Submitted URL: https://sites-estera.vuturevx.com/e/hm0sfnkb7bwjkfa/491a28b2-eb79-48d3-900c-1e1a40cbb564
Effective URL: https://www.ocorian.com/
Submission: On April 20 via api from US

Summary

This website contacted 22 IPs in 7 countries across 23 domains to perform 42 HTTP transactions. The main IP is 2606:4700:20::681a:330, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ocorian.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 9th 2020. Valid for: 7 months.
This is the only time www.ocorian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 83.138.131.51 15395 (RACKSPACE...)
17 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::10 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 216.58.206.2 15169 (GOOGLE)
2 2a00:f48:2000... 47447 (TTM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 52.17.91.205 16509 (AMAZON-02)
2 2 52.211.144.161 16509 (AMAZON-02)
1 92.123.150.214 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
2 23.210.248.44 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.52.120.31 16625 (AKAMAI-AS)
1 23.213.164.135 16625 (AKAMAI-AS)
1 2a02:6ea0:c71... 60068 (CDN77)
1 54.209.164.148 14618 (AMAZON-AES)
1 1 68.67.153.53 29990 (ASN-APPNEX)
1 2 37.252.173.22 29990 (ASN-APPNEX)
2 35.174.78.146 14618 (AMAZON-AES)
1 18.232.28.189 14618 (AMAZON-AES)
42 22
Domain Requested by
17 www.ocorian.com www.ocorian.com
2 pi.pardot.com www.ocorian.com
pi.pardot.com
2 secure.adnxs.com 1 redirects www.ocorian.com
2 s7.addthis.com www.ocorian.com
s7.addthis.com
2 px.ads.linkedin.com 1 redirects www.ocorian.com
2 ads.avct.cloud 2 redirects
2 re.tc www.googletagmanager.com
2 l.getsitecontrol.com www.googletagmanager.com
l.getsitecontrol.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 consent.cookiebot.com www.ocorian.com
consent.cookiebot.com
2 sites-estera.vuturevx.com 2 redirects
1 insights.ocorian.com pi.pardot.com
1 one.progmxs.com 1 redirects
1 dash.getsitecontrol.com s2.getsitecontrol.com
1 s2.getsitecontrol.com l.getsitecontrol.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.linkedin.com 1 redirects
1 www.google.de www.ocorian.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 tags.bluekai.com www.ocorian.com
1 ads.avocet.io 1 redirects
1 script.crazyegg.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.googletagmanager.com www.ocorian.com
1 estera.vuturevx.com 1 redirects
42 29
Subject Issuer Validity Valid
ocorian.com
CloudFlare Inc ECC CA-2
2020-03-09 -
2020-10-09
7 months crt.sh
consent.cookiebot.com
Go Daddy Secure Certificate Authority - G2
2019-01-14 -
2021-01-08
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
www.googleadservices.com
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2
2020-03-05 -
2022-05-04
2 years crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-01-28 -
2020-08-05
6 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-08-26 -
2020-08-25
a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1
2020-04-14 -
2021-04-10
a year crt.sh
www.google.de
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2020-03-04 -
2020-09-04
6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2020-01-17 -
2021-03-17
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
pi.pardot.com
DigiCert SHA2 Secure Server CA
2019-12-26 -
2020-12-26
a year crt.sh
insights.ocorian.com
Let's Encrypt Authority X3
2020-04-16 -
2020-07-15
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ocorian.com/
Frame ID: 8FEBCA52B34BE71AA6369C157091D299
Requests: 46 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://sites-estera.vuturevx.com/e/hm0sfnkb7bwjkfa/491a28b2-eb79-48d3-900c-1e1a40cbb564 HTTP 302
    https://sites-estera.vuturevx.com/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a... HTTP 302
    https://estera.vuturevx.com/edit/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c... HTTP 302
    https://www.ocorian.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i

Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

42
Requests

100 %
HTTPS

54 %
IPv6

23
Domains

29
Subdomains

22
IPs

7
Countries

2770 kB
Transfer

4305 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sites-estera.vuturevx.com/e/hm0sfnkb7bwjkfa/491a28b2-eb79-48d3-900c-1e1a40cbb564 HTTP 302
    https://sites-estera.vuturevx.com/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a40cbb564 HTTP 302
    https://estera.vuturevx.com/edit/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a40cbb564 HTTP 302
    https://www.ocorian.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://ads.avocet.io/s?add=5da453dcb9da7b1f00741663&gtmcb=1165803903 HTTP 301
  • https://ads.avct.cloud/s?r=1&uuid=0&add=5da453dcb9da7b1f00741663&gtmcb=1165803903 HTTP 302
  • https://ads.avct.cloud/s?bounce=true&r=1&uuid=0&add=5da453dcb9da7b1f00741663&gtmcb=1165803903 HTTP 302
  • https://tags.bluekai.com/site/34046?id=0
Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1693543610&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ocorian.com%2F&ul=en-us&de=UTF-8&dt=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=906013213&gjid=2030315607&cid=1840648575.1587394637&tid=UA-80203265-2&_gid=1409632630.1587394637&_r=1&gtm=2wg480WZQLSV9&z=675993259 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_gid=1409632630.1587394637&gjid=2030315607&_v=j81&z=675993259 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259&slf_rd=1&random=192595132
Request Chain 24
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D316435%26url%3Dhttps%253A%252F%252Fwww.ocorian.com%252F%26time%3D1587394637550%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550&liSync=true
Request Chain 39
  • https://one.progmxs.com/seg?add=20640817&t=2 HTTP 302
  • https://secure.adnxs.com/seg?add=20640817&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20640817%26t%3D2

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.ocorian.com/
Redirect Chain
  • https://sites-estera.vuturevx.com/e/hm0sfnkb7bwjkfa/491a28b2-eb79-48d3-900c-1e1a40cbb564
  • https://sites-estera.vuturevx.com/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a40cbb564
  • https://estera.vuturevx.com/edit/email_handler.aspx?shortUrl=hm0sfnkb7bwjkfa&sid=491a28b2-eb79-48d3-900c-1e1a40cbb564
  • https://www.ocorian.com/
123 KB
22 KB
Document
General
Full URL
https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbed11299d16626b4f226f150aef4693d378bff2ec759e5e8295582609c3381f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.ocorian.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 14:57:17 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfa0c5ba0963aadb4b6943c4b7050c9ca1587394637; expires=Wed, 20-May-20 14:57:17 GMT; path=/; domain=.ocorian.com; HttpOnly; SameSite=Lax; Secure
cache-control
max-age=86400, public
content-language
en
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Mon, 20 Apr 2020 08:10:20 GMT
link
<https://www.ocorian.com/>; rel="shortlink", <https://www.ocorian.com/>; rel="canonical" <https://www.ocorian.com/node/13>; rel="revision"
strict-transport-security
max-age=0
vary
Cookie
x-content-type-options
nosniff
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-drupal-cache
HIT
x-drupal-cache-contexts
cookies:big_pipe_nojs languages:language_content languages:language_interface layout_builder_is_active:node route session.exists theme timezone url user.node_grants:view user.permissions user.roles:anonymous user.roles:authenticated
x-drupal-cache-tags
block_content:1 block_content_view block_view config:block.block.exposedformsearch_resultspage_1 config:block.block.exposedformsearch_resultspage_2 config:block.block.footerbranding config:block.block.footerlinks1 config:block.block.footerlinks2 config:block.block.footerlinks3 config:block.block.jurisdictionmapblock config:block.block.octavia_branding config:block.block.octavia_content config:block.block.octavia_help config:block.block.octavia_local_tasks config:block.block.octavia_main_menu config:block.block.octavia_messages config:block.block.octavia_page_title config:block.block.searchform config:block.block.secondarymenu config:block.block.socialmenu config:block.block.socialmenu_2 config:block.block.views_block__careers_block_1 config:block.block.views_block__core_services_services_block_1 config:block.block.views_block__events_block_1 config:block.block.views_block__jurisdictions_block_1 config:block.block.views_block__jurisdictions_block_2 config:block.block.views_block__news_insights_block_1 config:block.block.views_block__our_people_block_1 config:block.block.views_block__services_block_1 config:block_list config:color.theme.octavia config:core.entity_view_display.block_content.basic.default config:core.entity_view_display.paragraph.menu_link_block.default config:core.entity_view_display.simple_mega_menu.services_mega_menu.before config:field.storage.paragraph.field_image config:field.storage.paragraph.field_statistic_title config:field.storage.paragraph.field_statistic_value config:filter.format.basic_html config:filter.format.full_html config:google_analytics.settings config:image.style.card_listing_style config:image.style.large config:image.style.thumbnail config:paragraphs.settings config:search_api_autocomplete.search.search_results config:system.menu.footer-links-1 config:system.menu.footer-links-2 config:system.menu.footer-links-3 config:system.menu.main config:system.menu.secondary-menu config:system.menu.social-menu config:system.site config:user.role.anonymous config:views.view.core_services config:views.view.full_card_news_insights config:views.view.homepage_statistics config:views.view.news_insights config:views.view.upcoming_events file:4369 file:4370 file:4379 file:4382 file:4384 file:4765 file:4883 file:4913 file:4922 file:4928 file:4931 http_response local_task node:12 node:13 node:14 node:16 node:17 node:25 node:26 node:35 node:353 node:358 node:363 node:368 node:372 node:375 node:770 node:772 node:773 node:774 node:782 node:783 node:856 node:877 node:911 node:917 node:943 node:947 node:949 node:950 node:951 node_list node_view paragraph:1 paragraph:2 paragraph:3 paragraph:4 paragraph:423 paragraph:424 paragraph:425 paragraph:426 paragraph:427 paragraph:428 paragraph:5 paragraph_list paragraph_view rendered search_api_autocomplete_search_list:views:search_results simple_mega_menu:1 simple_mega_menu_view user:1 user:101 user:127 user:9
x-drupal-dynamic-cache
UNCACHEABLE
x-frame-options
SAMEORIGIN
x-generator
Drupal 8 (https://www.drupal.org)
x-platform-cache
HIT
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
x-platform-router
5uvaaszulyu4sv7euwurnnurze
x-request-id
vjd4ebudfvnw5i6higivq2q2
x-ua-compatible
IE=edge
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
586fb7826c570eb7-FRA
content-encoding
br
cf-request-id
0239b1058400000eb74d805200000001

Redirect headers

status
302
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Mon, 20 Apr 2020 14:57:16 GMT
location
https://www.ocorian.com/
expires
-1
pragma
no-cache
x-powered-by
ASP.NET
content-length
141
css_zYnuaIWKe4qw8IJE1gFMtUpd4gUvoTEXf3esempJMpA.css
www.ocorian.com/sites/default/files/css/
28 KB
5 KB
Stylesheet
General
Full URL
https://www.ocorian.com/sites/default/files/css/css_zYnuaIWKe4qw8IJE1gFMtUpd4gUvoTEXf3esempJMpA.css?q8evm4
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd89ee68858a7b8ab0f08244d6014cb54a5de2052fa131177f77ac7a6a493290
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1128022
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
cf-request-id
0239b1062500000eb74d818200000001
x-request-id
sjdcmfwymvn2w37xxqd45clf
x-platform-cache
BYPASS
last-modified
Fri, 27 Mar 2020 15:07:57 GMT
server
cloudflare
etag
W/"5e7e16cd-70b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
content-type
text/css
cache-control
max-age=1209600
cf-ray
586fb7836ffb0eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
expires
Tue, 21 Apr 2020 13:36:55 GMT
css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css
www.ocorian.com/sites/default/files/css/
355 KB
42 KB
Stylesheet
General
Full URL
https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d0675dbe3ad3f295ba282454fb18242fa9c201a3bebd6c36ff969c624b5945
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1132228
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
cf-request-id
0239b1062500000eb74d819200000001
x-request-id
be6al6eo4mjb7rs36pj3riif
x-platform-cache
BYPASS
last-modified
Tue, 10 Mar 2020 14:17:05 GMT
server
cloudflare
etag
W/"5e67a161-58a27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
content-type
text/css
cache-control
max-age=1209600
cf-ray
586fb7836ffd0eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
expires
Tue, 21 Apr 2020 12:26:49 GMT
uc.js
consent.cookiebot.com/
67 KB
22 KB
Script
General
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c05f4096f475a2c1a1e9f9a9d084da978a4700ee40a61f4e31e5e4aecdd1511

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:16 GMT
content-encoding
gzip
etag
"1f75d0444715d61:0"
last-modified
Sat, 18 Apr 2020 06:04:49 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
status
200
cache-control
public,max-age=1200
x-azure-ref
0TbidXgAAAAAgO5UwdEbRQpjBeC8M+QjyRlJBRURHRTEwMDcAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
x-azure-ref-originshield
0grSdXgAAAACEL5tgtjVKRrabE1iMPUp9QU1TRURHRTA0MDcAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
accept-ranges
bytes
content-length
22299
gtm.js
www.googletagmanager.com/
117 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e857f7862e121093f8e568eca067a2376b1e7ee6522e97e90925462558ffd4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39255
x-xss-protection
0
last-modified
Mon, 20 Apr 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Apr 2020 14:57:17 GMT
mask-1.svg
www.ocorian.com/themes/octavia/dist/assets/
697 B
542 B
Image
General
Full URL
https://www.ocorian.com/themes/octavia/dist/assets/mask-1.svg
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a996325fc48b9b00e833fd26e3e4fb6a45d9255d12eca8b7f803f109a32334
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
Origin
https://www.ocorian.com

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
124
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
cf-request-id
0239b1065e00000eb74d81e200000001
x-request-id
5v2bx42a7yq2p673uqv7kkke
x-platform-cache
BYPASS
last-modified
Wed, 15 Apr 2020 10:00:29 GMT
server
cloudflare
etag
W/"5e96db3d-2b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
content-type
image/svg+xml
cache-control
max-age=300
cf-ray
586fb783c90a0eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
expires
Mon, 20 Apr 2020 15:00:13 GMT
Option%201a%20%28FINAL%29_0.png
www.ocorian.com/sites/default/files/2020-02/
2 MB
2 MB
Image
General
Full URL
https://www.ocorian.com/sites/default/files/2020-02/Option%201a%20%28FINAL%29_0.png
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6dd7b8226ecd7bc08c18c40bf2a997170b4640b7827dfcfdbc9e814e371063
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
124
cf-polished
origSize=1646453
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
1620713
cf-request-id
0239b1065e00000eb74d81f200000001
x-request-id
5hxcbjribm2famdrofabramn
x-platform-cache
BYPASS
last-modified
Thu, 06 Feb 2020 14:33:23 GMT
server
cloudflare
cache-control
max-age=300
etag
"5e3c23b3-191f75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb783c90d0eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
cf-bgj
imgq:100
cerapro-medium-webfont.woff2
www.ocorian.com/themes/octavia/dist/fonts/
25 KB
25 KB
Font
General
Full URL
https://www.ocorian.com/themes/octavia/dist/fonts/cerapro-medium-webfont.woff2
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705e4925b039732052d927b27f70572d75ab526fe7831df44660100fe7a1f2bb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
Origin
https://www.ocorian.com

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
172
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
25092
cf-request-id
0239b1065e00000eb74d820200000001
x-request-id
xdv7v3e34lo32ox4b6v5itqm
x-platform-cache
BYPASS
last-modified
Wed, 15 Apr 2020 10:00:29 GMT
server
cloudflare
cache-control
max-age=300
etag
"5e96db3d-6204"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb783c90e0eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
expires
Mon, 20 Apr 2020 14:59:25 GMT
fontawesome-webfont.woff2
www.ocorian.com/themes/contrib/bulma/assets/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.ocorian.com/themes/contrib/bulma/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
Origin
https://www.ocorian.com

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
172
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
77160
cf-request-id
0239b1065e00000eb74d821200000001
x-request-id
atlaiaaaaaaaaaaaaaaaaaaa
x-platform-cache
BYPASS
last-modified
Thu, 23 May 2019 23:08:19 GMT
server
cloudflare
cache-control
max-age=300
etag
"5ce727e3-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb783c9100eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
expires
Mon, 20 Apr 2020 14:59:25 GMT
cerapro-regular-webfont.woff2
www.ocorian.com/themes/octavia/dist/fonts/
24 KB
25 KB
Font
General
Full URL
https://www.ocorian.com/themes/octavia/dist/fonts/cerapro-regular-webfont.woff2
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bb32359d72b97432d9a9ffb23e4e87e074e356ab75051284d07d21f88da1e3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
Origin
https://www.ocorian.com

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
172
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
24936
cf-request-id
0239b1065e00000eb74d822200000001
x-request-id
tg7imhg5edjfqsalyr4i3bgk
x-platform-cache
BYPASS
last-modified
Wed, 15 Apr 2020 10:00:29 GMT
server
cloudflare
cache-control
max-age=300
etag
"5e96db3d-6168"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb783c9110eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
expires
Mon, 20 Apr 2020 14:59:25 GMT
cc.js
consent.cookiebot.com/97311ea7-4211-46a1-bd8c-122413009519/
165 KB
40 KB
Script
General
Full URL
https://consent.cookiebot.com/97311ea7-4211-46a1-bd8c-122413009519/cc.js?renew=false&referer=www.ocorian.com&dnt=false&forceshow=false&cbid=97311ea7-4211-46a1-bd8c-122413009519&whitelabel=false&brandid=Cookiebot&framework=
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
7a502526193fc48d895533b6213bb46784e8f582edc7799a52b564dae127ea71

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:16 GMT
content-encoding
gzip
last-modified
Mon, 20 Apr 2020 14:57:17 GMT
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1200
x-azure-ref
0TbidXgAAAAABdG6anAzySpQh0QkqUf5wRlJBRURHRTEwMDcAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
access-control-allow-headers
cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
40760
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4723
date
Mon, 20 Apr 2020 13:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Mon, 20 Apr 2020 15:38:34 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
3 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 14:57:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=65213
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
conversion_async.js
www.googleadservices.com/pagead/
28 KB
10 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
0d5089eed925228b55540f5538192da7f723aeb5c2ed8d3faf11c60ccab67069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10621
x-xss-protection
0
server
cafe
etag
6655327481849056389
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Apr 2020 14:57:17 GMT
y79g6m48.js
l.getsitecontrol.com/
504 B
1 KB
Script
General
Full URL
https://l.getsitecontrol.com/y79g6m48.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
beeea1d5a57664a16b48093b0dfec533fd6ca72cac7ca08ffd74f8b1554747d8

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
gzip
cdn-edgestorageid
481
x-amz-request-id
045674631FBE6719
status
200
cdn-cachedat
2020-04-01 12:28:02
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
364
x-amz-id-2
qd9RabtNe7B9YDKuFnKi2ptXP/aYL66PLUUOD+kTDOuK377HXhtJc9dG0nFs4tGFskGVoCfgkJo=
access-control-allow-origin
*
last-modified
Fri, 27 Mar 2020 16:23:31 GMT
server
BunnyCDN-DE1-481
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=2592000
cdn-requestid
1e92160a16bbe42febf2d14b0098260f
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
5240.js
script.crazyegg.com/pages/scripts/0035/
88 KB
22 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0035/5240.js?440943
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8545a9dadfa4c228a54797f4ce921dd61381186e012e57fbb0f01d09ba59f2c

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
8446
status
200
content-length
22392
cf-request-id
0239b106ae00001f290ea74200000001
last-modified
Mon, 20 Apr 2020 12:36:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
cf-ray
586fb7844eef1f29-FRA
tag.js
re.tc/
570 B
731 B
Script
General
Full URL
https://re.tc/tag.js?campaign_id=mrn6tqoq
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:bea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eeafda9f5f95c1b060b655325065b719e342748f00055ccaf68d5a64977f7e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:18 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
BYPASS
status
200
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
fae66771-d3a0-4133-8bdb-e320bb62e008
x-runtime
0.017385
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"996284b71a548c843b28fbb4248951b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-request-id
0239b106ba00001f19bda70200000001
cf-ray
586fb7845fb61f19-FRA
34046
tags.bluekai.com/site/
Redirect Chain
  • https://ads.avocet.io/s?add=5da453dcb9da7b1f00741663&gtmcb=1165803903
  • https://ads.avct.cloud/s?r=1&uuid=0&add=5da453dcb9da7b1f00741663&gtmcb=1165803903
  • https://ads.avct.cloud/s?bounce=true&r=1&uuid=0&add=5da453dcb9da7b1f00741663&gtmcb=1165803903
  • https://tags.bluekai.com/site/34046?id=0
62 B
329 B
Image
General
Full URL
https://tags.bluekai.com/site/34046?id=0
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.150.214 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-150-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 14:57:18 GMT
X-N
S
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
448e
Content-Type
image/gif

Redirect headers

Location
https://tags.bluekai.com/site/34046?id=0
Date
Mon, 20 Apr 2020 14:57:17 GMT
Connection
keep-alive
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
0
Content-Type
image/gif
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1693543610&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ocorian.com%2F&ul=en-us&de=UTF-8&dt=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_gid=1409632630.1587394637&gjid=2030315607&_v=j81&z=675993259
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259&slf_rd=1&random=192595132
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259&slf_rd=1&random=192595132
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Apr 2020 14:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Apr 2020 14:57:17 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80203265-2&cid=1840648575.1587394637&jid=906013213&_v=j81&z=675993259&slf_rd=1&random=192595132
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Slide1_30.PNG
www.ocorian.com/sites/default/files/styles/large/public/2020-04/
108 KB
109 KB
Image
General
Full URL
https://www.ocorian.com/sites/default/files/styles/large/public/2020-04/Slide1_30.PNG?itok=GZzJqori
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b15f259624fb124661f92292f2f7848fd79b4f2ec6a159f643c47db244348a2e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
124
cf-polished
origSize=130240
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
110821
cf-request-id
0239b106f500000eb74d839200000001
x-request-id
zdaloucdqishp37byc744v2w
x-platform-cache
BYPASS
last-modified
Thu, 16 Apr 2020 08:47:35 GMT
server
cloudflare
cache-control
max-age=300
etag
"5e981ba7-1fcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb784bc280eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
cf-bgj
imgq:100,h2pri
Slide1_7.PNG
www.ocorian.com/sites/default/files/styles/large/public/2020-04/
190 KB
190 KB
Image
General
Full URL
https://www.ocorian.com/sites/default/files/styles/large/public/2020-04/Slide1_7.PNG?itok=kjLzsw7v
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17257c80e9507fb0f6ccc4eb104503696822a154d2d0f946e53afa6254d4ccd8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
124
cf-polished
origSize=220370
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
194096
cf-request-id
0239b106f500000eb74d83a200000001
x-request-id
fg7yrixnjcisw7mph3g7vf2b
x-platform-cache
BYPASS
last-modified
Mon, 06 Apr 2020 11:25:30 GMT
server
cloudflare
cache-control
max-age=300
etag
"5e8b11aa-35cd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb784bc2d0eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
cf-bgj
imgq:100,h2pri
Ocorian%20logo%20-%20web.png
www.ocorian.com/sites/default/files/styles/large/public/2020-03/
32 KB
32 KB
Image
General
Full URL
https://www.ocorian.com/sites/default/files/styles/large/public/2020-03/Ocorian%20logo%20-%20web.png?itok=K4qo6siM
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e931e49e16e72cec55d25a2e799a4530bc3f7e1a7c51daae7c37298b610f7f09
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
124
cf-polished
origSize=47429
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
32467
cf-request-id
0239b106f600000eb74d83b200000001
x-request-id
3j2sl2lnrdcx2erqzd5yfd7f
x-platform-cache
BYPASS
last-modified
Thu, 12 Mar 2020 00:45:29 GMT
server
cloudflare
cache-control
max-age=300
etag
"5e698629-b945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb784bc2e0eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
cf-bgj
imgq:100,h2pri
Slide1_34.PNG
www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/
79 KB
79 KB
Image
General
Full URL
https://www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/Slide1_34.PNG?itok=gP0Qw2Uv
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9269991092a0d0f2d87b104fbc367cb85794464879edf64b01392554e760b0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
124
cf-polished
origSize=92875
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
80577
cf-request-id
0239b106f600000eb74d83c200000001
x-request-id
dxyrqomboml6zs6mpbe5c7j2
x-platform-cache
BYPASS
last-modified
Mon, 20 Apr 2020 08:10:23 GMT
server
cloudflare
cache-control
max-age=300
etag
"5e9d58ef-16acb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb784bc300eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
cf-bgj
imgq:100,h2pri
WEB%20-%20A%20world%20interrupted%20the%20outlook%20for%20uk%20and%20european%20real%20estate%20investment%20%28shareable%29_0.png
www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/
44 KB
44 KB
Image
General
Full URL
https://www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/WEB%20-%20A%20world%20interrupted%20the%20outlook%20for%20uk%20and%20european%20real%20estate%20investment%20%28shareable%29_0.png?itok=d8yh4i-0
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a71d4b6324292ee35e416db58d1256119805c300549ae8167d91a3ba22fb1d5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
124
cf-polished
origSize=52526
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
44824
cf-request-id
0239b106f600000eb74d83d200000001
x-request-id
bunlus7qi7wgvbcvxf7ee7ij
x-platform-cache
BYPASS
last-modified
Thu, 16 Apr 2020 11:26:13 GMT
server
cloudflare
cache-control
max-age=300
etag
"5e9840d5-cd2e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb784bc320eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
cf-bgj
imgq:100,h2pri
Slide1_23.PNG
www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/
66 KB
66 KB
Image
General
Full URL
https://www.ocorian.com/sites/default/files/styles/card_listing_style/public/2020-04/Slide1_23.PNG?itok=JCqlnmHJ
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41db5b67ad36cf50a9fa9ae1fb3df3bda6a3687ea7b2b5c0772f834b79068c78
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
cf-cache-status
HIT
age
124
cf-polished
origSize=79171
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
content-length
67628
cf-request-id
0239b1071100000eb74d843200000001
x-request-id
mhvc4ja2kx6y76jhottn6fmc
x-platform-cache
BYPASS
last-modified
Tue, 14 Apr 2020 11:21:09 GMT
server
cloudflare
cache-control
max-age=300
etag
"5e959ca5-13543"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 20 Apr 2020 15:00:13 GMT
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
accept-ranges
bytes
cf-ray
586fb784ecd90eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
cf-bgj
imgq:100,h2pri
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D316435%26url%3Dhttps%253A%252F%252Fwww.ocorian.com%252F%26time%3D1587394637550%26...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550&liSync=true
0
40 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550&liSync=true
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
tmi9RAOPBxbQuHnm5yoAAA==

Redirect headers

date
Mon, 20 Apr 2020 14:57:17 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
x-li-pop
prod-efr5
content-length
0
x-li-uuid
TW9ZOwOPBxaA1ybpySoAAA==
pragma
no-cache
server
Play
cache-control
no-cache, no-store
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316435&url=https%3A%2F%2Fwww.ocorian.com%2F&time=1587394637550&liSync=true
x-xss-protection
1; mode=block
x-li-proto
http/2
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
expires
Thu, 01 Jan 1970 00:00:00 GMT
y79g6m48.json
l.getsitecontrol.com/
49 KB
5 KB
XHR
General
Full URL
https://l.getsitecontrol.com/y79g6m48.json
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/y79g6m48.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
2b0cd510c1fe0a04b05f2e2d91013f108f50fa41ad7781fe1140f36bc70efff3

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
gzip
cdn-edgestorageid
481
x-amz-request-id
8DEA177F353FD62E
status
200
cdn-cachedat
2020-04-09 20:22:34
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
3923
x-amz-id-2
XbBvIhHmSEZRrondQPVM/nAA2pV2zI8wawrAsbO6rP2ahVxFe1xI94VDhSF3qcu+RYX5LFbReoI=
access-control-allow-origin
*
last-modified
Thu, 09 Apr 2020 20:08:40 GMT
server
BunnyCDN-DE1-481
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=5
cdn-requestid
dee692a412cf7f07ff67455443a53773
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
js_ZtCywm_pF5pJego1-y-X2aWMaIpJYp-Nuetzj7ZV6jU.js
www.ocorian.com/sites/default/files/js/
337 KB
94 KB
Script
General
Full URL
https://www.ocorian.com/sites/default/files/js/js_ZtCywm_pF5pJego1-y-X2aWMaIpJYp-Nuetzj7ZV6jU.js
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66d0b2c26fe9179a497a0a35fb2f97d9a58c688a49629f8db9eb738fb655ea35
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
547484
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
cf-request-id
0239b1071100000eb74d841200000001
x-request-id
anrnotu4h2jnrjdjntzjy7sx
x-platform-cache
BYPASS
last-modified
Fri, 27 Mar 2020 15:07:57 GMT
server
cloudflare
etag
W/"5e7e16cd-54241"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
586fb784ecd30eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
expires
Tue, 28 Apr 2020 06:52:33 GMT
addthis_widget.js
s7.addthis.com/js/300/
349 KB
113 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Jan 2020 20:57:37 GMT
server
nginx/1.15.8
etag
"5e2765c1-57446"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Mon, 20 Apr 2020 14:57:17 GMT
x-host
s7.addthis.com
content-length
114924
mask-section-colours-filters.svg
www.ocorian.com/themes/octavia/dist/assets/
2 KB
944 B
Image
General
Full URL
https://www.ocorian.com/themes/octavia/dist/assets/mask-section-colours-filters.svg
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747759d0fcd33ac1091b0ed3b55c844b21e66b629a535040c154ad9053def06c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
124
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
cf-request-id
0239b1071100000eb74d842200000001
x-request-id
dbxftzysv6x73knp34i5kmk2
x-platform-cache
BYPASS
last-modified
Wed, 15 Apr 2020 10:00:29 GMT
server
cloudflare
etag
W/"5e96db3d-6cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
content-type
image/svg+xml
cache-control
max-age=300
cf-ray
586fb784ecd60eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
expires
Mon, 20 Apr 2020 15:00:13 GMT
mask-footer-1.svg
www.ocorian.com/themes/octavia/dist/assets/
482 B
535 B
Image
General
Full URL
https://www.ocorian.com/themes/octavia/dist/assets/mask-footer-1.svg
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:330 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3745b65a8e2b93d30f2a70fb0cc72da8a2a82f71e8085e0ec6057ec6a847d4ad
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.ocorian.com/sites/default/files/css/css_tNBnXb460_KVuigkVPsYJC-pwgGjvr1sNv-WnGJLWUU.css?q8evm4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
124
status
200
x-platform-processor
dmgizizmng2ap6twck2ugpxw3q
strict-transport-security
max-age=0
cf-request-id
0239b1071500000eb74d845200000001
x-request-id
ugqoev6vf462pobykrnzodfn
x-platform-cache
BYPASS
last-modified
Wed, 15 Apr 2020 10:00:29 GMT
server
cloudflare
etag
W/"5e96db3d-1e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-platform-cluster
db7zauf3vdndg-master-7rqtwti
content-type
image/svg+xml
cache-control
max-age=300
cf-ray
586fb784ece40eb7-FRA
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-router
5uvaaszulyu4sv7euwurnnurze
expires
Mon, 20 Apr 2020 15:00:13 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/723305902/
43 B
247 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723305902/?random=1587394637595&cv=9&fst=1587394637595&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg480&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ocorian.com%2F&tiba=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&hn=www.googleadservices.com&us_privacy=1YYY&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
921 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
973 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.31 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-31.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=17518
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5c62e825ebd046ff/
2 KB
790 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-5c62e825ebd046ff/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.164.135 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c63bfd17d2113a4767c0cb7fa2bd9c036b05a87a9da241831e58ddbe62f390cc

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:18 GMT
content-encoding
gzip
etag
554677236--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=54, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
614
runtime.3.0.cab3397.js
s2.getsitecontrol.com/widgets/es6/
44 KB
17 KB
Script
General
Full URL
https://s2.getsitecontrol.com/widgets/es6/runtime.3.0.cab3397.js
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/y79g6m48.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c710::2 , Germany, ASN60068 (CDN77, GB),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
fadab33f4d58f376cf1aa8aaa53dd6ce4148d1c26b3fa232396010d37b16c79d

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:17 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
F7FAC96DB2FB0E70
status
200
cdn-cachedat
2020-04-04 12:41:35
cdn-pullzone
83560
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
lBWUk2vTXd3/aJehL0aIrYLf+M5i48TB7W4Q4GNmSkzGxPFGaPT4ftWkDkvWNX31qeOeClSH8EU=
access-control-allow-origin
*
last-modified
Sat, 04 Apr 2020 12:31:03 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=22809600
cdn-requestid
fd9bd42888517e8dc5163cf09ad51c3e
cdn-requestcountrycode
DE
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
events
dash.getsitecontrol.com/api/v1/
547 B
794 B
Fetch
General
Full URL
https://dash.getsitecontrol.com/api/v1/events?sid=149b0b81-cc40-4158-afac-00cf1fa566fc
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.3.0.cab3397.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.164.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-164-148.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
f43f677acfaaecfddb8931dd40dfac0dc1fffa8020b30efcb6a7e427e0c4d8ad

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:18 GMT
server
Getsitecontrol
status
200
access-control-allow-methods
GET,POST
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
547
bounce
secure.adnxs.com/
Redirect Chain
  • https://one.progmxs.com/seg?add=20640817&t=2
  • https://secure.adnxs.com/seg?add=20640817&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20640817%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20640817%26t%3D2
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 14:57:20 GMT
X-Proxy-Origin
82.102.19.133; 82.102.19.133; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.111:80
AN-X-Request-Uuid
97ed3ab6-4f87-4847-98c1-3425d57e0b38
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 14:57:20 GMT
X-Proxy-Origin
82.102.19.133; 82.102.19.133; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid
23fd7b04-b8fa-47a7-a2ef-c34def21cea3
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20640817%26t%3D2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
land.js
re.tc/
752 B
780 B
Script
General
Full URL
https://re.tc/land.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQLSV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:bea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a18f6032d308bd60d2969c1a7d31193c4de3e7d9f9b6165da8b187a3a8670693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 14:57:18 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
BYPASS
status
200
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
cf0f6b17-6871-4f77-b654-2d71eb333e3a
x-runtime
0.005676
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d4ff93be690b57ef747b09fdb1977f32"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-request-id
0239b108e500001f19bdaa9200000001
cf-ray
586fb787d9ec1f19-FRA
layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Mon, 20 Apr 2020 14:57:18 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77528
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.ocorian.com
URL: https://www.ocorian.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 14:57:18 GMT
Content-Encoding
gzip
X-Pardot-Route
ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
Last-Modified
Fri, 13 Mar 2020 19:45:37 GMT
Server
PardotServer
ETag
"1442-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1842
Expires
Wed, 20 Apr 2022 14:57:18 GMT
analytics
pi.pardot.com/
2 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=39172&account_id=389882&title=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&url=https%3A%2F%2Fwww.ocorian.com%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
2bd7973988045c549d59c493c9afce44c5bfb6e13e558299c3493d5db0b8a9ee

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 14:57:19 GMT
Content-Encoding
gzip
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp
17/7/223
Vary
Accept-Encoding,User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
856
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
insights.ocorian.com/
53 B
1 KB
Script
General
Full URL
https://insights.ocorian.com/analytics?conly=true&visitor_id=463032733&visitor_id_sign=687a03f8599f12ecbf286f9411a3c2c49970a8cab04de416059a2172dc3fec26cd4c2bbab56e79b6b02525ac91a712c39441de49&pi_opt_in=&campaign_id=39172&account_id=389882&title=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&url=https%3A%2F%2Fwww.ocorian.com%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=39172&account_id=389882&title=Promoting%20%26%20Protecting%20Investment%20%7C%20Ocorian&url=https%3A%2F%2Fwww.ocorian.com%2F&referrer=
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-6-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
a3663aa6b825e077ddf40b6e5e49fd5d57b8174f06afb0aa37fe86ac9ebfd698

Request headers

Referer
https://www.ocorian.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 14:57:19 GMT
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Rsp
17/6/95
Vary
User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
53
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage object| CookieConsent object| CookieControl object| Cookiebot boolean| iframeReady object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| gsc string| piAId string| piCId string| piHostname object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk object| CE2BH object| CE2 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| CookiebotDialog object| CookieConsentDialog object| that object| cookieTable number| j function| _toConsumableArray function| domready undefined| $ function| jQuery function| _ object| Backbone object| drupalSettings object| Drupal function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config object| google_noFurtherRedirects function| onYouTubeIframeAPIReady boolean| __@@##MUH object| webpackJsonp_getsitecontrol object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse

7 Cookies

Domain/Path Name / Value
www.ocorian.com/ Name: __atuvs
Value: 5e9db84d49e8c4dd000
www.ocorian.com/ Name: __atuvc
Value: 1%7C17
.ocorian.com/ Name: _gid
Value: GA1.2.1409632630.1587394637
.ocorian.com/ Name: _gat_UA-80203265-2
Value: 1
.ocorian.com/ Name: _ga
Value: GA1.2.1840648575.1587394637
.ocorian.com/ Name: _gcl_au
Value: 1.1.1452228440.1587394637
.ocorian.com/ Name: __cfduid
Value: dfa0c5ba0963aadb4b6943c4b7050c9ca1587394637

2 Console Messages

Source Level URL
Text
console-api log URL: https://re.tc/land.js(Line 13)
Message:
TypeError: Cannot read property 'getAttribute' of null
console-api log URL: https://re.tc/land.js(Line 14)
Message:
RetargetLinks => Couldn't find script element with data-campaign-id and data-name. Please copy tag again and ensure element properties are included.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avct.cloud
ads.avocet.io
consent.cookiebot.com
dash.getsitecontrol.com
estera.vuturevx.com
googleads.g.doubleclick.net
insights.ocorian.com
l.getsitecontrol.com
one.progmxs.com
pi.pardot.com
px.ads.linkedin.com
re.tc
s2.getsitecontrol.com
s7.addthis.com
script.crazyegg.com
secure.adnxs.com
sites-estera.vuturevx.com
snap.licdn.com
stats.g.doubleclick.net
tags.bluekai.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.ocorian.com
z.moatads.com
18.232.28.189
216.58.206.2
23.210.248.44
23.213.164.135
23.52.120.31
2606:4700:20::681a:330
2606:4700:3035::681b:bea7
2606:4700::6813:9308
2620:1ec:bdf::10
2a00:1450:4001:814::2003
2a00:1450:4001:818::2008
2a00:1450:4001:818::200e
2a00:1450:4001:81b::2004
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9c
2a00:f48:2000:1023::3
2a02:26f0:10c:39e::25ea
2a02:6ea0:c710::2
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
35.174.78.146
37.252.173.22
52.17.91.205
52.211.144.161
54.209.164.148
68.67.153.53
83.138.131.51
92.123.150.214
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d5089eed925228b55540f5538192da7f723aeb5c2ed8d3faf11c60ccab67069
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce
17257c80e9507fb0f6ccc4eb104503696822a154d2d0f946e53afa6254d4ccd8
1eeafda9f5f95c1b060b655325065b719e342748f00055ccaf68d5a64977f7e4
23bb32359d72b97432d9a9ffb23e4e87e074e356ab75051284d07d21f88da1e3
2a71d4b6324292ee35e416db58d1256119805c300549ae8167d91a3ba22fb1d5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0cd510c1fe0a04b05f2e2d91013f108f50fa41ad7781fe1140f36bc70efff3
2bd7973988045c549d59c493c9afce44c5bfb6e13e558299c3493d5db0b8a9ee
36a996325fc48b9b00e833fd26e3e4fb6a45d9255d12eca8b7f803f109a32334
3745b65a8e2b93d30f2a70fb0cc72da8a2a82f71e8085e0ec6057ec6a847d4ad
3c05f4096f475a2c1a1e9f9a9d084da978a4700ee40a61f4e31e5e4aecdd1511
41db5b67ad36cf50a9fa9ae1fb3df3bda6a3687ea7b2b5c0772f834b79068c78
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68
5f9269991092a0d0f2d87b104fbc367cb85794464879edf64b01392554e760b0
66d0b2c26fe9179a497a0a35fb2f97d9a58c688a49629f8db9eb738fb655ea35
705e4925b039732052d927b27f70572d75ab526fe7831df44660100fe7a1f2bb
747759d0fcd33ac1091b0ed3b55c844b21e66b629a535040c154ad9053def06c
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7a502526193fc48d895533b6213bb46784e8f582edc7799a52b564dae127ea71
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d
a18f6032d308bd60d2969c1a7d31193c4de3e7d9f9b6165da8b187a3a8670693
a3663aa6b825e077ddf40b6e5e49fd5d57b8174f06afb0aa37fe86ac9ebfd698
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
b15f259624fb124661f92292f2f7848fd79b4f2ec6a159f643c47db244348a2e
b4d0675dbe3ad3f295ba282454fb18242fa9c201a3bebd6c36ff969c624b5945
b8545a9dadfa4c228a54797f4ce921dd61381186e012e57fbb0f01d09ba59f2c
beeea1d5a57664a16b48093b0dfec533fd6ca72cac7ca08ffd74f8b1554747d8
c63bfd17d2113a4767c0cb7fa2bd9c036b05a87a9da241831e58ddbe62f390cc
cbed11299d16626b4f226f150aef4693d378bff2ec759e5e8295582609c3381f
cd89ee68858a7b8ab0f08244d6014cb54a5de2052fa131177f77ac7a6a493290
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e857f7862e121093f8e568eca067a2376b1e7ee6522e97e90925462558ffd4a6
e931e49e16e72cec55d25a2e799a4530bc3f7e1a7c51daae7c37298b610f7f09
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43f677acfaaecfddb8931dd40dfac0dc1fffa8020b30efcb6a7e427e0c4d8ad
fadab33f4d58f376cf1aa8aaa53dd6ce4148d1c26b3fa232396010d37b16c79d
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9
ff6dd7b8226ecd7bc08c18c40bf2a997170b4640b7827dfcfdbc9e814e371063