com
2	sites-estera.vuturevx.com	2 redirects
1	insights.ocorian.com	pi.pardot.com
1	one.progmxs.com	1 redirects
1	dash.getsitecontrol.com	s2.getsitecontrol.com
1	s2.getsitecontrol.com	l.getsitecontrol.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.linkedin.com	1 redirects
1	www.google.de	www.ocorian.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	tags.bluekai.com	www.ocorian.com
1	ads.avocet.io	1 redirects
1	script.crazyegg.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	www.ocorian.com
1	estera.vuturevx.com	1 redirects
42	29

This site contains links to these domains. Also see Links.

Domain
contextweb.com
www.internedservices.nl
www.bidswitch.com
policies.google.com
www.id5.io
www.cookiebot.com
www.nativo.com
www.crazyegg.com
www.linkedin.com
betweendigital.ru
www.appnexus.com
business.brighttalk.com
www.digitru.st
pubmatic.com
vimeo.com
www.improvedigital.com
triplelift.com
www.addthis.com
site.adform.com
adotmob.com
www.criteo.com
www.amobee.com
www.mediamath.com
adthink.com
www.oracle.com
casalemedia.com
www.lotame.com
www.adobe.com
digitalaudience.io
us.dynadmic.com
www.nielsen.com
www.salesforce.com
www.sovrn.com
www.openx.com
www.semasio.com
smartadserver.com
sonobi.com
www.tapad.com
www.dataxu.com
unruly.co
www.cloudbuy.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
ocorian.com CloudFlare Inc ECC CA-2	`2020-03-09` - `2020-10-09`	7 months	crt.sh
consent.cookiebot.com Go Daddy Secure Certificate Authority - G2	`2019-01-14` - `2021-01-08`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2022-05-04`	2 years	crt.sh
ssl945600.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-28` - `2020-08-05`	6 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-26` - `2020-08-25`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-04-14` - `2021-04-10`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2019-12-26` - `2020-12-26`	a year	crt.sh
insights.ocorian.com Let's Encrypt Authority X3	`2020-04-16` - `2020-07-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ocorian.com/
Frame ID: 8FEBCA52B34BE71AA6369C157091D299
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sites-estera.vuturevx.com/e/hm0sfnkb7bwjkfa/491a28b2-eb79-48d3-900c-1e1a40cbb564 HTTP 302
https://sites-estera.vuturevx.com/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a... HTTP 302
https://estera.vuturevx.com/edit/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c... HTTP 302
https://www.ocorian.com/ Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

42
Requests

100 %
HTTPS

54 %
IPv6

23
Domains

29
Subdomains

22
IPs

7
Countries

2770 kB
Transfer

4305 kB
Size

7
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: http://contextweb.com/privacy-policy.html
Title: Pulsepoint

Search URL Search Domain Scan URL

URL: https://www.internedservices.nl/disclaimer-privacy-policy/
Title: KPN

Search URL Search Domain Scan URL

URL: http://www.bidswitch.com/privacy-policy/
Title: Bidswitch

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google

Search URL Search Domain Scan URL

URL: https://www.id5.io/privacy
Title: ID5

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.nativo.com/privacy-policy
Title: Nativo

Search URL Search Domain Scan URL

URL: https://www.crazyegg.com/privacy
Title: Crazyegg

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://betweendigital.ru/privacy-policy
Title: Between

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/en/company/privacy-policy
Title: Appnexus

Search URL Search Domain Scan URL

URL: https://business.brighttalk.com/company/privacy-policy/
Title: Brighttalk

Search URL Search Domain Scan URL

URL: http://www.digitru.st/privacy-policy/
Title: Digitrust

Search URL Search Domain Scan URL

URL: https://pubmatic.com/legal/privacy-policy/
Title: Pubmatic

Search URL Search Domain Scan URL

URL: https://vimeo.com/privacy
Title: Vimeo

Search URL Search Domain Scan URL

URL: https://www.improvedigital.com/privacy-policy/
Title: Improve Digital

Search URL Search Domain Scan URL

URL: https://triplelift.com/privacy/
Title: TripleLift

Search URL Search Domain Scan URL

URL: http://www.addthis.com/privacy
Title: Oracle

Search URL Search Domain Scan URL

URL: http://site.adform.com/privacy-policy-opt-out/
Title: Adform

Search URL Search Domain Scan URL

URL: https://adotmob.com/privacy.html
Title: Adotmob

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy/
Title: Criteo

Search URL Search Domain Scan URL

URL: https://www.amobee.com/trust/privacy-guidelines
Title: Amobee

Search URL Search Domain Scan URL

URL: http://www.mediamath.com/privacy-policy/
Title: Mediamath

Search URL Search Domain Scan URL

URL: https://adthink.com/fr/terms/
Title: Adthink

Search URL Search Domain Scan URL

URL: https://www.oracle.com/legal/privacy/index.html
Title: Oracle

Search URL Search Domain Scan URL

URL: http://casalemedia.com/
Title: Casalemedia

Search URL Search Domain Scan URL

URL: https://www.lotame.com/about-lotame/privacy/lotames-products-services-privacy-policy/
Title: Lotame

Search URL Search Domain Scan URL

URL: https://www.adobe.com/privacy.html
Title: Adobe Inc

Search URL Search Domain Scan URL

URL: https://digitalaudience.io/legal/privacy-cookies/
Title: Digital Audience

Search URL Search Domain Scan URL

URL: http://us.dynadmic.com/privacy-policy/
Title: Dynadmic

Search URL Search Domain Scan URL

URL: https://www.nielsen.com/us/en/privacy-statement.html
Title: The Nielsen Company

Search URL Search Domain Scan URL

URL: https://www.salesforce.com/company/privacy/
Title: Salesforce

Search URL Search Domain Scan URL

URL: https://www.sovrn.com/privacy-policy-eu/
Title: Sovrn

Search URL Search Domain Scan URL

URL: https://www.openx.com/legal/privacy-policy/
Title: Openx

Search URL Search Domain Scan URL

URL: http://www.semasio.com/privacy-policy/
Title: Semasio

Search URL Search Domain Scan URL

URL: http://smartadserver.com/company/privacy-policy/
Title: Smart Adserver

Search URL Search Domain Scan URL

URL: http://sonobi.com/privacy-policy/
Title: Sonobi

Search URL Search Domain Scan URL

URL: https://www.tapad.com/privacy
Title: Tapad

Search URL Search Domain Scan URL

URL: https://www.dataxu.com/about-us/privacy/data-collection-platform/
Title: Dataxu

Search URL Search Domain Scan URL

URL: https://unruly.co/privacy/
Title: Unruly

Search URL Search Domain Scan URL

URL: https://www.cloudbuy.com/privacy-policy-and-disclaimer.html
Title: Cloudbuy

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bepartofocorian/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ocorian/
Title: Linked In

Search URL Search Domain Scan URL

URL: https://twitter.com/Ocorian
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sites-estera.vuturevx.com/e/hm0sfnkb7bwjkfa/491a28b2-eb79-48d3-900c-1e1a40cbb564 HTTP 302
https://sites-estera.vuturevx.com/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a40cbb564 HTTP 302
https://estera.vuturevx.com/edit/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a40cbb564 HTTP 302
https://www.ocorian.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://ads.avocet.io/s?add=5da453dcb9da7b1f00741663&gtmcb=1165803903 HTTP 301
https://ads.avct.cloud/s?r=1&uuid=0&add=5da453dcb9da7b1f00741663&gtmcb=1165803903 HTTP 302
https://ads.avct.cloud/s?bounce=true&r=1&uuid=0&add=5da453dcb9da7b1f00741663&gtmcb=1165803903 HTTP 302
https://tags.bluekai.com/site/34046?id=0

Request Chain 17

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1693543610&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ocorian.com%2F&ul=en-us&de=UTF-8&dt=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=906013213&gjid=2030315607&cid=1840648575.1587394637&tid=UA-80203265-2&_gid=1409632630.1587394637&_r=1&gtm=2wg480WZQLSV9&z=675993259 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_gid=1409632630.1587394637&gjid=2030315607&_v=j81&z=675993259 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259&slf_rd=1&random=192595132

Request Chain 24

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D316435%26url%3Dhttps%253A%252F%252Fwww.ocorian.com%252F%26time%3D1587394637550%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550&liSync=true

Request Chain 39

https://one.progmxs.com/seg?add=20640817&t=2 HTTP 302
https://secure.adnxs.com/seg?add=20640817&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20640817%26t%3D2

42 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ocorian.com/
Redirect Chain

https://sites-estera.vuturevx.com/e/hm0sfnkb7bwjkfa/491a28b2-eb79-48d3-900c-1e1a40cbb564
https://sites-estera.vuturevx.com/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a40cbb564
https://estera.vuturevx.com/edit/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a40cbb564
https://www.ocorian.com/

123 KB
22 KB

156ms
155ms

Document
text/html

2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbed11299d16626b4f226f150aef4693d378bff2ec759e5e8295582609c3381f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.ocorian.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 20 Apr 2020 14:57:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dfa0c5ba0963aadb4b6943c4b7050c9ca1587394637; expires=Wed, 20-May-20 14:57:17 GMT; path=/; domain=.ocorian.com; HttpOnly; SameSite=Lax; Secure
cache-control: max-age=86400, public
content-language: en
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Mon, 20 Apr 2020 08:10:20 GMT
link: <https://www.ocorian.com/>; rel="shortlink", <https://www.ocorian.com/>; rel="canonical" <https://www.ocorian.com/node/13>; rel="revision"
strict-transport-security: max-age=0
vary: Cookie
x-content-type-options: nosniff
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: HIT
x-drupal-cache-contexts: cookies:big_pipe_nojs languages:language_content languages:language_interface layout_builder_is_active:node route session.exists theme timezone url user.node_grants:view user.permissions user.roles:anonymous user.roles:authenticated
x-drupal-cache-tags: block_content:1 block_content_view block_view config:block.block.exposedformsearch_resultspage_1 config:block.block.exposedformsearch_resultspage_2 config:block.block.footerbranding config:block.block.footerlinks1 config:block.block.footerlinks2 config:block.block.footerlinks3 config:block.block.jurisdictionmapblock config:block.block.octavia_branding config:block.block.octavia_content config:block.block.octavia_help config:block.block.octavia_local_tasks config:block.block.octavia_main_menu config:block.block.octavia_messages config:block.block.octavia_page_title config:block.block.searchform config:block.block.secondarymenu config:block.block.socialmenu config:block.block.socialmenu_2 config:block.block.views_block__careers_block_1 config:block.block.views_block__core_services_services_block_1 config:block.block.views_block__events_block_1 config:block.block.views_block__jurisdictions_block_1 config:block.block.views_block__jurisdictions_block_2 config:block.block.views_block__news_insights_block_1 config:block.block.views_block__our_people_block_1 config:block.block.views_block__services_block_1 config:block_list config:color.theme.octavia config:core.entity_view_display.block_content.basic.default config:core.entity_view_display.paragraph.menu_link_block.default config:core.entity_view_display.simple_mega_menu.services_mega_menu.before config:field.storage.paragraph.field_image config:field.storage.paragraph.field_statistic_title config:field.storage.paragraph.field_statistic_value config:filter.format.basic_html config:filter.format.full_html config:google_analytics.settings config:image.style.card_listing_style config:image.style.large config:image.style.thumbnail config:paragraphs.settings config:search_api_autocomplete.search.search_results config:system.menu.footer-links-1 config:system.menu.footer-links-2 config:system.menu.footer-links-3 config:system.menu.main config:system.menu.secondary-menu config:system.menu.social-menu config:system.site config:user.role.anonymous config:views.view.core_services config:views.view.full_card_news_insights config:views.view.homepage_statistics config:views.view.news_insights config:views.view.upcoming_events file:4369 file:4370 file:4379 file:4382 file:4384 file:4765 file:4883 file:4913 file:4922 file:4928 file:4931 http_response local_task node:12 node:13 node:14 node:16 node:17 node:25 node:26 node:35 node:353 node:358 node:363 node:368 node:372 node:375 node:770 node:772 node:773 node:774 node:782 node:783 node:856 node:877 node:911 node:917 node:943 node:947 node:949 node:950 node:951 node_list node_view paragraph:1 paragraph:2 paragraph:3 paragraph:4 paragraph:423 paragraph:424 paragraph:425 paragraph:426 paragraph:427 paragraph:428 paragraph:5 paragraph_list paragraph_view rendered search_api_autocomplete_search_list:views:search_results simple_mega_menu:1 simple_mega_menu_view user:1 user:101 user:127 user:9
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 8 (https://www.drupal.org)
x-platform-cache: HIT
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
x-request-id: vjd4ebudfvnw5i6higivq2q2
x-ua-compatible: IE=edge
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 586fb7826c570eb7-FRA
content-encoding: br
cf-request-id: 0239b1058400000eb74d805200000001

Redirect headers

status: 302
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Mon, 20 Apr 2020 14:57:16 GMT
location: https://www.ocorian.com/
expires: -1
pragma: no-cache
x-powered-by: ASP.NET
content-length: 141

GET
H2 200 css_zYnuaIWKe4qw8IJE1gFMtUpd4gUvoTEXf3esempJMpA.css
www.ocorian.com/sites/default/files/css/ 28 KB
5 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocorian.com/sites/default/files/css/css_zYnuaIWKe4qw8IJE1gFMtUpd4gUvoTEXf3esempJMpA.css?q8evm4

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd89ee68858a7b8ab0f08244d6014cb54a5de2052fa131177f77ac7a6a493290

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1128022
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
cf-request-id: 0239b1062500000eb74d818200000001
x-request-id: sjdcmfwymvn2w37xxqd45clf
x-platform-cache: BYPASS
last-modified: Fri, 27 Mar 2020 15:07:57 GMT
server: cloudflare
etag: W/"5e7e16cd-70b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
content-type: text/css
cache-control: max-age=1209600
cf-ray: 586fb7836ffb0eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
expires: Tue, 21 Apr 2020 13:36:55 GMT

GET
H2 200 css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css
www.ocorian.com/sites/default/files/css/ 355 KB
42 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4d0675dbe3ad3f295ba282454fb18242fa9c201a3bebd6c36ff969c624b5945

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1132228
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
cf-request-id: 0239b1062500000eb74d819200000001
x-request-id: be6al6eo4mjb7rs36pj3riif
x-platform-cache: BYPASS
last-modified: Tue, 10 Mar 2020 14:17:05 GMT
server: cloudflare
etag: W/"5e67a161-58a27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
content-type: text/css
cache-control: max-age=1209600
cf-ray: 586fb7836ffd0eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
expires: Tue, 21 Apr 2020 12:26:49 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 67 KB
22 KB 10ms
7ms Script
application/javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3c05f4096f475a2c1a1e9f9a9d084da978a4700ee40a61f4e31e5e4aecdd1511

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:16 GMT
content-encoding: gzip
etag: "1f75d0444715d61:0"
last-modified: Sat, 18 Apr 2020 06:04:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: TCP_HIT
content-type: application/javascript
status: 200
cache-control: public,max-age=1200
x-azure-ref: 0TbidXgAAAAAgO5UwdEbRQpjBeC8M+QjyRlJBRURHRTEwMDcAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
x-azure-ref-originshield: 0grSdXgAAAACEL5tgtjVKRrabE1iMPUp9QU1TRURHRTA0MDcAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
accept-ranges: bytes
content-length: 22299

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
38 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e857f7862e121093f8e568eca067a2376b1e7ee6522e97e90925462558ffd4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39255
x-xss-protection: 0
last-modified: Mon, 20 Apr 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Apr 2020 14:57:17 GMT

GET
H2 200 mask-1.svg
www.ocorian.com/themes/octavia/dist/assets/ 697 B
542 B 30ms
28ms Image
image/svg+xml 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/themes/octavia/dist/assets/mask-1.svg

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a996325fc48b9b00e833fd26e3e4fb6a45d9255d12eca8b7f803f109a32334

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
Origin: https://www.ocorian.com

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 124
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
cf-request-id: 0239b1065e00000eb74d81e200000001
x-request-id: 5v2bx42a7yq2p673uqv7kkke
x-platform-cache: BYPASS
last-modified: Wed, 15 Apr 2020 10:00:29 GMT
server: cloudflare
etag: W/"5e96db3d-2b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
content-type: image/svg+xml
cache-control: max-age=300
cf-ray: 586fb783c90a0eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
expires: Mon, 20 Apr 2020 15:00:13 GMT

GET
H2 200 Option%201a%20%28FINAL%29_0.png
www.ocorian.com/sites/default/files/2020-02/ 2 MB
2 MB 21ms
20ms Image
image/png 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/sites/default/files/2020-02/Option%201a%20%28FINAL%29_0.png

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff6dd7b8226ecd7bc08c18c40bf2a997170b4640b7827dfcfdbc9e814e371063

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 124
cf-polished: origSize=1646453
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 1620713
cf-request-id: 0239b1065e00000eb74d81f200000001
x-request-id: 5hxcbjribm2famdrofabramn
x-platform-cache: BYPASS
last-modified: Thu, 06 Feb 2020 14:33:23 GMT
server: cloudflare
cache-control: max-age=300
etag: "5e3c23b3-191f75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb783c90d0eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
cf-bgj: imgq:100

GET
H2 200 cerapro-medium-webfont.woff2
www.ocorian.com/themes/octavia/dist/fonts/ 25 KB
25 KB 37ms
36ms Font
font/woff2 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocorian.com/themes/octavia/dist/fonts/cerapro-medium-webfont.woff2

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705e4925b039732052d927b27f70572d75ab526fe7831df44660100fe7a1f2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
Origin: https://www.ocorian.com

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 172
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 25092
cf-request-id: 0239b1065e00000eb74d820200000001
x-request-id: xdv7v3e34lo32ox4b6v5itqm
x-platform-cache: BYPASS
last-modified: Wed, 15 Apr 2020 10:00:29 GMT
server: cloudflare
cache-control: max-age=300
etag: "5e96db3d-6204"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb783c90e0eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
expires: Mon, 20 Apr 2020 14:59:25 GMT

GET
H2 200 fontawesome-webfont.woff2
www.ocorian.com/themes/contrib/bulma/assets/font-awesome/fonts/ 75 KB
76 KB 25ms
24ms Font
font/woff2 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocorian.com/themes/contrib/bulma/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
Origin: https://www.ocorian.com

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 172
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 77160
cf-request-id: 0239b1065e00000eb74d821200000001
x-request-id: atlaiaaaaaaaaaaaaaaaaaaa
x-platform-cache: BYPASS
last-modified: Thu, 23 May 2019 23:08:19 GMT
server: cloudflare
cache-control: max-age=300
etag: "5ce727e3-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb783c9100eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
expires: Mon, 20 Apr 2020 14:59:25 GMT

GET
H2 200 cerapro-regular-webfont.woff2
www.ocorian.com/themes/octavia/dist/fonts/ 24 KB
25 KB 25ms
25ms Font
font/woff2 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocorian.com/themes/octavia/dist/fonts/cerapro-regular-webfont.woff2

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23bb32359d72b97432d9a9ffb23e4e87e074e356ab75051284d07d21f88da1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
Origin: https://www.ocorian.com

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 172
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 24936
cf-request-id: 0239b1065e00000eb74d822200000001
x-request-id: tg7imhg5edjfqsalyr4i3bgk
x-platform-cache: BYPASS
last-modified: Wed, 15 Apr 2020 10:00:29 GMT
server: cloudflare
cache-control: max-age=300
etag: "5e96db3d-6168"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb783c9110eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
expires: Mon, 20 Apr 2020 14:59:25 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/97311ea7-4211-46a1-bd8c-122413009519/ 165 KB
40 KB 118ms
118ms Script
application/x-javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/97311ea7-4211-46a1-bd8c-122413009519/cc.js?renew=false&referer=www.ocorian.com&dnt=false&forceshow=false&cbid=97311ea7-4211-46a1-bd8c-122413009519&whitelabel=false&brandid=Cookiebot&framework=
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 7a502526193fc48d895533b6213bb46784e8f582edc7799a52b564dae127ea71

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:16 GMT
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 14:57:17 GMT
x-aspnet-version: 4.0.30319
status: 200
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1200
x-azure-ref: 0TbidXgAAAAABdG6anAzySpQh0QkqUf5wRlJBRURHRTEwMDcAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
access-control-allow-headers: cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 40760

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4723
date: Mon, 20 Apr 2020 13:38:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 20 Apr 2020 15:38:34 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 13ms
12ms Script
application/x-javascript 2a02:26f0:10c:39e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 14:57:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=65213
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
10 KB 32ms
31ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

0d5089eed925228b55540f5538192da7f723aeb5c2ed8d3faf11c60ccab67069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10621
x-xss-protection: 0
server: cafe
etag: 6655327481849056389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Apr 2020 14:57:17 GMT

GET
H2 200 y79g6m48.js Show response
l.getsitecontrol.com/ 504 B
1 KB 9ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/y79g6m48.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: beeea1d5a57664a16b48093b0dfec533fd6ca72cac7ca08ffd74f8b1554747d8

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: gzip
cdn-edgestorageid: 481
x-amz-request-id: 045674631FBE6719
status: 200
cdn-cachedat: 2020-04-01 12:28:02
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 364
x-amz-id-2: qd9RabtNe7B9YDKuFnKi2ptXP/aYL66PLUUOD+kTDOuK377HXhtJc9dG0nFs4tGFskGVoCfgkJo=
access-control-allow-origin: *
last-modified: Fri, 27 Mar 2020 16:23:31 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=2592000
cdn-requestid: 1e92160a16bbe42febf2d14b0098260f
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 5240.js Show response
script.crazyegg.com/pages/scripts/0035/ 88 KB
22 KB 13ms
12ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0035/5240.js?440943
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8545a9dadfa4c228a54797f4ce921dd61381186e012e57fbb0f01d09ba59f2c

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8446
status: 200
content-length: 22392
cf-request-id: 0239b106ae00001f290ea74200000001
last-modified: Mon, 20 Apr 2020 12:36:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 586fb7844eef1f29-FRA

GET
H2 200 tag.js Show response
re.tc/ 570 B
731 B 563ms
552ms Script
text/javascript 2606:4700:3035::681b:bea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://re.tc/tag.js?campaign_id=mrn6tqoq

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681b:bea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eeafda9f5f95c1b060b655325065b719e342748f00055ccaf68d5a64977f7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:18 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: BYPASS
status: 200
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: fae66771-d3a0-4133-8bdb-e320bb62e008
x-runtime: 0.017385
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"996284b71a548c843b28fbb4248951b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-request-id: 0239b106ba00001f19bda70200000001
cf-ray: 586fb7845fb61f19-FRA

GET
H/1.1

200
OK

34046
tags.bluekai.com/site/
Redirect Chain

https://ads.avocet.io/s?add=5da453dcb9da7b1f00741663&gtmcb=1165803903
https://ads.avct.cloud/s?r=1&uuid=0&add=5da453dcb9da7b1f00741663&gtmcb=1165803903
https://ads.avct.cloud/s?bounce=true&r=1&uuid=0&add=5da453dcb9da7b1f00741663&gtmcb=1165803903
https://tags.bluekai.com/site/34046?id=0

62 B
329 B

235ms
183ms

Image
image/gif

92.123.150.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/34046?id=0
Requested by: Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.150.214 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-150-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 14:57:18 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 448e
Content-Type: image/gif

Redirect headers

Location: https://tags.bluekai.com/site/34046?id=0
Date: Mon, 20 Apr 2020 14:57:17 GMT
Connection: keep-alive
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 0
Content-Type: image/gif

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1693543610&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ocorian.com%2F&ul=en-us&de=UTF-8&dt=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_gid=1409632630.1587394637&gjid=2030315607&_v=j81&z=675993259
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259&slf_rd=1&random=192595132

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259&slf_rd=1&random=192595132

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 14:57:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Apr 2020 14:57:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259&slf_rd=1&random=192595132
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Slide1_30.PNG
www.ocorian.com/sites/default/files/styles/large/public/2020-04/ 108 KB
109 KB 65ms
23ms Image
image/png 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/sites/default/files/styles/large/public/2020-04/Slide1_30.PNG?itok=GZzJqori

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15f259624fb124661f92292f2f7848fd79b4f2ec6a159f643c47db244348a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 124
cf-polished: origSize=130240
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 110821
cf-request-id: 0239b106f500000eb74d839200000001
x-request-id: zdaloucdqishp37byc744v2w
x-platform-cache: BYPASS
last-modified: Thu, 16 Apr 2020 08:47:35 GMT
server: cloudflare
cache-control: max-age=300
etag: "5e981ba7-1fcc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb784bc280eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
cf-bgj: imgq:100,h2pri

GET
H2 200 Slide1_7.PNG
www.ocorian.com/sites/default/files/styles/large/public/2020-04/ 190 KB
190 KB 63ms
21ms Image
image/png 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/sites/default/files/styles/large/public/2020-04/Slide1_7.PNG?itok=kjLzsw7v

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17257c80e9507fb0f6ccc4eb104503696822a154d2d0f946e53afa6254d4ccd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 124
cf-polished: origSize=220370
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 194096
cf-request-id: 0239b106f500000eb74d83a200000001
x-request-id: fg7yrixnjcisw7mph3g7vf2b
x-platform-cache: BYPASS
last-modified: Mon, 06 Apr 2020 11:25:30 GMT
server: cloudflare
cache-control: max-age=300
etag: "5e8b11aa-35cd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb784bc2d0eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
cf-bgj: imgq:100,h2pri

GET
H2 200 Ocorian%20logo%20-%20web.png
www.ocorian.com/sites/default/files/styles/large/public/2020-03/ 32 KB
32 KB 71ms
28ms Image
image/png 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/sites/default/files/styles/large/public/2020-03/Ocorian%20logo%20-%20web.png?itok=K4qo6siM

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e931e49e16e72cec55d25a2e799a4530bc3f7e1a7c51daae7c37298b610f7f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 124
cf-polished: origSize=47429
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 32467
cf-request-id: 0239b106f600000eb74d83b200000001
x-request-id: 3j2sl2lnrdcx2erqzd5yfd7f
x-platform-cache: BYPASS
last-modified: Thu, 12 Mar 2020 00:45:29 GMT
server: cloudflare
cache-control: max-age=300
etag: "5e698629-b945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb784bc2e0eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
cf-bgj: imgq:100,h2pri

GET
H2 200 Slide1_34.PNG
www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/ 79 KB
79 KB 76ms
34ms Image
image/png 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/Slide1_34.PNG?itok=gP0Qw2Uv

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f9269991092a0d0f2d87b104fbc367cb85794464879edf64b01392554e760b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 124
cf-polished: origSize=92875
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 80577
cf-request-id: 0239b106f600000eb74d83c200000001
x-request-id: dxyrqomboml6zs6mpbe5c7j2
x-platform-cache: BYPASS
last-modified: Mon, 20 Apr 2020 08:10:23 GMT
server: cloudflare
cache-control: max-age=300
etag: "5e9d58ef-16acb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb784bc300eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
cf-bgj: imgq:100,h2pri

GET
H2 200 WEB%20-%20A%20world%20interrupted%20the%20outlook%20for%20uk%20and%20european%20real%20estate%20investment%20%28shareable%29_0.png
www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/ 44 KB
44 KB 30ms
25ms Image
image/png 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/WEB%20-%20A%20world%20interrupted%20the%20outlook%20for%20uk%20and%20european%20real%20estate%20investment%20%28shareable%29_0.png?itok=d8yh4i-0

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a71d4b6324292ee35e416db58d1256119805c300549ae8167d91a3ba22fb1d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 124
cf-polished: origSize=52526
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 44824
cf-request-id: 0239b106f600000eb74d83d200000001
x-request-id: bunlus7qi7wgvbcvxf7ee7ij
x-platform-cache: BYPASS
last-modified: Thu, 16 Apr 2020 11:26:13 GMT
server: cloudflare
cache-control: max-age=300
etag: "5e9840d5-cd2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb784bc320eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
cf-bgj: imgq:100,h2pri

GET
H2 200 Slide1_23.PNG
www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/ 66 KB
66 KB 26ms
25ms Image
image/png 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/Slide1_23.PNG?itok=JCqlnmHJ

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41db5b67ad36cf50a9fa9ae1fb3df3bda6a3687ea7b2b5c0772f834b79068c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status: HIT
age: 124
cf-polished: origSize=79171
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
content-length: 67628
cf-request-id: 0239b1071100000eb74d843200000001
x-request-id: mhvc4ja2kx6y76jhottn6fmc
x-platform-cache: BYPASS
last-modified: Tue, 14 Apr 2020 11:21:09 GMT
server: cloudflare
cache-control: max-age=300
etag: "5e959ca5-13543"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
accept-ranges: bytes
cf-ray: 586fb784ecd90eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
cf-bgj: imgq:100,h2pri

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D316435%26url%3Dhttps%253A%252F%252Fwww.ocorian.com%252F%26time%3D1587394637550%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550&liSync=true

0
40 B

123ms
122ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550&liSync=true
Requested by: Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: tmi9RAOPBxbQuHnm5yoAAA==

Redirect headers

date: Mon, 20 Apr 2020 14:57:17 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
x-li-pop: prod-efr5
content-length: 0
x-li-uuid: TW9ZOwOPBxaA1ybpySoAAA==
pragma: no-cache
server: Play
cache-control: no-cache, no-store
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550&liSync=true
x-xss-protection: 1; mode=block
x-li-proto: http/2
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 y79g6m48.json Show response
l.getsitecontrol.com/ 49 KB
5 KB 207ms
204ms XHR
application/json 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/y79g6m48.json
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/y79g6m48.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 2b0cd510c1fe0a04b05f2e2d91013f108f50fa41ad7781fe1140f36bc70efff3

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: gzip
cdn-edgestorageid: 481
x-amz-request-id: 8DEA177F353FD62E
status: 200
cdn-cachedat: 2020-04-09 20:22:34
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 3923
x-amz-id-2: XbBvIhHmSEZRrondQPVM/nAA2pV2zI8wawrAsbO6rP2ahVxFe1xI94VDhSF3qcu+RYX5LFbReoI=
access-control-allow-origin: *
last-modified: Thu, 09 Apr 2020 20:08:40 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: dee692a412cf7f07ff67455443a53773
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 js_ZtCywm_pF5pJego1-y-X2aWMaIpJYp-Nuetzj7ZV6jU.js Show response
www.ocorian.com/sites/default/files/js/ 337 KB
94 KB 54ms
52ms Script
application/javascript 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocorian.com/sites/default/files/js/js_ZtCywm_pF5pJego1-y-X2aWMaIpJYp-Nuetzj7ZV6jU.js

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66d0b2c26fe9179a497a0a35fb2f97d9a58c688a49629f8db9eb738fb655ea35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 547484
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
cf-request-id: 0239b1071100000eb74d841200000001
x-request-id: anrnotu4h2jnrjdjntzjy7sx
x-platform-cache: BYPASS
last-modified: Fri, 27 Mar 2020 15:07:57 GMT
server: cloudflare
etag: W/"5e7e16cd-54241"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 586fb784ecd30eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
expires: Tue, 28 Apr 2020 06:52:33 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 94ms
39ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: "5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Mon, 20 Apr 2020 14:57:17 GMT
x-host: s7.addthis.com
content-length: 114924

GET
H2 200 mask-section-colours-filters.svg
www.ocorian.com/themes/octavia/dist/assets/ 2 KB
944 B 25ms
24ms Image
image/svg+xml 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/themes/octavia/dist/assets/mask-section-colours-filters.svg

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

747759d0fcd33ac1091b0ed3b55c844b21e66b629a535040c154ad9053def06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 124
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
cf-request-id: 0239b1071100000eb74d842200000001
x-request-id: dbxftzysv6x73knp34i5kmk2
x-platform-cache: BYPASS
last-modified: Wed, 15 Apr 2020 10:00:29 GMT
server: cloudflare
etag: W/"5e96db3d-6cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
content-type: image/svg+xml
cache-control: max-age=300
cf-ray: 586fb784ecd60eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
expires: Mon, 20 Apr 2020 15:00:13 GMT

GET
H2 200 mask-footer-1.svg
www.ocorian.com/themes/octavia/dist/assets/ 482 B
535 B 22ms
20ms Image
image/svg+xml 2606:4700:20::681a:330
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocorian.com/themes/octavia/dist/assets/mask-footer-1.svg

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3745b65a8e2b93d30f2a70fb0cc72da8a2a82f71e8085e0ec6057ec6a847d4ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 124
status: 200
x-platform-processor: dmgizizmng2ap6twck2ugpxw3q
strict-transport-security: max-age=0
cf-request-id: 0239b1071500000eb74d845200000001
x-request-id: ugqoev6vf462pobykrnzodfn
x-platform-cache: BYPASS
last-modified: Wed, 15 Apr 2020 10:00:29 GMT
server: cloudflare
etag: W/"5e96db3d-1e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster: db7zauf3vdndg-master-7rqtwti
content-type: image/svg+xml
cache-control: max-age=300
cf-ray: 586fb784ece40eb7-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: 5uvaaszulyu4sv7euwurnnurze
expires: Mon, 20 Apr 2020 15:00:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/723305902/ 43 B
247 B 17ms
16ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723305902/?random=1587394637595&cv=9&fst=1587394637595&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg480&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ocorian.com%2F&tiba=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&hn=www.googleadservices.com&us_privacy=1YYY&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 921 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 27ms
26ms Script
application/x-javascript 23.52.120.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.31 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17518
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5c62e825ebd046ff/ 2 KB
790 B 333ms
280ms Script
application/javascript 23.213.164.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5c62e825ebd046ff/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.164.135 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c63bfd17d2113a4767c0cb7fa2bd9c036b05a87a9da241831e58ddbe62f390cc

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:18 GMT
content-encoding: gzip
etag: 554677236--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=54, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 614

GET
H2 200 runtime.3.0.cab3397.js Show response
s2.getsitecontrol.com/widgets/es6/ 44 KB
17 KB 56ms
56ms Script
text/javascript 2a02:6ea0:c710::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.getsitecontrol.com/widgets/es6/runtime.3.0.cab3397.js
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/y79g6m48.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c710::2 , Germany, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-487 /
Resource Hash: fadab33f4d58f376cf1aa8aaa53dd6ce4148d1c26b3fa232396010d37b16c79d

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:17 GMT
content-encoding: br
cdn-edgestorageid: 487
x-amz-request-id: F7FAC96DB2FB0E70
status: 200
cdn-cachedat: 2020-04-04 12:41:35
cdn-pullzone: 83560
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: lBWUk2vTXd3/aJehL0aIrYLf+M5i48TB7W4Q4GNmSkzGxPFGaPT4ftWkDkvWNX31qeOeClSH8EU=
access-control-allow-origin: *
last-modified: Sat, 04 Apr 2020 12:31:03 GMT
server: BunnyCDN-DE1-487
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=22809600
cdn-requestid: fd9bd42888517e8dc5163cf09ad51c3e
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 events Show response
dash.getsitecontrol.com/api/v1/ 547 B
794 B 318ms
108ms Fetch
text/plain 54.209.164.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dash.getsitecontrol.com/api/v1/events?sid=149b0b81-cc40-4158-afac-00cf1fa566fc
Requested by: Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.3.0.cab3397.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.164.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-164-148.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: f43f677acfaaecfddb8931dd40dfac0dc1fffa8020b30efcb6a7e427e0c4d8ad

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:18 GMT
server: Getsitecontrol
status: 200
access-control-allow-methods: GET,POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 547

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://one.progmxs.com/seg?add=20640817&t=2
https://secure.adnxs.com/seg?add=20640817&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20640817%26t%3D2

43 B
1 KB

26ms
26ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20640817%26t%3D2

Requested by

Host: www.ocorian.com
URL: https://www.ocorian.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 14:57:20 GMT
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.111:80
AN-X-Request-Uuid: 97ed3ab6-4f87-4847-98c1-3425d57e0b38
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 14:57:20 GMT
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid: 23fd7b04-b8fa-47a7-a2ef-c34def21cea3
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20640817%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 land.js Show response
re.tc/ 752 B
780 B 516ms
516ms Script
text/javascript 2606:4700:3035::681b:bea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://re.tc/land.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681b:bea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a18f6032d308bd60d2969c1a7d31193c4de3e7d9f9b6165da8b187a3a8670693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 14:57:18 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: BYPASS
status: 200
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: cf0f6b17-6871-4f77-b654-2d71eb333e3a
x-runtime: 0.005676
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d4ff93be690b57ef747b09fdb1977f32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-request-id: 0239b108e500001f19bdaa9200000001
cf-ray: 586fb787d9ec1f19-FRA

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 29ms
29ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Mon, 20 Apr 2020 14:57:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 437ms
111ms Script
application/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 14:57:18 GMT
Content-Encoding: gzip
X-Pardot-Route: ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
Last-Modified: Fri, 13 Mar 2020 19:45:37 GMT
Server: PardotServer
ETag: "1442-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1842
Expires: Wed, 20 Apr 2022 14:57:18 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 2 KB
2 KB 284ms
283ms Script
text/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=39172&account_id=389882&title=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&url=https%3A%2F%2Fwww.ocorian.com%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 2bd7973988045c549d59c493c9afce44c5bfb6e13e558299c3493d5db0b8a9ee

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 14:57:19 GMT
Content-Encoding: gzip
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp: 17/7/223
Vary: Accept-Encoding,User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 856
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 200
OK analytics Show response
insights.ocorian.com/ 53 B
1 KB 509ms
191ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://insights.ocorian.com/analytics?conly=true&visitor_id=463032733&visitor_id_sign=687a03f8599f12ecbf286f9411a3c2c49970a8cab04de416059a2172dc3fec26cd4c2bbab56e79b6b02525ac91a712c39441de49&pi_opt_in=&campaign_id=39172&account_id=389882&title=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&url=https%3A%2F%2Fwww.ocorian.com%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=39172&account_id=389882&title=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&url=https%3A%2F%2Fwww.ocorian.com%2F&referrer=
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: a3663aa6b825e077ddf40b6e5e49fd5d57b8174f06afb0aa37fe86ac9ebfd698

Request headers

Referer: https://www.ocorian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 14:57:19 GMT
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Rsp: 17/6/95
Vary: User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 53
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ocorian.com/	1970-01-19 08:56:36	Name: __atuvs Value: 5e9db84d49e8c4dd000
www.ocorian.com/	1970-01-19 18:25:22	Name: __atuvc Value: 1%7C17
.ocorian.com/	1970-01-19 08:58:01	Name: _gid Value: GA1.2.1409632630.1587394637
.ocorian.com/	1970-01-19 08:56:34	Name: _gat_UA-80203265-2 Value: 1
.ocorian.com/	1970-01-20 02:27:46	Name: _ga Value: GA1.2.1840648575.1587394637
.ocorian.com/	1970-01-19 11:06:10	Name: _gcl_au Value: 1.1.1452228440.1587394637
.ocorian.com/	1970-01-19 09:39:46	Name: __cfduid Value: dfa0c5ba0963aadb4b6943c4b7050c9ca1587394637

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://re.tc/land.js(Line 13) Message: TypeError: Cannot read property 'getAttribute' of null
console-api	log	URL: https://re.tc/land.js(Line 14) Message: RetargetLinks => Couldn't find script element with data-campaign-id and data-name. Please copy tag again and ensure element properties are included.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avct.cloud
ads.avocet.io
consent.cookiebot.com
dash.getsitecontrol.com
estera.vuturevx.com
googleads.g.doubleclick.net
insights.ocorian.com
l.getsitecontrol.com
one.progmxs.com
pi.pardot.com
px.ads.linkedin.com
re.tc
s2.getsitecontrol.com
s7.addthis.com
script.crazyegg.com
secure.adnxs.com
sites-estera.vuturevx.com
snap.licdn.com
stats.g.doubleclick.net
tags.bluekai.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.ocorian.com
z.moatads.com
18.232.28.189
216.58.206.2
23.210.248.44
23.213.164.135
23.52.120.31
2606:4700:20::681a:330
2606:4700:3035::681b:bea7
2606:4700::6813:9308
2620:1ec:bdf::10
2a00:1450:4001:814::2003
2a00:1450:4001:818::2008
2a00:1450:4001:818::200e
2a00:1450:4001:81b::2004
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9c
2a00:f48:2000:1023::3
2a02:26f0:10c:39e::25ea
2a02:6ea0:c710::2
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
35.174.78.146
37.252.173.22
52.17.91.205
52.211.144.161
54.209.164.148
68.67.153.53
83.138.131.51
92.123.150.214
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d5089eed925228b55540f5538192da7f723aeb5c2ed8d3faf11c60ccab67069
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce
17257c80e9507fb0f6ccc4eb104503696822a154d2d0f946e53afa6254d4ccd8
1eeafda9f5f95c1b060b655325065b719e342748f00055ccaf68d5a64977f7e4
23bb32359d72b97432d9a9ffb23e4e87e074e356ab75051284d07d21f88da1e3
2a71d4b6324292ee35e416db58d1256119805c300549ae8167d91a3ba22fb1d5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0cd510c1fe0a04b05f2e2d91013f108f50fa41ad7781fe1140f36bc70efff3
2bd7973988045c549d59c493c9afce44c5bfb6e13e558299c3493d5db0b8a9ee
36a996325fc48b9b00e833fd26e3e4fb6a45d9255d12eca8b7f803f109a32334
3745b65a8e2b93d30f2a70fb0cc72da8a2a82f71e8085e0ec6057ec6a847d4ad
3c05f4096f475a2c1a1e9f9a9d084da978a4700ee40a61f4e31e5e4aecdd1511
41db5b67ad36cf50a9fa9ae1fb3df3bda6a3687ea7b2b5c0772f834b79068c78
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68
5f9269991092a0d0f2d87b104fbc367cb85794464879edf64b01392554e760b0
66d0b2c26fe9179a497a0a35fb2f97d9a58c688a49629f8db9eb738fb655ea35
705e4925b039732052d927b27f70572d75ab526fe7831df44660100fe7a1f2bb
747759d0fcd33ac1091b0ed3b55c844b21e66b629a535040c154ad9053def06c
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7a502526193fc48d895533b6213bb46784e8f582edc7799a52b564dae127ea71
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d
a18f6032d308bd60d2969c1a7d31193c4de3e7d9f9b6165da8b187a3a8670693
a3663aa6b825e077ddf40b6e5e49fd5d57b8174f06afb0aa37fe86ac9ebfd698
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
b15f259624fb124661f92292f2f7848fd79b4f2ec6a159f643c47db244348a2e
b4d0675dbe3ad3f295ba282454fb18242fa9c201a3bebd6c36ff969c624b5945
b8545a9dadfa4c228a54797f4ce921dd61381186e012e57fbb0f01d09ba59f2c
beeea1d5a57664a16b48093b0dfec533fd6ca72cac7ca08ffd74f8b1554747d8
c63bfd17d2113a4767c0cb7fa2bd9c036b05a87a9da241831e58ddbe62f390cc
cbed11299d16626b4f226f150aef4693d378bff2ec759e5e8295582609c3381f
cd89ee68858a7b8ab0f08244d6014cb54a5de2052fa131177f77ac7a6a493290
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e857f7862e121093f8e568eca067a2376b1e7ee6522e97e90925462558ffd4a6
e931e49e16e72cec55d25a2e799a4530bc3f7e1a7c51daae7c37298b610f7f09
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43f677acfaaecfddb8931dd40dfac0dc1fffa8020b30efcb6a7e427e0c4d8ad
fadab33f4d58f376cf1aa8aaa53dd6ce4148d1c26b3fa232396010d37b16c79d
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9
ff6dd7b8226ecd7bc08c18c40bf2a997170b4640b7827dfcfdbc9e814e371063

www.ocorian.com Open in urlscan Pro 2606:4700:20::681a:330 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

54 %IPv6

23 Domains

29 Subdomains

22 IPs

7 Countries

2770 kBTransfer

4305 kBSize

7 Cookies

45 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.ocorian.com Open in urlscan Pro
2606:4700:20::681a:330 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

54 %
IPv6

23
Domains

29
Subdomains

22
IPs

7
Countries

2770 kB
Transfer

4305 kB
Size

7
Cookies

42 HTTP transactions
4 data transactions