myaccount.ocregister.com Open in urlscan Pro
149.126.77.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://l.email.langnews.com/q/mKpEwN4NSCGyg0X-ce4C8zKUNRDOicFn33vZcOJaGFuaC5wYXF1ZXR0ZUBLwYWNpZmljbGlmZS5jb23DiAj2jP4YMAeIne...
Effective URL:
https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Submission: On April 20 via api (April 20th 2020, 3:48:43 pm UTC) from US

Summary HTTP 61 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 21 domains to perform 61 HTTP transactions. The main IP is 149.126.77.218, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is myaccount.ocregister.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on October 23rd 2019. Valid for: a year.

This is the only time myaccount.ocregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.0.93.10 142.0.93.10	394396 (LISTRAK-AS1) (LISTRAK-AS1)
22	149.126.77.218 149.126.77.218	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
1	52.216.165.13 52.216.165.13	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.97.80 143.204.97.80	16509 (AMAZON-02) (AMAZON-02)
1	91.228.74.216 91.228.74.216	27281 (QUANTCAST) (QUANTCAST)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1	35.168.135.69 35.168.135.69	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	23.213.14.93 23.213.14.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	52.73.204.25 52.73.204.25	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
6	52.55.41.91 52.55.41.91	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:21f... 2600:9000:21f3:5000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	91.228.74.210 91.228.74.210	27281 (QUANTCAST) (QUANTCAST)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
61	21

1 142.0.93.10 (Lititz, United States) 1 redirects

ASN394396 (LISTRAK-AS1, US)

l.email.langnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 149.126.77.218 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.218.ip.incapdns.net

myaccount.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.165.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.80 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-80.fra50.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.216 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.135.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-135-69.compute-1.amazonaws.com

pr.realvu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.14.93 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-14-93.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.73.204.25 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-204-25.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.55.41.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-41-91.compute-1.amazonaws.com

digitalfirstmedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.210 (United Kingdom)

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ocregister.com myaccount.ocregister.com	1 MB
11	google-analytics.com ssl.google-analytics.com www.google-analytics.com	60 KB
7	blueconic.net cdn.blueconic.net digitalfirstmedia.blueconic.net	246 KB
4	trkn.us 2 redirects trkn.us	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
3	facebook.net connect.facebook.net	255 KB
2	facebook.com 1 redirects www.facebook.com	533 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	7 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	atdmt.com cx.atdmt.com	432 B
1	quantcount.com rules.quantcount.com	357 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	188 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	162 B
1	realvu.net pr.realvu.net	348 B
1	webcontentassessor.com scripts.webcontentassessor.com	30 KB
1	amazonaws.com s3.amazonaws.com	8 KB
1	googletagmanager.com www.googletagmanager.com	62 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
1	langnews.com 1 redirects l.email.langnews.com	345 B
0	five9.com Failed app.five9.com Failed
61	21

	Domain	Requested by
22	myaccount.ocregister.com	myaccount.ocregister.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com myaccount.ocregister.com
6	digitalfirstmedia.blueconic.net	cdn.blueconic.net
4	trkn.us	2 redirects myaccount.ocregister.com
3	sb.scorecardresearch.com	1 redirects myaccount.ocregister.com www.googletagmanager.com
3	connect.facebook.net	myaccount.ocregister.com connect.facebook.net
2	www.facebook.com	1 redirects myaccount.ocregister.com
2	ssl.google-analytics.com	myaccount.ocregister.com
2	fonts.googleapis.com	myaccount.ocregister.com
1	cx.atdmt.com
1	pixel.quantserve.com	myaccount.ocregister.com
1	rules.quantcount.com	secure.quantserve.com
1	www.google.de	myaccount.ocregister.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	pr.realvu.net	www.googletagmanager.com
1	scripts.webcontentassessor.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	cdn.blueconic.net	www.googletagmanager.com
1	s3.amazonaws.com	myaccount.ocregister.com
1	www.googletagmanager.com	myaccount.ocregister.com
1	cdnjs.cloudflare.com	myaccount.ocregister.com
1	l.email.langnews.com	1 redirects
0	app.five9.com Failed	myaccount.ocregister.com
61	24

This site contains links to these domains. Also see Links.

Domain
www.ocregister.com
checkout.ocregister.com
www.scngapps.com
www.scngcustomcontent.com
www.socalnie.com
www.thecannifornian.com
www.iwantmytvmagazine.com

Subject Issuer	Validity	Valid
myaccount.mercurynews.com Starfield Secure Certificate Authority - G2	`2019-10-23` - `2021-03-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
k3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-19` - `2021-04-20`	a year	crt.sh
ac.realvu.net Amazon	`2020-03-27` - `2021-04-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2020-03-20` - `2021-03-20`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2020-06-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Frame ID: F311ABD7D5B7441ED9DF4CB0D3789A94
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://l.email.langnews.com/q/mKpEwN4NSCGyg0X-ce4C8zKUNRDOicFn33vZcOJaGFuaC5wYXF1ZXR0ZUBLwYWNpZmljbGlmZS... HTTP 302
https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
html /<input[^>]+name="__VIEWSTATE/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

61
Requests

98 %
HTTPS

52 %
IPv6

21
Domains

24
Subdomains

21
IPs

5
Countries

1804 kB
Transfer

3891 kB
Size

16
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ocregister.com/
Title:

Search URL Search Domain Scan URL

URL: https://checkout.ocregister.com/subscriptionpanel
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://www.scngapps.com/?page_id=201
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: http://www.scngcustomcontent.com/ocrrewardsabout
Title: About Rewards

Search URL Search Domain Scan URL

URL: http://www.scngcustomcontent.com/ocrrewardscontactus
Title: Rewards Contact Us

Search URL Search Domain Scan URL

URL: https://www.scngcustomcontent.com/rewardsebooks
Title: Reader Rewards Digital Books

Search URL Search Domain Scan URL

URL: http://www.scngcustomcontent.com/rewardstestimonials
Title: Rewards Subscriber Testimonials

Search URL Search Domain Scan URL

URL: http://www.ocregister.com/newsletter-signup/
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://www.ocregister.com/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://www.ocregister.com/contact/#advertising
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: http://www.socalnie.com/
Title: Newspapers in Education

Search URL Search Domain Scan URL

URL: http://www.thecannifornian.com/
Title: Cannifornian

Search URL Search Domain Scan URL

URL: http://www.iwantmytvmagazine.com/subscriber-services/
Title: TV Weekly

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l.email.langnews.com/q/mKpEwN4NSCGyg0X-ce4C8zKUNRDOicFn33vZcOJaGFuaC5wYXF1ZXR0ZUBLwYWNpZmljbGlmZS5jb23DiAj2jP4YMAeIne5ISJ5JUZ9Ittxw HTTP 302
https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1587397699691&ns_c=UTF-8&c8=Subscribe%20to%20Orange%20County%20Register&c7=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1587397699691&ns_c=UTF-8&c8=Subscribe%20to%20Orange%20County%20Register&c7=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&c9=

Request Chain 31

https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1110712631068.1426;v=120 HTTP 302
https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1110712631068.1426;v=120;ip=185.217.171.12;cuidchk=1

Request Chain 32

https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=867883602613.262;v=120 HTTP 302
https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=867883602613.262;v=120;ip=185.217.171.12;cuidchk=1

Request Chain 39

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-61435456-15&cid=1967790437.1587397700&jid=1656946346&gjid=1622240832&_gid=601658436.1587397700&_u=aSBCgEAjQ~&z=914448489 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=1967790437.1587397700&jid=1656946346&_v=j81&z=914448489 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=1967790437.1587397700&jid=1656946346&_v=j81&z=914448489&slf_rd=1&random=2523223251

Request Chain 59

https://www.facebook.com/tr/?id=1401480206566122&ev=Microdata&dl=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&rl=&if=false&ts=1587397701491&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Subscribe%20to%20Orange%20County%20Register%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1587397699971.760227479&it=1587397699789&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=16858086411268177625&f=AYwOAHVs6efxiXajpt6WK7AGMhdJFt6Z6SeVzlz-JQU_70dht7g067OmEBCMiSV1su5ltATXC9_2Uvu8bx4B8oWG&id=1401480206566122&l=3&v=0

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set unsubscribe.aspx Show response
myaccount.ocregister.com/
Redirect Chain

http://l.email.langnews.com/q/mKpEwN4NSCGyg0X-ce4C8zKUNRDOicFn33vZcOJaGFuaC5wYXF1ZXR0ZUBLwYWNpZmljbGlmZS5jb23DiAj2jP4YMAeIne5ISJ5JUZ9Ittxw
https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

89 KB
89 KB

729ms
439ms

Document
text/html

149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ef8f2c7cab3dfb3a0d4703dcc3c12da5d50bbf4181c7dbf45ce2da86cd5f6da4

Request headers

Host: myaccount.ocregister.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=eawwzkdd1tmaptiwlzt1f4iv; path=/; HttpOnly; SameSite=Lax .ASPXAUTH=; expires=Tue, 12-Oct-1999 04:00:00 GMT; path=/; HttpOnly; SameSite=Lax .ASPXAUTH=; expires=Sat, 20-Apr-2019 15:47:56 GMT; path=/ KempActiveCookieVS=139361941.1.3769550560.517527553; path=/; secure visid_incap_2280572=1j8DfMD9STiLU39DNlZk6jfEnV4AAAAAQUIPAAAAAABkPkPFJWiXnedomoPC8Yop; expires=Mon, 19 Apr 2021 23:25:00 GMT; HttpOnly; path=/; Domain=.ocregister.com incap_ses_473_2280572=4LoBeLqqXF7uYI3bv3CQBjfEnV4AAAAAtQ+klKdoUf8rE/EhgOo//w==; path=/; Domain=.ocregister.com
X-Powered-By: ASP.NET
X-Host-Name: WEB6
Date: Mon, 20 Apr 2020 15:47:56 GMT
Content-Length: 90633
X-CDN: Incapsula
X-Iinfo: 8-89512817-89512827 NNNN CT(95 198 0) RT(1587397686641 23) q(0 0 3 -1) r(4 4) U5

Redirect headers

Server: nginx/1.17.3
Date: Mon, 20 Apr 2020 15:48:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 212
Connection: keep-alive
Cache-Control: private
Location: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,900italic,900,700,700italic,400italic,300italic,300

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19bcbbac02c77acbe8d8273199f3a71700d5ecea37fae95b14d82f5dde004edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Apr 2020 15:48:07 GMT
server: ESF
date: Mon, 20 Apr 2020 15:48:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Apr 2020 15:48:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
904 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,800,600

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Apr 2020 15:48:07 GMT
server: ESF
date: Mon, 20 Apr 2020 15:48:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Apr 2020 15:48:07 GMT

GET
H/1.1 200
OK SubCon.css
myaccount.ocregister.com/src/css/ 144 KB
144 KB 422ms
420ms Stylesheet
text/css 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/src/css/SubCon.css?v=1
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 448466163964c71e072de6c8371b57501cb7268b99e992cf0611f12e7d0e1df1

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:47:56 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: text/css
X-Iinfo: 8-89512819-89512975 NNNN CT(96 199 0) RT(1587397686643 489) q(0 0 3 0) r(4 4) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 147356
X-CDN: Incapsula

GET
H/1.1 200
OK subconCore Show response
myaccount.ocregister.com/bundles/ 789 KB
789 KB 458ms
418ms Script
text/javascript 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/bundles/subconCore?v=qHZFX9MAFN6XglqmXIDJQzWTs6uU9Pkqy237i32R-9A1
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f9d72d3d67ed08c07d9e2e75d71a52ec34162bc573ef0e217d9e392851112828

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:47:56 GMT
Last-Modified: Mon, 20 Apr 2020 15:47:57 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 8-89512979-89512982 NNNN CT(97 199 0) RT(1587397687151 20) q(0 0 3 -1) r(4 4) U5
Cache-Control: public
X-Host-Name: WEB6
Content-Length: 807529
X-CDN: Incapsula
Expires: Tue, 20 Apr 2021 15:47:57 GMT

GET
H2 200 jquery.blockUI.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.blockUI/2.70/ 11 KB
3 KB 16ms
14ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.blockUI/2.70/jquery.blockUI.min.js

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7044cd37754c3a0010acf8053af566cadf7a24b6b9576a611732fc54685f8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:48:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6334183
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0239df8ff8000014561999b200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:13 GMT
server: cloudflare
etag: W/"5afd494d-2ab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 587001f98fcc1456-FRA
expires: Sat, 10 Apr 2021 15:48:07 GMT

GET five9-social-widget.min.js
app.five9.com/consoles/SocialWidget/ 0
0

GET
H/1.1 200
OK ac_quicktime.js Show response
myaccount.ocregister.com/js/ 10 KB
11 KB 474ms
433ms Script
application/javascript 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/js/ac_quicktime.js
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 53b5dd891611b165988e14036a1aebf9b17a1839e00633adb490d112f8609e34

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:47:56 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: application/javascript
X-Iinfo: 10-239374847-239374855 NNNN CT(95 217 0) RT(1587397687152 20) q(0 0 3 -1) r(4 4) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 10750
X-CDN: Incapsula

GET
H/1.1 200
OK Unsubscribe.js Show response
myaccount.ocregister.com/js/Pages/ 118 B
506 B 455ms
413ms Script
application/javascript 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/js/Pages/Unsubscribe.js
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fa9ea67ec6b04df710e5c665dfd0f9eb9cdb3edf024f87a3d96feee2d0e56ec5

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:47:56 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: application/javascript
X-Iinfo: 9-160330896-160330901 NNNN CT(95 196 0) RT(1587397687151 22) q(0 0 3 -1) r(4 4) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 118
X-CDN: Incapsula

GET
H/1.1 200
OK scng.css
myaccount.ocregister.com/css/Newspapers/ 28 KB
29 KB 473ms
435ms Stylesheet
text/css 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/css/Newspapers/scng.css
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5d96fa2e533535e6fd12f8fbf0e819fdb2daf5100d3cc058defbc087b622d35f

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:47:56 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: text/css
X-Iinfo: 10-239374846-239374854 NNNN CT(97 215 0) RT(1587397687151 19) q(0 0 3 -1) r(4 4) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 28942
X-CDN: Incapsula

GET
H/1.1 200
OK burgermenu.png
myaccount.ocregister.com/hamburger/ 213 B
877 B 116ms
116ms Image
image/png 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.ocregister.com/hamburger/burgermenu.png
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 377992a74a429281f293ea98a38b2cfb46f6d6db43308bd8559d1cba69385dc2

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:47:57 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: image/png
X-Iinfo: 8-89512979-89512982 ENNN RT(1587397687151 954) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 213
X-CDN: Incapsula

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4768
date: Mon, 20 Apr 2020 14:28:51 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 17168
expires: Mon, 20 Apr 2020 16:28:51 GMT

GET
H/1.1 200
OK loading.gif
myaccount.ocregister.com/images/ 18 KB
19 KB 119ms
118ms Image
image/gif 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.ocregister.com/images/loading.gif
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b761cc51e1a35a37ea7ba419fe2d55331e716f75290c7514ee4405f17c087aeb

Request headers

Referer: https://myaccount.ocregister.com/src/css/SubCon.css?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: image/gif
X-Iinfo: 8-89512979-89512982 ENNN RT(1587397687151 12183) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 18689
X-CDN: Incapsula

GET
H/1.1 200
OK phoneicon.png
myaccount.ocregister.com/images/ 11 KB
11 KB 117ms
117ms Image
image/png 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.ocregister.com/images/phoneicon.png
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4d3bb72c4e3b68f2a7e756fc3597e2a002c06a35124a5f349ca279673d09d956

Request headers

Referer: https://myaccount.ocregister.com/src/css/SubCon.css?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: image/png
X-Iinfo: 8-89512819-89512975 ENNN RT(1587397686643 12692) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 11071
X-CDN: Incapsula

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 554 KB
62 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea61dd5c952618d0c0cbe2c959fd67b514da43a107f77897db0f0e991e69999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:48:19 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62965
x-xss-protection: 0
last-modified: Mon, 20 Apr 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Apr 2020 15:48:19 GMT

GET
H/1.1 200
OK slideshow.xml Show response
myaccount.ocregister.com/xml/ 473 B
1 KB 120ms
119ms XHR
text/xml 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/xml/slideshow.xml
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/bundles/subconCore?v=qHZFX9MAFN6XglqmXIDJQzWTs6uU9Pkqy237i32R-9A1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3c4929463fb641b967e7f243567e5fcd607480ce469c489369bb25698673682b

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: text/xml
X-Iinfo: 10-239374846-239374854 ENNN RT(1587397687151 12239) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 473
X-CDN: Incapsula

GET
H/1.1 200
OK CookieBanner.html Show response
myaccount.ocregister.com/Templates/ 2 KB
2 KB 125ms
124ms XHR
text/html 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/Templates/CookieBanner.html
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/bundles/subconCore?v=qHZFX9MAFN6XglqmXIDJQzWTs6uU9Pkqy237i32R-9A1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0ee082dc032e02ba67a75820e474e9ad1bbca96561306953d8d44c4b293fefd6

Request headers

Accept: text/html, */*; q=0.01
Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: text/html
X-Iinfo: 10-239374847-239374855 ENNN RT(1587397687152 12257) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 1785
X-CDN: Incapsula

POST
H/1.1 200
OK CheckNationalWeeklySubscription Show response
myaccount.ocregister.com/Index.aspx/ 11 B
730 B 122ms
121ms XHR
application/json 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/Index.aspx/CheckNationalWeeklySubscription
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/bundles/subconCore?v=qHZFX9MAFN6XglqmXIDJQzWTs6uU9Pkqy237i32R-9A1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4cde96d96497ab8df7b5c4e6e0fe041af7857721113e31093329979e8801180c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
X-Iinfo: 9-160330896-160330901 ENNN RT(1587397687151 12273) q(0 0 0 -1) r(1 1) U5
Cache-Control: private, max-age=0
X-Host-Name: WEB6
Content-Length: 11
X-CDN: Incapsula

GET
H/1.1 200
OK TakeATourModal.html Show response
myaccount.ocregister.com/Templates/ 976 B
2 KB 117ms
117ms XHR
text/html 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/Templates/TakeATourModal.html
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/bundles/subconCore?v=qHZFX9MAFN6XglqmXIDJQzWTs6uU9Pkqy237i32R-9A1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7d903799012ee959f8a193d8a5a64483291e34de042f4538cdfe4d590e8b12d9

Request headers

Accept: text/html, */*; q=0.01
Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: text/html
X-Iinfo: 8-89512817-89512827 ENNN RT(1587397686641 12799) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 976
X-CDN: Incapsula

POST
H/1.1 200
OK IsUserLoggedIn Show response
myaccount.ocregister.com/Login.aspx/ 11 B
728 B 130ms
119ms XHR
application/json 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/Login.aspx/IsUserLoggedIn
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/bundles/subconCore?v=qHZFX9MAFN6XglqmXIDJQzWTs6uU9Pkqy237i32R-9A1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4cde96d96497ab8df7b5c4e6e0fe041af7857721113e31093329979e8801180c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
X-Iinfo: 8-89512819-89512975 ENNN RT(1587397686643 12810) q(0 0 0 -1) r(1 1) U5
Cache-Control: private, max-age=0
X-Host-Name: WEB6
Content-Length: 11
X-CDN: Incapsula

POST
H/1.1 200
OK GetSubscribeLinkURL Show response
myaccount.ocregister.com/Login.aspx/ 57 B
777 B 184ms
118ms XHR
application/json 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/Login.aspx/GetSubscribeLinkURL
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/bundles/subconCore?v=qHZFX9MAFN6XglqmXIDJQzWTs6uU9Pkqy237i32R-9A1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8d81948c0e6d1ad29a726fa3bfdca2d79d9653f38a873d8c782668065d39a0a7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
X-Iinfo: 10-239374846-239374854 ENNN RT(1587397687151 12358) q(0 0 0 -1) r(1 1) U5
Cache-Control: private, max-age=0
X-Host-Name: WEB6
Content-Length: 57
X-CDN: Incapsula

POST
H/1.1 200
OK IsUnsubscribeAllowed Show response
myaccount.ocregister.com/Unsubscribe.aspx/ 510 B
1 KB 217ms
129ms XHR
application/json 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/Unsubscribe.aspx/IsUnsubscribeAllowed
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/bundles/subconCore?v=qHZFX9MAFN6XglqmXIDJQzWTs6uU9Pkqy237i32R-9A1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 39e672d3acd8f2c1997ce4d022f0dd5754f90c7bbb4c186e21db2dfd9244f00d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
X-Iinfo: 10-239374847-239374855 ENNN RT(1587397687152 12383) q(0 0 0 -1) r(1 1) U5
Cache-Control: private, max-age=0
X-Host-Name: WEB6
Content-Length: 510
X-CDN: Incapsula

GET
H/1.1 200
OK CustomError.html Show response
myaccount.ocregister.com/Templates/ 310 B
978 B 218ms
121ms XHR
text/html 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/Templates/CustomError.html
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/bundles/subconCore?v=qHZFX9MAFN6XglqmXIDJQzWTs6uU9Pkqy237i32R-9A1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d07c37bde44589e4c93b4e987ce3d4a66df93d8ca7f5c88e68d183394c3c8ee0

Request headers

Accept: text/html, */*; q=0.01
Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: text/html
X-Iinfo: 9-160330896-160330901 ENNN RT(1587397687151 12396) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 310
X-CDN: Incapsula

GET
H/1.1 200
OK OCR%20092717.png
s3.amazonaws.com/cms.mng/ 8 KB
8 KB 491ms
174ms Image
image/png 52.216.165.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.mng/OCR%20092717.png
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.165.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: aa5b2ce15d0fecf9635ddc3b3dddd9f2742bcb01768780ce3179872f7f6d13f6

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:20 GMT
x-amz-meta-imageid: 123
Last-Modified: Mon, 11 Mar 2019 15:22:46 GMT
Server: AmazonS3
x-amz-request-id: 4CA77D5B3D3596F1
ETag: "642e66d88511c51dc63d21ae7c7d11d7"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 8078
x-amz-id-2: SOGD/goTodR+S64UWkVqRwssYhxXfvfkD5hqntOv0bDBFerEoq4aZXiNRkd9FPLPx61vVsis6BA=

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
112 B 14ms
14ms Image
image/gif 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2124504285&utmhn=myaccount.ocregister.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Subscribe%20to%20Orange%20County%20Register&utmhid=1678036735&utmr=-&utmp=%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&utmht=1587397699622&utmac=UA-16643585-7&utmcc=__utma%3D268224786.1967790437.1587397700.1587397700.1587397700.1%3B%2B__utmz%3D268224786.1587397700.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1952688848&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 15:48:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 585
date: Mon, 20 Apr 2020 15:38:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 20 Apr 2020 17:38:34 GMT

GET
H2 200 digitalfirstmedia.js Show response
cdn.blueconic.net/ 128 KB
39 KB 91ms
35ms Script
text/javascript 143.204.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/digitalfirstmedia.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.97.80 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-97-80.fra50.r.cloudfront.net

Software

- /

Resource Hash

7e40a66bc827999c382de72349b05182cbf40c3da6a412fe9d0d31028848e443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 264
x-cache: Hit from cloudfront
status: 200
content-length: 39114
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Apr 2020 14:41:14 GMT
server: -
etag: "2000a-5a3413107e138-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: 4UoGfm_U_ss0B69M3KrJTEQXBcO-jXzjIaiiQDWUy3w9ryj68sUCTg==

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 112ms
24ms Script
application/x-javascript 91.228.74.216
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.216 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20-Apr-2020 15:48:19 GMT
Server: QS
Etag: M0-56c8c653
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Strict-Transport-Security: max-age=86400
Content-Length: 5651
Expires: Mon, 27 Apr 2020 15:48:19 GMT

GET
H2 200 ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f Show response
scripts.webcontentassessor.com/scripts/ 117 KB
30 KB 108ms
28ms Script
application/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a27d38decbc9a27199cd6693dafbfb3aca386561a67fe9c6382c6a7ea43b5b8

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:48:19 GMT
content-encoding: gzip
age: 2873
x-cache: HIT
status: 200
content-length: 29854
x-amz-id-2: oLY263hDSzRyyWlMvF1tjbKkshUZPt+uuvDNCmKrafL+DFBUFmoQUMpmWDNeacXQjKiw1kr5XPE=
x-served-by: cache-fra19180-FRA
last-modified: Mon, 20 Apr 2020 14:49:09 GMT
server: AmazonS3
x-timer: S1587397700.807514,VS0,VE0
etag: "ed1389874655c622387bfa13d8878f42"
vary: Accept-Encoding
x-amz-request-id: 7EE13CE73EA03D4B
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 19

GET
H/1.1 200
OK c=E5X8_f=site_si=undefined Show response
pr.realvu.net/flip/2/ 36 B
348 B 463ms
111ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d046c3b3a233a5260541429d2c3e58a41a1f36809b3bee96785419f7aca42d9

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:20 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=21600
Connection: keep-alive
Content-Length: 56
X-Proxy-Cache: BYPASS

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 11ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: UEIsC1EqyPJBqUV9aV/99zTFLXpGbtJR4DDyygrydacmkex9B5d+DCVCrwDz8TpR7EdMUZBoI3Q3timS6SOk/w==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Mon, 20 Apr 2020 15:48:19 GMT, Mon, 20 Apr 2020 15:48:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1587397699691&ns_c=UTF-8&c8=Subscribe%20to%20Orange%20County%20Register&c7=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefi...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1587397699691&ns_c=UTF-8&c8=Subscribe%20to%20Orange%20County%20Register&c7=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fpref...

0
248 B

32ms
30ms

Image
text/plain

23.213.14.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1587397699691&ns_c=UTF-8&c8=Subscribe%20to%20Orange%20County%20Register&c7=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&c9=
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.14.93 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-14-93.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 15:48:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1587397699691&ns_c=UTF-8&c8=Subscribe%20to%20Orange%20County%20Register&c7=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&c9=
Pragma: no-cache
Date: Mon, 20 Apr 2020 15:48:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1110712631068.1426;v=120;ip=185.217.171.12;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1110712631068.1426;v=120
https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1110712631068.1426;v=120;ip=185.217.171.12;cuidchk=1

42 B
758 B

104ms
102ms

Image
image/gif

52.73.204.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1110712631068.1426;v=120;ip=185.217.171.12;cuidchk=1

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.204.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-204-25.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 15:48:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Mon, 20 Apr 2020 15:48:20 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1110712631068.1426;v=120;ip=185.217.171.12;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H/1.1

200
OK

ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=867883602613.262;v=120;ip=185.217.171.12;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=867883602613.262;v=120
https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=867883602613.262;v=120;ip=185.217.171.12;cuidchk=1

42 B
758 B

115ms
113ms

Image
image/gif

52.73.204.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=867883602613.262;v=120;ip=185.217.171.12;cuidchk=1

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.204.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-204-25.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 15:48:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Mon, 20 Apr 2020 15:48:20 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=867883602613.262;v=120;ip=185.217.171.12;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H/1.1 200
OK closeIcon.png
myaccount.ocregister.com/images/ 5 KB
6 KB 123ms
122ms Image
image/png 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.ocregister.com/images/closeIcon.png
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 98511b2f61fce71698c8d16f292e68c1342f8abd52871c962c783fc7af26c7dc

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: image/png
X-Iinfo: 8-89512819-89512975 ENNN RT(1587397686643 12946) q(0 0 0 0) r(1 1) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 5556
X-CDN: Incapsula

GET
H/1.1 404
Not Found OCR.mp4
myaccount.ocregister.com/videos/ 1 KB
2 KB 120ms
119ms Media
text/html 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/videos/OCR.mp4
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ad4abe120393ec4bdef684197701ef4cac3bed8ce6313132167fd92350349593

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: text/html
X-Iinfo: 8-89512817-89512827 ENNN RT(1587397686641 12965) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
X-CDN: Incapsula

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
935 B 6ms
6ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 560
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Mon, 20 Apr 2020 16:38:59 GMT

GET
H2 200 1401480206566122 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 11ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1401480206566122?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d00edae0f505d073919fbaf827bccbda926f761cf7c4169cf1cd0e85aebb3e34

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 115204
x-xss-protection: 0
pragma: public
x-fb-debug: raechmnIyKY5R00hMRM4BuzBx1Qx05qtmGR0qMQsqPPD/VHRv7uMKt0A8u4OCVGWi5QVp9J9bulE5qSJ3h/M0Q==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Mon, 20 Apr 2020 15:48:19 GMT, Mon, 20 Apr 2020 15:48:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 63 KB
24 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MHF7NT7&t=gtm21&cid=1967790437.1587397700

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1924f719f5a48bfd22fa46aa2d4e8bc0e388f65791c6091ca47df1667004965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:48:19 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24148
x-xss-protection: 0
last-modified: Mon, 20 Apr 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Apr 2020 15:48:19 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 7ms
6ms Image
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1678036735&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42&dr=&dp=%2Funsubscribe.aspx%3Fprefid%3D42&ul=en-us&de=UTF-8&dt=Subscribe%20to%20Orange%20County%20Register&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=268224786.1967790437.1587397700.1587397700.1587397700.1&_utmz=268224786.1587397700.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1587397699817&_u=aSBCgEAjQ~&jid=1656946346&gjid=1622240832&cid=1967790437.1587397700&tid=UA-61435456-15&_gid=601658436.1587397700&gtm=2wg480TLFP4R&cd1=&cd2=ocregister.com&cd3=ocregister.com&cd4=&cd5=&cd6=&cd7=&cd8=&cd9=NO&cd10=&cd11=&cd12=ocregister.com&cd13=&cd14=subscription&cd15=subscription&cd16=&cd17=&cd18=&cd19=&cd20=ocregister.com&cd21=&cd22=&cd23=&cd24=&cd25=CA&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=LANewsGroup&cd34=true&cd35=&cd50=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd51=&cd165=(not%20set)&cd166=(not%20set)&cd167=(not%20set)&cd53=1967790437.1587397700&z=1922398648

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 03:07:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2032854
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-61435456-15&cid=1967790437.1587397700&jid=1656946346&gjid=1622240832&_gid=601658436.1587397700&_u=aSBCgEAjQ~&z=914448489
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=1967790437.1587397700&jid=1656946346&_v=j81&z=914448489
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=1967790437.1587397700&jid=1656946346&_v=j81&z=914448489&slf_rd=1&random=2523223251

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=1967790437.1587397700&jid=1656946346&_v=j81&z=914448489&slf_rd=1&random=2523223251

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 15:48:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Apr 2020 15:48:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=1967790437.1587397700&jid=1656946346&_v=j81&z=914448489&slf_rd=1&random=2523223251
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 json Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 45 KB
9 KB 327ms
114ms XHR
application/json 52.55.41.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&bcsessionid=&bctempid=&overruleReferrer=&time=2020-04-20T17%3A48%3A19%2B02%3A00&ts=1587397699914

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.41.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-41-91.compute-1.amazonaws.com

Software

- /

Resource Hash

a62fb58daebb2be5b6d591dc18204de5d555f942f58c6308c87899c477b876ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Apr 2020 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 8065
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myaccount.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK alert.jpg
myaccount.ocregister.com/images/ 17 KB
18 KB 119ms
118ms Image
image/jpeg 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.ocregister.com/images/alert.jpg
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c34cd37aa3e7e456c79483f57422b9edd630efeec1ef98f4e04ce74f7e0526fe

Request headers

Referer: https://myaccount.ocregister.com/src/css/SubCon.css?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Last-Modified: Mon, 30 Mar 2020 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b5d237a36d61:0"
Content-Type: image/jpeg
X-Iinfo: 8-89512817-89512827 ENNN RT(1587397686641 13125) q(0 0 0 0) r(1 1) U5
X-Host-Name: WEB6
Accept-Ranges: bytes
Content-Length: 17664
X-CDN: Incapsula

GET
H2 200 rules-p-4ctCQwtnNBNs2.js Show response
rules.quantcount.com/ 3 B
357 B 41ms
13ms Script
application/x-javascript 2600:9000:21f3:5000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-4ctCQwtnNBNs2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 00:50:17 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:57:14 GMT
server: AmazonS3
age: 53883
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3
x-amz-cf-id: HZJDPJH2oLDtC5pcUH-auXBUg3O8fmAGq5CtB2SJVH7cG170WrPEPw==

GET
H2 200 /
www.facebook.com/tr/ 44 B
252 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&rl=&if=false&ts=1587397699979&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1587397699971.760227479&it=1587397699789&coo=false&rqm=GET

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:48:19 GMT, Mon, 20 Apr 2020 15:48:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 20 Apr 2020 15:48:19 GMT

GET
H/1.1 404
Not Found OCR.webm
myaccount.ocregister.com/videos/ 0
0 122ms
120ms Media
text/html 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/videos/OCR.webm
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: text/html
X-Iinfo: 8-89512819-89512975 ENNN RT(1587397686643 13232) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
X-CDN: Incapsula

GET
H/1.1 200
OK pixel;r=1368424663;labels=LANewsGroup;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com;fpan=1;fpa=...
pixel.quantserve.com/ 35 B
658 B 106ms
22ms Image
image/gif 91.228.74.210
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1368424663;labels=LANewsGroup;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com;fpan=1;fpa=P0-779522921-1587397700029;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1587397700028;tzo=-120;ogl=

Requested by

Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.210 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 15:48:20 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 404
Not Found OCR.ogg
myaccount.ocregister.com/videos/ 1 KB
0 131ms
125ms Media
text/html 149.126.77.218
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.ocregister.com/videos/OCR.ogg
Requested by: Host: myaccount.ocregister.com
URL: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.218 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.218.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 20 Apr 2020 15:48:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: text/html
X-Iinfo: 8-89512819-89512975 ENNN RT(1587397686643 13369) q(0 0 0 -1) r(1 1) U5
X-Host-Name: WEB6
X-CDN: Incapsula

GET
H2 200 5e395362dcaa7be5c003aa70bf76e695 Show response
digitalfirstmedia.blueconic.net/plugin/plugin/ 208 KB
54 KB 143ms
141ms Script
text/javascript 52.55.41.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/plugin/plugin/5e395362dcaa7be5c003aa70bf76e695

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.41.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-41-91.compute-1.amazonaws.com

Software

- /

Resource Hash

d34d81da011eea1d5b39e2ac6a625961bbd15eb2f2b93a94ebb56c2665cce56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: 5e395362dcaa7be5c003aa70bf76e695
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 54567
x-xss-protection: 1; mode=block
expires: Tue, 20 Apr 2021 15:48:20 GMT

GET
H2 200 64c21a3acd4c4f1e53a029427d71f057 Show response
digitalfirstmedia.blueconic.net/plugin/library/ 483 KB
141 KB 107ms
106ms Script
text/javascript 52.55.41.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/plugin/library/64c21a3acd4c4f1e53a029427d71f057

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.41.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-41-91.compute-1.amazonaws.com

Software

- /

Resource Hash

ba302477fb642bddac0004d18f4c0255c2fd9aba080524f332062b1e77360fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: 64c21a3acd4c4f1e53a029427d71f057
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 143790
x-xss-protection: 1; mode=block
expires: Tue, 20 Apr 2021 15:48:20 GMT

POST
H2 200 LB-Zone-2 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/json/ 2 KB
1 KB 195ms
194ms XHR
application/json 52.55.41.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/json/LB-Zone-2?referer=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&bcsessionid=&bctempid=f62ada11-9e5a-410e-ad9a-a2020ffa28e9&overruleReferrer=&time=2020-04-20T17%3A48%3A20%2B02%3A00&ts=1587397700533

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.41.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-41-91.compute-1.amazonaws.com

Software

- /

Resource Hash

3891f4dd51094a9b5b396e1642a7eb54e39d9d20d18d004b11f1ed0e70343ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Apr 2020 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 899
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myaccount.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/r/ 35 B
136 B 14ms
13ms Other
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/r/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 15:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://myaccount.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1060502780777063 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1060502780777063?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac3082cc6d879dec28ccaf8e843ef56d0a40f88483c2fd0e36fb83de6cff342f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114948
x-xss-protection: 0
pragma: public
x-fb-debug: jKKx7L+6OxB9YTRyfC6iIDPhvElC4Y0MBktk5xLhpju2R4GYgUz6wNewsUv9smIRKdmPu6QG+rvaHxjy7uosCA==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Mon, 20 Apr 2020 15:48:20 GMT, Mon, 20 Apr 2020 15:48:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 json Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 195 B
855 B 112ms
112ms XHR
application/json 52.55.41.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&bcsessionid=f62ada11-9e5a-410e-ad9a-a2020ffa28e9&bctempid=&overruleReferrer=&time=2020-04-20T17%3A48%3A20%2B02%3A00&ts=1587397700840

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.41.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-41-91.compute-1.amazonaws.com

Software

- /

Resource Hash

4c11a518c46f5ca5e96bef2eb1efc75bd1799a4673498fd324d9a5f6e9e6fa78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Apr 2020 15:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 117
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myaccount.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/6035443/ 0
400 B 31ms
30ms Script
application/x-javascript 23.213.14.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/6035443/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.14.93 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-14-93.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 15:48:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Thu, 23 Apr 2020 15:48:20 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
112 B 13ms
13ms Other
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 15:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://myaccount.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
112 B 16ms
15ms Other
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 15:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://myaccount.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
112 B 17ms
17ms Other
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 15:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://myaccount.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
112 B 13ms
13ms Other
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 15:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://myaccount.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 json Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 98 B
848 B 106ms
106ms XHR
application/json 52.55.41.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&bcsessionid=f62ada11-9e5a-410e-ad9a-a2020ffa28e9&bctempid=&overruleReferrer=&time=2020-04-20T17%3A48%3A21%2B02%3A00&ts=1587397701046

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.41.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-41-91.compute-1.amazonaws.com

Software

- /

Resource Hash

b36a50556062bc33ee64054e612b71a4998212ecec2a00d54888623cd0238056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Apr 2020 15:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 108
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myaccount.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1401480206566122&ev=Microdata&dl=https%3A%2F%2Fmyaccount.ocregister.com%2Funsubscribe.aspx%3Fprefid%3D42%26e%3Dhanh.paquette%40pacificlife.com&rl=&if=false&ts=158739...
https://cx.atdmt.com/?c=16858086411268177625&f=AYwOAHVs6efxiXajpt6WK7AGMhdJFt6Z6SeVzlz-JQU_70dht7g067OmEBCMiSV1su5ltATXC9_2Uvu8bx4B8oWG&id=1401480206566122&l=3&v=0

42 B
432 B

52ms
39ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=16858086411268177625&f=AYwOAHVs6efxiXajpt6WK7AGMhdJFt6Z6SeVzlz-JQU_70dht7g067OmEBCMiSV1su5ltATXC9_2Uvu8bx4B8oWG&id=1401480206566122&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://myaccount.ocregister.com/unsubscribe.aspx?prefid=42&e=hanh.paquette@pacificlife.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 20 Apr 2020 15:48:21 GMT, Mon, 20 Apr 2020 15:48:21 GMT, Mon, 20 Apr 2020 15:48:21 GMT
content-type: image/gif
alt-svc: h3-27=":443"; ma=3600
content-length: 42
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma: no-cache
date: Mon, 20 Apr 2020 15:48:21 GMT, Mon, 20 Apr 2020 15:48:21 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=16858086411268177625&f=AYwOAHVs6efxiXajpt6WK7AGMhdJFt6Z6SeVzlz-JQU_70dht7g067OmEBCMiSV1su5ltATXC9_2Uvu8bx4B8oWG&id=1401480206566122&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.five9.com
URL: https://app.five9.com/consoles/SocialWidget/five9-social-widget.min.js

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
myaccount.ocregister.com/	1970-01-19 17:42:13	Name: BCSessionID Value: f62ada11-9e5a-410e-ad9a-a2020ffa28e9
.ocregister.com/	1970-01-19 11:06:13	Name: _fbp Value: fb.1.1587397699971.760227479
.ocregister.com/	1969-12-31 23:59:59	Name: incap_ses_473_2280572 Value: VJijbMFtdUVrbI3bv3CQBkPEnV4AAAAAfyhPeBxl1P8ZUbAOqW/GJA==
.ocregister.com/	1970-01-19 17:41:14	Name: visid_incap_2280572 Value: bdx/ynexSxi6D8DYUg6VzkPEnV4AAAAAQUIPAAAAAAA6zdJt3wM/PlKSDMkWaGzP
.ocregister.com/	1970-01-20 02:27:49	Name: _ga Value: GA1.2.1967790437.1587397700
.myaccount.ocregister.com/	1970-01-19 08:56:38	Name: __utmt Value: 1
.myaccount.ocregister.com/	1970-01-19 08:56:39	Name: __utmb Value: 268224786.1.10.1587397700
.myaccount.ocregister.com/	1970-01-19 13:19:25	Name: __utmz Value: 268224786.1587397700.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
myaccount.ocregister.com/	1969-12-31 23:59:59	Name: BCRevision_1587397700845 Value: %7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22visitedsites%22%3A%5B%22myaccount.ocregister.com%22%5D%2C%22scng_login_text%22%3A%5B%22%22%5D%2C%22_preferred_main_category%22%3A%5B%22%7B%5C%22TIME%5C%22%3A1587397700802%2C%5C%22unsubscribe%5C%22%3A%7B%5C%22p3032%5C%22%3A1%7D%7D%22%5D%2C%22_hl_visit_time%22%3A%5B%22%7B%5C%22TIME%5C%22%3A1587397700802%2C%5C%22data%5C%22%3A%5B%7B%5C%22n%5C%22%3A%5C%225%20PM%20-%206%20PM%5C%22%2C%5C%22p%5C%22%3A1%2C%5C%22d%5C%22%3A962%7D%5D%7D%22%5D%2C%22sent_to_system%22%3A%5B%22gtm%22%5D%2C%22sent_to_connection%22%3A%5B%222c8ff9ae-c393-4d98-8ada-d455ae082f91%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22visitedsites%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1587397700845%22%7D
.ocregister.com/	1970-01-19 18:21:06	Name: __qca Value: P0-779522921-1587397700029
myaccount.ocregister.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 4ottl5itiqfnbh0acuwwxjzm
.myaccount.ocregister.com/	1969-12-31 23:59:59	Name: __utmc Value: 268224786
.ocregister.com/	1970-01-19 08:56:37	Name: _dc_gtm_UA-61435456-15 Value: 1
.ocregister.com/	1970-01-19 08:58:04	Name: _gid Value: GA1.2.601658436.1587397700
.ocregister.com/	1970-01-19 08:56:37	Name: _gat_UA-61435456-15 Value: 1
.myaccount.ocregister.com/	1970-01-20 02:27:49	Name: __utma Value: 268224786.1967790437.1587397700.1587397700.1587397700.1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Invalid PixelID: null.
console-api	log	URL: https://cdn.blueconic.net/digitalfirstmedia.js(Line 129) Message: [BC]DataLayer available
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 1060502780777063.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.five9.com
cdn.blueconic.net
cdnjs.cloudflare.com
connect.facebook.net
cx.atdmt.com
digitalfirstmedia.blueconic.net
fonts.googleapis.com
l.email.langnews.com
myaccount.ocregister.com
pixel.quantserve.com
pr.realvu.net
rules.quantcount.com
s3.amazonaws.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
secure.quantserve.com
ssl.google-analytics.com
stats.g.doubleclick.net
trkn.us
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
app.five9.com
142.0.93.10
143.204.97.80
149.126.77.218
151.101.14.217
23.213.14.93
2600:9000:21f3:5000:6:44e3:f8c0:93a1
2606:4700::6810:85e5
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:814::2003
2a00:1450:4001:815::2008
2a00:1450:4001:818::200e
2a00:1450:4001:81a::2004
2a00:1450:400c:c00::9a
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.168.135.69
52.216.165.13
52.55.41.91
52.73.204.25
91.228.74.210
91.228.74.216
0ee082dc032e02ba67a75820e474e9ad1bbca96561306953d8d44c4b293fefd6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
19bcbbac02c77acbe8d8273199f3a71700d5ecea37fae95b14d82f5dde004edb
377992a74a429281f293ea98a38b2cfb46f6d6db43308bd8559d1cba69385dc2
3891f4dd51094a9b5b396e1642a7eb54e39d9d20d18d004b11f1ed0e70343ea9
39e672d3acd8f2c1997ce4d022f0dd5754f90c7bbb4c186e21db2dfd9244f00d
3a27d38decbc9a27199cd6693dafbfb3aca386561a67fe9c6382c6a7ea43b5b8
3c4929463fb641b967e7f243567e5fcd607480ce469c489369bb25698673682b
448466163964c71e072de6c8371b57501cb7268b99e992cf0611f12e7d0e1df1
4c11a518c46f5ca5e96bef2eb1efc75bd1799a4673498fd324d9a5f6e9e6fa78
4cde96d96497ab8df7b5c4e6e0fe041af7857721113e31093329979e8801180c
4d046c3b3a233a5260541429d2c3e58a41a1f36809b3bee96785419f7aca42d9
4d3bb72c4e3b68f2a7e756fc3597e2a002c06a35124a5f349ca279673d09d956
53b5dd891611b165988e14036a1aebf9b17a1839e00633adb490d112f8609e34
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d96fa2e533535e6fd12f8fbf0e819fdb2daf5100d3cc058defbc087b622d35f
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7d903799012ee959f8a193d8a5a64483291e34de042f4538cdfe4d590e8b12d9
7e40a66bc827999c382de72349b05182cbf40c3da6a412fe9d0d31028848e443
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438
8d81948c0e6d1ad29a726fa3bfdca2d79d9653f38a873d8c782668065d39a0a7
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98511b2f61fce71698c8d16f292e68c1342f8abd52871c962c783fc7af26c7dc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a62fb58daebb2be5b6d591dc18204de5d555f942f58c6308c87899c477b876ea
aa5b2ce15d0fecf9635ddc3b3dddd9f2742bcb01768780ce3179872f7f6d13f6
ac3082cc6d879dec28ccaf8e843ef56d0a40f88483c2fd0e36fb83de6cff342f
ad4abe120393ec4bdef684197701ef4cac3bed8ce6313132167fd92350349593
b1924f719f5a48bfd22fa46aa2d4e8bc0e388f65791c6091ca47df1667004965
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b36a50556062bc33ee64054e612b71a4998212ecec2a00d54888623cd0238056
b761cc51e1a35a37ea7ba419fe2d55331e716f75290c7514ee4405f17c087aeb
ba302477fb642bddac0004d18f4c0255c2fd9aba080524f332062b1e77360fb3
c34cd37aa3e7e456c79483f57422b9edd630efeec1ef98f4e04ce74f7e0526fe
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d00edae0f505d073919fbaf827bccbda926f761cf7c4169cf1cd0e85aebb3e34
d07c37bde44589e4c93b4e987ce3d4a66df93d8ca7f5c88e68d183394c3c8ee0
d34d81da011eea1d5b39e2ac6a625961bbd15eb2f2b93a94ebb56c2665cce56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
ea61dd5c952618d0c0cbe2c959fd67b514da43a107f77897db0f0e991e69999f
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f2c7cab3dfb3a0d4703dcc3c12da5d50bbf4181c7dbf45ce2da86cd5f6da4
f7044cd37754c3a0010acf8053af566cadf7a24b6b9576a611732fc54685f8a5
f9d72d3d67ed08c07d9e2e75d71a52ec34162bc573ef0e217d9e392851112828
fa9ea67ec6b04df710e5c665dfd0f9eb9cdb3edf024f87a3d96feee2d0e56ec5

myaccount.ocregister.com Open in urlscan Pro 149.126.77.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

98 %HTTPS

52 %IPv6

21 Domains

24 Subdomains

21 IPs

5 Countries

1804 kBTransfer

3891 kBSize

16 Cookies

13 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myaccount.ocregister.com Open in urlscan Pro
149.126.77.218 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

52 %
IPv6

21
Domains

24
Subdomains

21
IPs

5
Countries

1804 kB
Transfer

3891 kB
Size

16
Cookies

61 HTTP transactions
0 data transactions