www.ocregister.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ocregister.com/
Effective URL:
https://www.ocregister.com/
Submission: On March 28 via api (March 28th 2020, 8:58:39 am UTC) from US

Summary HTTP 172 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 44 domains to perform 172 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.ocregister.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 24th 2020. Valid for: 3 months.

This is the only time www.ocregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.202.102 143.204.202.102	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:4200:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02)
1	95.101.185.51 95.101.185.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
5	151.101.13.53 151.101.13.53	54113 (FASTLY) (FASTLY)
2 5	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	95.101.185.135 95.101.185.135	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
9	52.22.44.87 52.22.44.87	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
3	143.204.213.153 143.204.213.153	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::714	54113 (FASTLY) (FASTLY)
5	63.147.64.74 63.147.64.74	209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
6	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1 1	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
1	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
2	143.204.208.228 143.204.208.228	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	91.228.74.187 91.228.74.187	27281 (QUANTCAST) (QUANTCAST)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
9	35.168.135.69 35.168.135.69	14618 (AMAZON-AES) (AMAZON-AES)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	23.45.99.242 23.45.99.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	34.230.135.71 34.230.135.71	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.208.8 143.204.208.8	16509 (AMAZON-02) (AMAZON-02)
1	104.26.5.15 104.26.5.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.216.29.148 52.216.29.148	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	34.205.105.54 34.205.105.54	14618 (AMAZON-AES) (AMAZON-AES)
14	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:b000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	54.197.13.220 54.197.13.220	14618 (AMAZON-AES) (AMAZON-AES)
1	91.228.74.195 91.228.74.195	27281 (QUANTCAST) (QUANTCAST)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.252.71.88 34.252.71.88	16509 (AMAZON-02) (AMAZON-02)
2	34.234.197.55 34.234.197.55	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	195.181.175.52 195.181.175.52	60068 (CDN77) (CDN77)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	54.173.180.235 54.173.180.235	14618 (AMAZON-AES) (AMAZON-AES)
2	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
172	54

21 192.0.66.2 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scng-dash.digitalfirstmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-102.fra53.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:4200:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.185.51 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-185-51.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.13.53 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

assets.digitalfirstmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.185.135 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-185-135.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.22.44.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-44-87.compute-1.amazonaws.com

digitalfirstmedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.213.153 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-213-153.fra53.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::714 (Ascension Island)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 63.147.64.74 (Waldorf, United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)

projects.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.ayc0zsm69431gfebd.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2insights-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.134 (United States) 1 redirects

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

ocregister.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.208.228 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-228.fra53.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.187 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.168.135.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-135-69.compute-1.amazonaws.com

pr.realvu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.45.99.242 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-99-242.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.230.135.71 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-135-71.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.8 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-8.fra53.r.cloudfront.net

d1wa9546y9kg0n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.5.15 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.29.148 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.105.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-105-54.compute-1.amazonaws.com

srv-2020-03-28-08.config.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:b000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.197.13.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-13-220.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.195 (United Kingdom)

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.71.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-71-88.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.197.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-197-55.compute-1.amazonaws.com

srv-2020-03-28-08.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.181.175.52 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-52.datapacket.com

maxst.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

spreadsheets.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.180.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-180-235.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	ocregister.com 1 redirects ocregister.com www.ocregister.com projects.ocregister.com	334 KB
18	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	250 KB
10	ampproject.org cdn.ampproject.org	420 KB
10	blueconic.net cdn.blueconic.net digitalfirstmedia.blueconic.net	306 KB
9	realvu.net pr.realvu.net	14 KB
8	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net	139 KB
7	google.com 2 redirects www.google.com adservice.google.com spreadsheets.google.com	3 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	164 KB
6	postrelease.com jadserve.postrelease.com	3 KB
6	google-analytics.com 1 redirects www.google-analytics.com	42 KB
6	digitalfirstmedia.com assets.digitalfirstmedia.com scng-dash.digitalfirstmedia.com	198 KB
5	facebook.net connect.facebook.net	480 KB
4	facebook.com 1 redirects www.facebook.com	646 B
4	trkn.us 2 redirects trkn.us	3 KB
4	ayc0zsm69431gfebd.xyz cdn.ayc0zsm69431gfebd.xyz	105 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	154 KB
3	parsely.com srv-2020-03-28-08.config.parsely.com srv-2020-03-28-08.pixel.parsely.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
3	cloudfront.net d1z2jf7jlzjs58.cloudfront.net d1wa9546y9kg0n.cloudfront.net	25 KB
3	google.de adservice.google.de www.google.de	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com	29 KB
3	azureedge.net loader-cdn.azureedge.net fp-cdn.azureedge.net g2insights-cdn.azureedge.net	37 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	23 KB
2	nr-data.net bam.nr-data.net	460 B
2	visualstudio.com dc.services.visualstudio.com	783 B
2	icons8.com maxst.icons8.com	110 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	7 KB
2	disqus.com 1 redirects disqus.com ocregister.disqus.com	2 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	googletagservices.com www.googletagservices.com	43 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	adsrvr.org match.adsrvr.org	544 B
1	rlcdn.com api.rlcdn.com
1	criteo.net static.criteo.net	30 KB
1	atdmt.com cx.atdmt.com	430 B
1	quantcount.com rules.quantcount.com	358 B
1	amazonaws.com paywall-ad-bucket.s3.amazonaws.com	1 KB
1	db-ip.com api-mg2.db-ip.com	614 B
1	webcontentassessor.com scripts.webcontentassessor.com	25 KB
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	ntv.io s.ntv.io	91 KB
1	indexww.com js-sec.indexww.com	40 KB
172	44

	Domain	Requested by
19	www.ocregister.com	www.ocregister.com securepubads.g.doubleclick.net
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.ocregister.com cdn.ampproject.org tpc.googlesyndication.com
10	cdn.ampproject.org	scripts.webcontentassessor.com securepubads.g.doubleclick.net
9	pr.realvu.net	www.googletagmanager.com pr.realvu.net
9	digitalfirstmedia.blueconic.net	cdn.blueconic.net
6	jadserve.postrelease.com	s.ntv.io www.ocregister.com
6	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com www.ocregister.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ocregister.com
5	connect.facebook.net	www.ocregister.com connect.facebook.net
5	projects.ocregister.com	www.ocregister.com projects.ocregister.com
5	www.google.com	2 redirects www.ocregister.com www.gstatic.com
5	assets.digitalfirstmedia.com	www.ocregister.com assets.digitalfirstmedia.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	www.facebook.com	1 redirects www.ocregister.com connect.facebook.net
4	trkn.us	2 redirects www.ocregister.com
4	cdn.ayc0zsm69431gfebd.xyz	ajax.googleapis.com www.ocregister.com
4	fonts.gstatic.com	www.ocregister.com
3	sb.scorecardresearch.com	1 redirects www.ocregister.com www.googletagmanager.com
3	c.amazon-adsystem.com	www.ocregister.com c.amazon-adsystem.com
3	www.gstatic.com	www.ocregister.com www.google.com
2	bam.nr-data.net	js-agent.newrelic.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	maxst.icons8.com	projects.ocregister.com
2	srv-2020-03-28-08.pixel.parsely.com	www.ocregister.com
2	www.google.de	www.ocregister.com
2	stats.g.doubleclick.net	2 redirects
2	d1z2jf7jlzjs58.cloudfront.net	www.ocregister.com d1z2jf7jlzjs58.cloudfront.net
2	www.googletagmanager.com	www.ocregister.com
2	www.googletagservices.com	www.ocregister.com securepubads.g.doubleclick.net
2	static.chartbeat.com	www.ocregister.com
2	ajax.googleapis.com	www.ocregister.com projects.ocregister.com
1	ping.chartbeat.net
1	js-agent.newrelic.com	www.ocregister.com
1	spreadsheets.google.com	projects.ocregister.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	static.criteo.net	js-sec.indexww.com
1	cx.atdmt.com	www.ocregister.com
1	pixel.quantserve.com	www.ocregister.com
1	pixel.wp.com	www.ocregister.com
1	rules.quantcount.com	secure.quantserve.com
1	srv-2020-03-28-08.config.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	paywall-ad-bucket.s3.amazonaws.com	www.ocregister.com
1	api-mg2.db-ip.com	ajax.googleapis.com
1	d1wa9546y9kg0n.cloudfront.net	www.ocregister.com
1	scripts.webcontentassessor.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	ocregister.disqus.com	www.ocregister.com
1	disqus.com	1 redirects
1	g2insights-cdn.azureedge.net	ajax.googleapis.com
1	fp-cdn.azureedge.net	ajax.googleapis.com
1	az416426.vo.msecnd.net	www.ocregister.com
1	mab.chartbeat.com	static.chartbeat.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	loader-cdn.azureedge.net	ajax.googleapis.com
1	stats.wp.com	www.ocregister.com
1	imasdk.googleapis.com	www.ocregister.com
1	s.ntv.io	www.ocregister.com
1	scng-dash.digitalfirstmedia.com	www.ocregister.com
1	js-sec.indexww.com	www.ocregister.com
1	cdn.blueconic.net	www.ocregister.com
1	fonts.googleapis.com	www.ocregister.com
1	ocregister.com	1 redirects
172	64

This site contains links to these domains. Also see Links.

Domain
comicskingdom.com
puzzles.comicskingdom.com
obits.ocregister.com
adportal.ocregister.com
checkout.ocregister.com
myaccount.ocregister.com
facebook.com
twitter.com
instagram.com
www.socalnewsgroup.com
www.digitalfirstmedia.com
careers-digitalfirstmedia.icims.com
socalnewsgroup.mybrightsites.com
marketplace.ocregister.com
careers.socalnewsgroup.com
www.socalhomes.online
topworkplaces.com
ocregister.ca.newsmemory.com
advertising.scng.com
ads.scng.com
www.scngapps.com
ocregister.mycapture.com
www.thecannifornian.com
www.medianewsgroup.com
vip.wordpress.com

Subject Issuer	Validity	Valid
ocregister.com Let's Encrypt Authority X3	`2020-03-24` - `2020-06-22`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
dfm.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-13` - `2021-02-13`	a year	crt.sh
scng-dash.digitalfirstmedia.com Let's Encrypt Authority X3	`2020-03-23` - `2020-06-21`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2020-03-18` - `2022-03-18`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-18` - `2020-08-07`	6 months	crt.sh
projects.dailynews.com Go Daddy Secure Certificate Authority - G2	`2019-11-11` - `2022-01-10`	2 years	crt.sh
sni9642gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-07-26` - `2020-07-30`	2 years	crt.sh
sni1ad09gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-11-22` - `2021-12-01`	2 years	crt.sh
sni1ad03gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-11-22` - `2021-12-01`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
k3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-27` - `2021-01-13`	10 months	crt.sh
ac.realvu.net Amazon	`2020-03-27` - `2021-04-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2020-03-20` - `2021-03-20`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-18` - `2020-10-09`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.config.parsely.com Amazon	`2020-01-28` - `2021-02-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2020-06-03`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-01-31` - `2020-04-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.icons8.com COMODO RSA Domain Validation Secure Server CA	`2018-02-26` - `2020-05-26`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-26` - `2021-03-18`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
dc.services.visualstudio.com Microsoft IT TLS CA 5	`2020-03-17` - `2022-03-17`	2 years	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 13 frames:

Primary Page: https://www.ocregister.com/
Frame ID: D5FCDDB3AF97138CA6AC0625BA87109E
Requests: 138 HTTP requests in this frame

Frame: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
Frame ID: 731C90F641EBC379F5915BC4CEAC4E6E
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&co=aHR0cHM6Ly93d3cub2NyZWdpc3Rlci5jb206NDQz&hl=en&type=image&v=P6KLRNy7h3K160ZmYNUOAce7&theme=light&size=normal&cb=99ji8zwoweot
Frame ID: 93DBC92F5C2D2FC4C301F4DA8CE60E75
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=P6KLRNy7h3K160ZmYNUOAce7&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&cb=dxu1mwo6dgxr
Frame ID: 6F884EE7BC3A5E24508E91DCE784BD4A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js
Frame ID: 147875F8563CF68E207C02757802B3C1
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js
Frame ID: C8D84BFF441FE3FFD873C26F62924D50
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: B2D56462D11421977B28D4870B1BB2B7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js
Frame ID: A91CA347431F2A4F034BA8DB396A0123
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: BF1D10A34A4CF50FBCFDB62E430531A0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: D9AA9B3DABB4B4016452ED6B341B3BC3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: BAE4BBF96C28C5814306EBB500021471
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: DD1BBE75A24B8F646A0E17CEE4021AA5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A800374CFABA50A608A4F6D6F446E79C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ocregister.com/ HTTP 301
https://www.ocregister.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

172
Requests

100 %
HTTPS

40 %
IPv6

44
Domains

64
Subdomains

54
IPs

8
Countries

3201 kB
Transfer

10354 kB
Size

18
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://comicskingdom.com/?utm_source=dfm
Title: Comics

Search URL Search Domain Scan URL

URL: http://puzzles.comicskingdom.com/?utm_source=dfm
Title: Puzzles

Search URL Search Domain Scan URL

URL: http://obits.ocregister.com/obituaries/orangecounty/
Title: Obits

Search URL Search Domain Scan URL

URL: https://adportal.ocregister.com/lang-adportal/ocr-obits/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://checkout.ocregister.com/?g2i_source=nav&g2i_medium=link&g2i_campaign=MG2NAV
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/access.aspx?premium=Y&product=eEditionOCR
Title: E-edition

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/
Title: Subscribe + Subscriber Services

Search URL Search Domain Scan URL

URL: https://checkout.ocregister.com/vertLanding
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://facebook.com/ocregister
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ocregister
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/ocregister
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.socalnewsgroup.com/about-scng-1/
Title: Southern California News Group

Search URL Search Domain Scan URL

URL: http://www.digitalfirstmedia.com/
Title: MediaNews Group

Search URL Search Domain Scan URL

URL: https://careers-digitalfirstmedia.icims.com/
Title: Work With Us

Search URL Search Domain Scan URL

URL: https://socalnewsgroup.mybrightsites.com/
Title: Company Store

Search URL Search Domain Scan URL

URL: http://marketplace.ocregister.com/ocr
Title: Classified

Search URL Search Domain Scan URL

URL: https://careers.socalnewsgroup.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: http://www.socalhomes.online/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://topworkplaces.com/publication/ocregister/
Title: Top Workplaces

Search URL Search Domain Scan URL

URL: http://ocregister.ca.newsmemory.com/marketplace.php
Title: Local Ads

Search URL Search Domain Scan URL

URL: http://ocregister.ca.newsmemory.com/ssindex.php
Title: Special Sections

Search URL Search Domain Scan URL

URL: https://www.digitalfirstmedia.com/advertise-with-us/
Title: MediaNews Group Advertising

Search URL Search Domain Scan URL

URL: https://adportal.ocregister.com/lang-adportal/ocr-classified/index.html
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: http://advertising.scng.com/orange-county-register-media-kit-center
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://ads.scng.com/adtaxi19/mediakits/ocr
Title: Political Media Kit

Search URL Search Domain Scan URL

URL: https://advertising.scng.com/southern-ca-advertising-scng-ad-inquiry-orange-county-register
Title: Advertising Inquiry

Search URL Search Domain Scan URL

URL: http://www.scngapps.com/
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: http://ocregister.ca.newsmemory.com/
Title: E-edition

Search URL Search Domain Scan URL

URL: http://ocregister.mycapture.com/mycapture/photoRequestForm.asp
Title: Photo Reprints

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/MembershipReward.aspx
Title: Reader Rewards

Search URL Search Domain Scan URL

URL: http://www.thecannifornian.com/
Title: The Cannifornian

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/copyright/
Title: Copyright © 2020 MediaNews Group, Inc.

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: http://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

URL: http://www.socalnewsgroup.com/
Title: Southern California News Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ocregister.com/ HTTP 301
https://www.ocregister.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://disqus.com/forums/ocregister/count.js HTTP 302
https://ocregister.disqus.com/count.js

Request Chain 54

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1585385900733&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1585385900733&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9=

Request Chain 55

https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1954787598595.2224;v=120 HTTP 302
https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1954787598595.2224;v=120;ip=85.159.237.66;cuidchk=1

Request Chain 56

https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=1971194702801.5442;v=120 HTTP 302
https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=1971194702801.5442;v=120;ip=85.159.237.66;cuidchk=1

Request Chain 73

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-61435456-15&cid=533601671.1585385901&jid=1288030033&gjid=675901019&_gid=1149994838.1585385901&_u=aGBAgEAjQ~&z=1907237929 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1288030033&_v=j81&z=1907237929 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1288030033&_v=j81&z=1907237929&slf_rd=1&random=1309156173

Request Chain 89

https://www.facebook.com/tr/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2Fwww.ocregister.com%2F&rl=&if=false&ts=1585385901133&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585385900947.439875893&it=1585385900812&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=2234805277309152420&f=AYz_ldSoP8KDoer7Qd5PTKxQ-hBLBU76Mv7Pr9coEHgpayB3mSIAlFQ0Lif-05DNCWN0xVx2nEfvJPZ07pV0ca-h&id=1401480206566122&l=3&v=0

Request Chain 121

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1373473045&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=BlueConic&ea=BlueConic&el=d6964377-d61e-4df2-8092-fd163cbff9a7&_u=aGDACEAjR~&jid=1731753813&gjid=957885178&cid=533601671.1585385901&tid=UA-61435456-15&_gid=1149994838.1585385901&_r=1&gtm=2wg3i0TLFP4R&cd2=ocregister.com&cd3=ocregister.com&cd8=&cd9=no&cd10=home&cd11=5.3.2&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fwww.ocregister.com%2F&cd24=home&cd25=SCNG&cd27=Home&cd28=https%3A%2F%2Fwww.ocregister.com%2F&cd29=Home&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=LANewsGroup&cd34=true&cd35=Orange%20County%20Register%2C%20Orange%20County%20News%2C%20Orange%20County%20Sports&cd50=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd51=&cd125=d6964377-d61e-4df2-8092-fd163cbff9a7&cd126=PERSONAL&cd127=DP%20Non-Subscribers%7Cextras.mercurynews%20non-subscribers%7CSCNG%20-%20Channel%20visited%7CBANG%20Non-Subscribers%7CVisitors%20not%20in%20segment%20%22bv%20data%20exports%22%7C%5BBlueConic%20Dev%5D%20Anonymous%20Profiles%20not%20modified%20in%20last%20365%20days%7CEngagement%20Score%3A%7CVisitors%20not%20in%20segment%20%22BANG%20confirmation%20number%20true%22%7ClastModified_s3bucketDelta%7CAllvisitorslast7%7CVariants%20Viewed%20Distribution%7CAll%20Visitors%7CTwin%20Cities%20Non-Subscribers%7C%5BBC%20Dev%5D%20Anonymous%20Profiles%7C%5BBC%20DEV%5D%20BlueConic%20Test%20User&cd129=0&cd135=low&cd136=0&cd137=https%3A%2F%2Fwww.ocregister.com%2F&cd138=1585385900844&cd145=web&cd146=https%3A%2F%2Fwww.ocregister.com%2F&cd147=www.ocregister.com&cd151=1&cd154=1585385901543&cd165=(not%20set)&cd166=(not%20set)&cd167=(not%20set)&cd53=533601671.1585385901&z=1670515833 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61435456-15&cid=533601671.1585385901&jid=1731753813&_gid=1149994838.1585385901&gjid=957885178&_v=j81&z=1670515833 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1731753813&_v=j81&z=1670515833 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1731753813&_v=j81&z=1670515833&slf_rd=1&random=1649950239

172 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ocregister.com/
Redirect Chain

https://ocregister.com/
https://www.ocregister.com/

292 KB
53 KB

14ms
13ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress.com VIP <https://wpvip.com>

Resource Hash

29ea35b9076f7089f1d5e90e698c4a929a900d3019bf01b76cb1cd0a7060f9be

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Request headers

:method: GET
:authority: www.ocregister.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
server: nginx
date: Sat, 28 Mar 2020 08:58:20 GMT
content-type: text/html; charset=UTF-8
content-length: 54279
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress.com VIP <https://wpvip.com>
link: <https://www.ocregister.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/8Ac4j>; rel=shortlink
content-encoding: gzip
x-rq: ams2 87 131 3279
cache-control: max-age=300, must-revalidate
age: 946
x-cache: hit
vary: Accept-Encoding
accept-ranges: bytes

Redirect headers

status: 301
server: nginx
date: Sat, 28 Mar 2020 08:58:20 GMT
content-type: text/html; charset=UTF-8
content-length: 0
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress.com VIP <https://wpvip.com>
x-redirect-by: WordPress
location: https://www.ocregister.com/
x-rq: ams2 87 178 3138
cache-control: max-age=300, must-revalidate
age: 0
x-cache: miss

GET
H2 200 /
www.ocregister.com/_static/ 46 KB
8 KB 16ms
14ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/_static/??-eJyFkOsKwjAMhV/IGpwo/hHxUbo0zmAvo8mQvb3RCV7w8qvpSc6XcODcO84Yh0ACKAKBRaGNBU8uclt9HUF0jDRPnOc2MANzYMlKWaGPQ8fZTIfkclE+MHrlku+od/UvQ+sgaveEq6NUsdXmxBvtvfcTZlLvq1Acn8qv08JK7uVTsFJnSVB9PkFMpfxxMUa2x6XhwakI+yDgRUinQFJpOZLz4UhiebgpWOvs0nax2qyWzaZp1hdvgJfu
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a9bd9043e12b5357de4390c035d2f64663063b87172358d30c5c0dec78ea379

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 89 84 3227
last-modified: Fri, 27 Mar 2020 16:57:10 GMT
server: nginx
age: 51987
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7656

GET
H2 200 css
fonts.googleapis.com/ 3 KB
998 B 29ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.3.2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75c01ef77d8d1d0bf70a51fccd15a0c230b1b4ef712a56bd87d5c23c0ecfc7d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Mar 2020 08:58:20 GMT
server: ESF
date: Sat, 28 Mar 2020 08:58:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H2 200 jetpack.css
www.ocregister.com/wp-content/mu-plugins/jetpack/css/ 70 KB
13 KB 16ms
14ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/wp-content/mu-plugins/jetpack/css/jetpack.css?m=1583439485g
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9dd1db00ed32d1cf4187f2ae448791d5c1f1478521cf9fa6ac2c63d65f0c6cfe

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 89 84 3227
last-modified: Thu, 05 Mar 2020 20:18:07 GMT
server: nginx
age: 1398917
etag: W/"5e615e7f-1188d"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12913
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 22 Jan 2020 05:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5713752
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Jan 2021 05:49:08 GMT

GET
H2 200 / Show response
www.ocregister.com/_static/ 8 KB
2 KB 18ms
16ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1k9M0c1JrEwtKtbPQuLopqQV6GUV6+gTrQOo2j7X1tDUxNjMzNjcwiwLAKw5Jsg=
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 89 84 3227
last-modified: Thu, 13 Dec 2018 23:27:20 GMT
server: nginx
age: 92561
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2421

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.7.0/ 34 KB
12 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.7.0/firebase-app.js?ver=5.3.2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c16b5e0a7baf923398f1a497be1d4cd389abd3352b5e148eaa24354fb6a66a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 13 Mar 2020 20:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 01:03:40 GMT
server: sffe
age: 1253902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 12419
x-xss-protection: 0
expires: Sat, 13 Mar 2021 20:39:58 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.7.0/ 35 KB
10 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.7.0/firebase-messaging.js?ver=5.3.2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 13 Mar 2020 20:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 01:03:41 GMT
server: sffe
age: 1253902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10096
x-xss-protection: 0
expires: Sat, 13 Mar 2021 20:39:58 GMT

GET
H2 200 / Show response
www.ocregister.com/_static/ 6 KB
2 KB 18ms
16ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/_static/??/wp-content/plugins/dfm-notifications/js/webpush.js,/wp-content/plugins/site-plugins/site-ocregister/static/js/site-ocr.min.js?m=1556829515j
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 58cc50f68c91d8bf425adf77d5b3d0d8cc59b68d8080cd4c7fadf8273d6ed4cf

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 87 48 3219
last-modified: Sat, 07 Mar 2020 20:09:03 GMT
server: nginx
age: 92561
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2009

GET
H2 200 digitalfirstmedia.js Show response
cdn.blueconic.net/ 128 KB
39 KB 110ms
43ms Script
text/javascript 143.204.202.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/digitalfirstmedia.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.202.102 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-102.fra53.r.cloudfront.net

Software

- /

Resource Hash

11aea2464b347a9f139a6d4c4df4e31cdf650b3bdcd699002b72db4ee5bf5c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 451
x-cache: Hit from cloudfront
status: 200
content-length: 39047
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Mar 2020 23:27:10 GMT
server: -
etag: "1fe55-5a1ca52f4f038-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: vWq5OpTrd_rr0VQOZjdexrHrJaNLm3jWf6xcvJz-be0PMdIY_mwMuA==

GET
H2 200 loader.min.js Show response
www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/ 13 KB
5 KB 19ms
17ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 995cfee51888bf45da433851cde23b72297a5b39b1bb2f745193c073e12e6381

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 87 48 3219
last-modified: Sat, 07 Mar 2020 20:09:02 GMT
server: nginx
age: 1401066
etag: W/"5e63ff5e-358f"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4888
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 19ms
6ms Script
application/x-javascript 2600:9000:2057:4200:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4200:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 07:17:01 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 6079
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: DxNUQ9FtvExo-gqXbCt08G1B7kNP7S7hp5mUAogQDXicmIbS5X78KQ==
via: 1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
expires: Sat, 28 Mar 2020 09:17:01 GMT

GET
H/1.1 200
OK 185707-192819229389900.js Show response
js-sec.indexww.com/ht/p/ 143 KB
40 KB 772ms
729ms Script
text/javascript 95.101.185.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.185.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-185-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0cf461eb6ba9d98e96a5e7303fa79f97d789b552d6fc2da9578a21ef581adf4a

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Mar 2020 08:55:28 GMT
Server: Apache
ETag: "9043bd-23dd7-5a1e66131caf0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3558
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 40131
Expires: Sat, 28 Mar 2020 09:57:39 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 44 KB
15 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e421ae0eb93b48b5f543fde39a6fd026d7fb7922e362c16a6e044616624c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "469 / 59 of 1000 / last-modified: 1585081309"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14727
x-xss-protection: 0
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H2 200 boldcoastal.1d6f3117a458d86d7bdf.css
assets.digitalfirstmedia.com/prod/static/css/ 388 KB
89 KB 288ms
287ms Stylesheet
text/css 151.101.13.53
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.digitalfirstmedia.com/prod/static/css/boldcoastal.1d6f3117a458d86d7bdf.css
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.53 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 3403ab128f3101090be315ceca0b48db89d5e6968d142df2afe694980011854c

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
age: 117
x-cache: HIT, HIT
status: 200
content-length: 90894
x-served-by: cache-den19625-DEN, cache-fra19169-FRA
last-modified: Fri, 13 Mar 2020 19:14:39 GMT
server: Apache
x-timer: S1585385901.604499,VS0,VE265
etag: "60ff8-5a0c147f5c054"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 wp-emoji-release.min.js Show response
www.ocregister.com/wp-includes/js/ 14 KB
5 KB 15ms
14ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 87 231 3086
last-modified: Wed, 18 Dec 2019 23:16:39 GMT
server: nginx
age: 1396899
etag: W/"5dfab357-362a"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4666
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H2 200 oc-register-logo-376x79.svg
www.ocregister.com/wp-content/uploads/2017/09/ 7 KB
3 KB 14ms
13ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocregister.com/wp-content/uploads/2017/09/oc-register-logo-376x79.svg
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: df045e008100880eac4a1075503b080e9025059072bfd9d3555dc6995a415571

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 98 131 443
last-modified: Wed, 27 Sep 2017 18:04:08 GMT
server: nginx
etag: W/"6ee48065e4ae2c81"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
status: 200
cache-control: max-age=2592000
expires: Sat, 23 Jan 2021 12:31:21 GMT

GET
H2 200 corona_banner2.png
scng-dash.digitalfirstmedia.com/wp-content/uploads/2020/03/ 72 KB
72 KB 58ms
23ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scng-dash.digitalfirstmedia.com/wp-content/uploads/2020/03/corona_banner2.png
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3baefb1f1d318071050003b74da20dd6ff4d657856202b90e9b88be2e560e8e1

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
x-rq: ams2 109 84 443
last-modified: Thu, 19 Mar 2020 23:07:36 GMT
server: nginx
etag: "e577da20446416d2"
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 73476
expires: Fri, 19 Mar 2021 23:35:36 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
548 B 19ms
17ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en_US

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

beb58d113da73001dfcbbb97b0e041c737361f1ae0050e6c60c96c14d69a46a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 447
x-xss-protection: 1; mode=block
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H2 200 loading.gif
www.ocregister.com/wp-content/mu-plugins/jetpack/modules/sharedaddy/images/ 2 KB
3 KB 15ms
14ms Image
image/gif 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocregister.com/wp-content/mu-plugins/jetpack/modules/sharedaddy/images/loading.gif
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
x-rq: ams2 87 194 3269
last-modified: Thu, 06 Jun 2019 20:32:23 GMT
server: nginx
age: 1398916
etag: "5cf97857-9e2"
x-cache: hit
content-type: image/gif
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2530
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H2 200 / Show response
www.ocregister.com/_static/ 18 KB
8 KB 14ms
13ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/_static/??-eJyNy0EKgCAQAMAPlUtY1iV6S5TViq6ia5Gvj6AHdB0YuEK9eGJNDMHmHSlBODx72tBaODWtPkLAhXPULwmHJEyq4Fe0c7kTFp2+Nrmx6VqplOwHZR7pQy6u
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 89 104 3250
last-modified: Wed, 25 Mar 2020 22:49:58 GMT
server: nginx
age: 92561
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7899

GET
H2 200 ads.js Show response
www.ocregister.com/wp-content/themes/wp-mason/static/js/ 87 B
184 B 13ms
13ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
x-rq: ams2 91 202 3196
last-modified: Fri, 31 May 2019 21:09:08 GMT
server: nginx
age: 1398916
etag: "5cf197f4-57"
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H2 200 common.1d6f3117a458d86d7bdf.chunk.min.js Show response
assets.digitalfirstmedia.com/prod/static/js/ 45 KB
12 KB 70ms
20ms Script
application/javascript 151.101.13.53
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.digitalfirstmedia.com/prod/static/js/common.1d6f3117a458d86d7bdf.chunk.min.js?ver=1.0
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.53 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 31e07f44d0408b73520a2fd47ebf1442ef363654793b9027ad6562fb7de1cbf8

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
age: 221
x-cache: HIT, HIT
status: 200
content-length: 11811
x-served-by: cache-den19624-DEN, cache-fra19169-FRA
last-modified: Fri, 13 Mar 2020 19:14:39 GMT
server: Apache
x-timer: S1585385901.586242,VS0,VE0
etag: "b5cd-5a0c147f5c054"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 58, 1

GET
H2 200 boldcoastal.1d6f3117a458d86d7bdf.min.js Show response
assets.digitalfirstmedia.com/prod/static/js/ 52 KB
16 KB 284ms
283ms Script
application/javascript 151.101.13.53
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.digitalfirstmedia.com/prod/static/js/boldcoastal.1d6f3117a458d86d7bdf.min.js?ver=1.0
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.53 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 03af56a50b6ebd95a2b569186046a2173d25fa0d2967b1b4709e310d00b1f7b8

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
age: 519
x-cache: HIT, HIT
status: 200
content-length: 16533
x-served-by: cache-den19627-DEN, cache-fra19169-FRA
last-modified: Fri, 13 Mar 2020 19:14:39 GMT
server: Apache
x-timer: S1585385901.604093,VS0,VE264
etag: "cf47-5a0c147f5c054"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 global.min.js Show response
www.ocregister.com/wp-content/themes/wp-mason/static/js/ 1 KB
758 B 15ms
13ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/wp-content/themes/wp-mason/static/js/global.min.js?m=1576010162g
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e192beae0933b0038f4437b76b55d7b6ea5a1b2f05a95c2e399c139180a880e1

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 87 131 3279
last-modified: Tue, 10 Dec 2019 20:36:02 GMT
server: nginx
age: 1401065
etag: W/"5df001b2-4e5"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 669
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 309 KB
91 KB 197ms
46ms Script
application/x-javascript 95.101.185.135
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.185.135 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-185-135.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ede7269398b226911a34277c26e4553f6b1247f826642265203d2c27346f7a31

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:20 GMT
Content-Encoding: gzip
x-amz-request-id: 834FACC70C236486
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: vuLq4R8Q2x6MlRXj8loUx0Y1awvS3Jwq0yKFeFvCDIzMzIpnX9grZtI32rlT1VmWYLfI2bv4YUo=
Last-Modified: Tue, 24 Mar 2020 22:21:22 GMT
Server: AmazonS3
ETag: "de332efda37ea8a7df008ee9f00c21d5"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 264 KB
90 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dc7898ac7cdc6eb727823fbaccc51c6aa405abfef6a70a37a4b9778f6bc569f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 91713
x-xss-protection: 0
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H2 200 wp-embed.min.js Show response
www.ocregister.com/wp-includes/js/ 1 KB
837 B 15ms
14ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ocregister.com/wp-includes/js/wp-embed.min.js?m=1576710999g
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-rq: ams2 86 177 3274
last-modified: Wed, 18 Dec 2019 23:16:33 GMT
server: nginx
age: 1398916
etag: W/"5dfab351-577"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 740
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H2 200 e-202013.js Show response
stats.wp.com/ 9 KB
3 KB 39ms
13ms Script
application/x-javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202013.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 17 Jan 2021 08:36:06 GMT

POST
H2 200 json Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 65 KB
11 KB 392ms
183ms XHR
application/json 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2020-03-28T09%3A58%3A20%2B01%3A00&ts=1585385900589

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

8fb736731d4b9f314989458fcc858ec8beae28a22e7f7fed5f10dde55027c15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 10660
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 loader-config.json Show response
loader-cdn.azureedge.net/prod/mng/ 877 B
828 B 49ms
7ms XHR
application/json 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/mng/loader-config.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F2A) /
Resource Hash: 5b8d88fa91e1fe5000528d4ee6fae7c81d81c65e57c329401b1581cc3aade867

Request headers

Accept: */*
Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
content-md5: 2Q1IE4U1pFG/06BB2PwkcQ==
age: 409638
x-cache: HIT
status: 200
content-length: 404
x-ms-lease-status: unlocked
last-modified: Mon, 23 Mar 2020 13:05:23 GMT
server: ECAcc (frc/8F2A)
etag: 0x8D7CF2AD9127514
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8dd7013a-001e-0044-7925-01fa13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 87 KB
25 KB 87ms
47ms Script
application/javascript 143.204.213.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: Server /
Resource Hash: ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 21:53:51 GMT
content-encoding: gzip
server: Server
age: 39868
etag: 1dcfbf3986ee8b9c3abbc67eb808ab43
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: HQujBHKcv2lXhbW04jqQHe7ESPO2EiCnKNG0JgMZLZY7M7JGw2mIGQ==
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 520 KB
52 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78df7458b54163c90f1565f000ada53425d6efc80a4d018956d4598236f8b751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 52669
x-xss-protection: 0
last-modified: Sat, 28 Mar 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 28ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ocregister.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
839 B 29ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ocregister.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 168 KB
62 KB 68ms
27ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62957
x-xss-protection: 0
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.3.2
Origin: https://www.ocregister.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 03:39:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:00:07 GMT
server: sffe
age: 3215952
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11236
x-xss-protection: 0
expires: Fri, 19 Feb 2021 03:39:08 GMT

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Origin: https://www.ocregister.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.3.2
Origin: https://www.ocregister.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 04:10:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
age: 3214085
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11396
x-xss-protection: 0
expires: Fri, 19 Feb 2021 04:10:15 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 159 B
448 B 21ms
5ms XHR
application/json 2a04:4e42:1b::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=ocregister.com&domain=ocregister.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ebe20f1880d82161778aae30a95b58a7d868f83494e04b10f1e59bffb8f52e41

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
age: 1718
x-cache: HIT
status: 200
x-cache-hits: 1
content-length: 127
x-served-by: cache-hhn4066-HHN
access-control-allow-origin: *
x-timer: S1585385901.630706,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Thu, 26 Mar 2020 08:29:42 GMT

GET
H/1.1 200
OK Cookie set / Show response
projects.ocregister.com/extras/embeds/2020/coronavirus/ Frame 731C 3 KB
3 KB 895ms
133ms Document
text/html 63.147.64.74
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.147.64.74 Waldorf, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software: Apache / PHP/7.1.33
Resource Hash: 26bc3cbed51cc9ff3df5e6fccfbc5851af067bef7a6adbbf3b15c94c588453d6

Request headers

Host: projects.ocregister.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Referer: https://www.ocregister.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Server: Apache
X-Powered-By: PHP/7.1.33
Access-Control-Allow-Origin: *
Content-Length: 2974
Connection: close
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Set-Cookie: sto-id-LANGWEB-SSL=EKBBJEAK; Expires=Sun, 29-Mar-2020 08:58:21 GMT; Path=/

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwGtT0rU.woff2
fonts.gstatic.com/s/droidserif/v12/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v12/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwGtT0rU.woff2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6663a15ba588e2aefc9628eaa5755e740f7a31c3caff63430d14248f53281ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.3.2
Origin: https://www.ocregister.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 03:10:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:54:03 GMT
server: sffe
age: 3217656
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13096
x-xss-protection: 0
expires: Fri, 19 Feb 2021 03:10:44 GMT

GET
H2 200 tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSGjW7BA.woff2
fonts.gstatic.com/s/droidserif/v12/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v12/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSGjW7BA.woff2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd70270858a126679ef84740f47b37a51dc9bfb21598961b3a872a4d7046a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.3.2
Origin: https://www.ocregister.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 03:04:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:32:42 GMT
server: sffe
age: 2786003
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13992
x-xss-protection: 0
expires: Wed, 24 Feb 2021 03:04:57 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 53ms
13ms Script
application/x-javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AAA) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 725
x-cache: HIT
status: 200
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Tue, 04 Feb 2020 19:23:51 GMT
server: ECAcc (ama/8AAA)
etag: 0x8D7A9A7C460F06C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f127abeb-401e-011e-39dd-04785c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/mng/ 291 KB
76 KB 95ms
8ms XHR
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/mng/t8y9347t.min.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F2B) /
Resource Hash: 5bf5bcdc6cf95428cfba64375b54f6b95d050164fc6f2f6c58fdbb5cde7a05bc

Request headers

Accept: */*
Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
content-md5: SlSnxj9Te7vM/5G49g0YIg==
age: 26267
x-cache: HIT
status: 200
content-length: 77250
x-ms-lease-status: unlocked
last-modified: Mon, 16 Mar 2020 09:10:01 GMT
server: ECAcc (frc/8F2B)
etag: 0x8D7C989CF22E33B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cb9a7818-301e-0021-6ca1-044b4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 fp.min.js Show response
fp-cdn.azureedge.net/prod/1.0/ 44 KB
12 KB 28ms
8ms XHR
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp-cdn.azureedge.net/prod/1.0/fp.min.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F66) /
Resource Hash: f563b310dd7962997c0fcda0bdf991153c655ed93b29d1797ab7058e6494445f

Request headers

Accept: */*
Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
content-md5: AT5xPtPwE+ifIpHOchENqw==
age: 85236
x-cache: HIT
status: 200
content-length: 12005
x-ms-lease-status: unlocked
last-modified: Mon, 10 Sep 2018 07:59:22 GMT
server: ECAcc (frc/8F66)
etag: 0x8D616F351F0BF5A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5c06a014-f01e-0133-3818-043907000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 g2insights.min.js Show response
g2insights-cdn.azureedge.net/prod/mng/ 130 KB
24 KB 36ms
7ms XHR
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2insights-cdn.azureedge.net/prod/mng/g2insights.min.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F3A) /
Resource Hash: a51b9344eeedd9867f68a4592e139dd598ae2bd7f6f00e11bfa1d05462d3c6f8

Request headers

Accept: */*
Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
content-md5: 8xUqXzCSihulZI9ZOuguLA==
age: 28525
x-cache: HIT
status: 200
content-length: 24233
x-ms-lease-status: unlocked
last-modified: Mon, 23 Mar 2020 13:04:23 GMT
server: ECAcc (frc/8F3A)
etag: 0x8D7CF2AB55EB0CA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0e03d1d4-501e-0075-1b9c-04a1c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H/1.1

200
OK

count.js Show response
ocregister.disqus.com/
Redirect Chain

https://disqus.com/forums/ocregister/count.js
https://ocregister.disqus.com/count.js

1 KB
1 KB

72ms
20ms

Script
application/javascript

151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ocregister.disqus.com/count.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 28 Mar 2020 08:58:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 904830
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 17 Mar 2020 01:10:10 GMT
Server: nginx
ETag: "5e702372-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

Redirect headers

Location: https://ocregister.disqus.com/count.js
Date: Sat, 28 Mar 2020 08:58:20 GMT
Cache-Control: public, max-age=3600
Server: Varnish
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 6 KB
3 KB 61ms
20ms Script
application/x-javascript 143.204.208.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.228 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-228.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 2f17ab3ac118eeddb8ac29b08b41a35c0a5f6cdb4a94097c69a36569c5e4d87e

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 09:42:20 GMT
Content-Encoding: gzip
Age: 83756
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Mon, 16 Mar 2020 20:58:13 GMT
Server: nginx
ETag: W/"5e6fe865-19d2"
Content-Type: application/x-javascript
Via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: kSzzBaKNf1jpR4MiglzeA4xzaC6xyu7QgByBNksr35uTrocGNklpHw==
Expires: Sat, 28 Mar 2020 09:42:20 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/ 260 KB
93 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2d6fcca7b06d9b949f7f407e9229e0323cb2a75cb6ee4ad35b53e25cf161605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 04:07:14 GMT
server: sffe
age: 404823
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 94799
x-xss-protection: 0
expires: Tue, 23 Mar 2021 16:31:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1488
date: Sat, 28 Mar 2020 08:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Sat, 28 Mar 2020 10:33:32 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 90ms
23ms Script
application/x-javascript 91.228.74.187
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.187 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28-Mar-2020 08:58:20 GMT
Server: QS
Etag: M0-56c8c653
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Sat, 04 Apr 2020 08:58:20 GMT

GET
H2 200 ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f Show response
scripts.webcontentassessor.com/scripts/ 78 KB
25 KB 86ms
25ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ccf67bb23a7b3eb248d90791c53f9986df5aca3893225e6650c5da2fc2b4826

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
age: 612
x-cache: HIT
status: 200
content-length: 24975
x-amz-id-2: zjfx0K9AhRVk7TuuA+8kaz6W/rkEMB7ijMJeoLXs7nkp0RgyEqIoqQd8xeuolHSNyCis9mcTKKs=
x-served-by: cache-hhn4056-HHN
last-modified: Sat, 28 Mar 2020 08:47:46 GMT
server: AmazonS3
x-timer: S1585385901.807934,VS0,VE1
etag: "c4213cc19992446ccafd927c1c5a1bc8"
vary: Accept-Encoding
x-amz-request-id: 2A81651FD25803BE
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H/1.1 200
OK c=E5X8_f=site_si=1385 Show response
pr.realvu.net/flip/2/ 22 KB
9 KB 431ms
106ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=1385
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e1f4313af62f95dc370551eeb6bb032b7be8c8ed9cb0b8ae02dda007801c51d6

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=21600
Connection: keep-alive
Content-Length: 9389
X-Proxy-Cache: BYPASS

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: /3BmZrQQQPy5SOSRntSbihgIFGM11CWdwwxuAm+BFcxZjsb6uYiZ7/K6Bi632mVlugyEvdY7hwHLrwn0Gkf0Cg==
x-fb-trip-id: 1850256238
date: Sat, 28 Mar 2020 08:58:20 GMT, Sat, 28 Mar 2020 08:58:20 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1585385900733&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregiste...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1585385900733&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregist...

0
248 B

26ms
26ms

Image
text/plain

23.45.99.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1585385900733&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9=
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.99.242 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-99-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Mar 2020 08:58:20 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1585385900733&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9=
Pragma: no-cache
Date: Sat, 28 Mar 2020 08:58:20 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1954787598595.2224;v=120;ip=85.159.237.66;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1954787598595.2224;v=120
https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1954787598595.2224;v=120;ip=85.159.237.66;cuidchk=1

42 B
758 B

110ms
110ms

Image
image/gif

34.230.135.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1954787598595.2224;v=120;ip=85.159.237.66;cuidchk=1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.230.135.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-135-71.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Mar 2020 08:58:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=6403;g=ocr_formers_mar-2020_1;gid=23627;ord=1954787598595.2224;v=120;ip=85.159.237.66;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H/1.1

200
OK

ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=1971194702801.5442;v=120;ip=85.159.237.66;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=1971194702801.5442;v=120
https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=1971194702801.5442;v=120;ip=85.159.237.66;cuidchk=1

42 B
758 B

107ms
106ms

Image
image/gif

34.230.135.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=1971194702801.5442;v=120;ip=85.159.237.66;cuidchk=1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.230.135.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-135-71.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Mar 2020 08:58:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=6401;g=ocr_formers_mar-2020_2;gid=23622;ord=1971194702801.5442;v=120;ip=85.159.237.66;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H2 200 Virus-Outbreak-Crime-1.jpg
www.ocregister.com/wp-content/uploads/2020/03/ 22 KB
23 KB 15ms
14ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocregister.com/wp-content/uploads/2020/03/Virus-Outbreak-Crime-1.jpg?w=466
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: eee221cbc80a91974aa8586d186f394db85dfffe67bebbec50f48b0cbccfc71f

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
x-rq: ams2 109 140 443
last-modified: Fri, 27 Mar 2020 22:55:33 GMT
server: nginx
etag: "3d227fac2f2342f6"
vary: Accept
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22982
expires: Sat, 27 Mar 2021 22:55:33 GMT

GET
H2 200 OCR-L-DEBTORSPRISON-01XX-02-5.jpg
www.ocregister.com/wp-content/uploads/2020/03/ 16 KB
16 KB 19ms
18ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocregister.com/wp-content/uploads/2020/03/OCR-L-DEBTORSPRISON-01XX-02-5.jpg?w=294
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 24df358354a7d99f56df3a0666b234cc07166a404ef23f73dd0c112b297e5366

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
x-rq: ams2 109 139 443
last-modified: Sat, 28 Mar 2020 01:38:44 GMT
server: nginx
etag: "d3d47a7d2e88d3d8"
vary: Accept
x-cache: HIT
content-type: image/webp
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16290
expires: Sun, 28 Mar 2021 01:38:44 GMT

GET
H2 200 TDB-L-VIRUS-MERCY-0328-04BM-2-2.jpg
www.ocregister.com/wp-content/uploads/2020/03/ 12 KB
12 KB 240ms
239ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocregister.com/wp-content/uploads/2020/03/TDB-L-VIRUS-MERCY-0328-04BM-2-2.jpg?w=284
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a650705be45c0734e35d8f22947556b6082c1c6a49f5393b5e0a7104c184e9a1

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
x-rq: ams2 109 196 443
last-modified: Sat, 28 Mar 2020 08:58:20 GMT
server: nginx
etag: "f81c03ed0b8c69b2"
vary: Accept
x-cache: MISS
content-type: image/webp
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12310
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H2 200 OCR-L-CORONAVIRUS-RAPIDTEST-0326-JAG-01-5.jpg
www.ocregister.com/wp-content/uploads/2020/03/ 9 KB
9 KB 310ms
309ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocregister.com/wp-content/uploads/2020/03/OCR-L-CORONAVIRUS-RAPIDTEST-0326-JAG-01-5.jpg?w=278
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ea2b666e9f807f22c36379deec02f5c1574c6aa8c913fa742132b7121a8bac6

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
x-rq: ams2 109 195 443
last-modified: Sat, 28 Mar 2020 08:58:21 GMT
server: nginx
etag: "97108b22aa80b6c7"
vary: Accept
x-cache: MISS
content-type: image/webp
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9232
expires: Sun, 28 Mar 2021 08:58:21 GMT

GET
H2 200 1022-STATUSUPDATE-JWA-1.jpg
www.ocregister.com/wp-content/uploads/2020/03/ 18 KB
18 KB 244ms
243ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocregister.com/wp-content/uploads/2020/03/1022-STATUSUPDATE-JWA-1.jpg?w=296
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d68b3bc76f5dbed345b301eba29332f77221ebcfaf868bbc65200b3c9d8345d8

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
x-rq: ams2 109 27 443
last-modified: Sat, 28 Mar 2020 08:58:20 GMT
server: nginx
etag: "2930f06364623c83"
vary: Accept
x-cache: MISS
content-type: image/webp
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17950
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 94ms
94ms XHR
text/javascript 143.204.213.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.ocregister.com%2F&pid=Tq6uqNd4lMJw1&cb=0&ws=1600x1200&v=7.47.00&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-SBB%22%2C%22s%22%3A%5B%22970x30%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-interstitial%22%2C%22s%22%3A%5B%221x1%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-top_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22970x30%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube1_RRail_ATF%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube2_RRail_mid%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube3_RRail_lower%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube3b_Flex%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube4_BottomLine%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube_Article%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-bottom_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_1%22%2C%22s%22%3A%5B%22300x50%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-mobile_adhesion%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%2C%22728x90%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA53-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: pTzgU8mYhgtBiHsPmlC1z3ejm3DJA9KQonaHUe0xuU4iRXA3Lxecjw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 59ms
21ms XHR
application/javascript 143.204.213.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 06:16:29 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 9712
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 05 Mar 2020 08:28:46 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: oRJ5d0zXz84Uc7C9KGRh81RPtXHg0FQqBrInBfkcKqgfEuhqwHwINA==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
930 B 6ms
5ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1013
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Sat, 28 Mar 2020 09:41:27 GMT

GET
H2 200 2172602973018658 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2172602973018658?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18f64bb5e8e53b96347373c7668ed2eacf8bf1f4db6bbd365f63f3d8163baa0b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114919
x-xss-protection: 0
pragma: public
x-fb-debug: 5PokmObrz2v/sfwIS/lhrogkqmrMdqdOjy7mXFETieawiLhnkdk7iNML9CnRHrPydkhXHLjFDmjHte0y+5uJHQ==
x-fb-trip-id: 1850256238
date: Sat, 28 Mar 2020 08:58:20 GMT, Sat, 28 Mar 2020 08:58:20 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/mng/ 265 KB
26 KB 23ms
6ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/mng/t8y9347t.min.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FD8) /
Resource Hash: 3dc074b7407d481e42e493a031a84cf0e16b56c26f5a77e781134ef2fec68c15

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
content-md5: GZVUr7ok6B22l5/P0CKhDg==
age: 26265
x-cache: HIT
status: 200
content-length: 26218
x-ms-lease-status: unlocked
last-modified: Thu, 17 Oct 2019 07:56:54 GMT
server: ECAcc (frc/8FD8)
etag: 0x8D752D79366A0D7
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 71621e53-601e-00f5-4fa1-04026e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H/1.1 200
OK index.js Show response
d1wa9546y9kg0n.cloudfront.net/ 6 KB
7 KB 116ms
26ms Script
application/x-javascript 143.204.208.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-8.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 11:00:13 GMT
Via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Feb 2016 09:35:10 GMT
Server: AmazonS3
Age: 79088
ETag: "cf67eb51479caf3b57c3577a08b6a038"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6494
X-Amz-Cf-Id: MquLYMc9lo3bF4O6nfeiHtf6p8CZLDZAnwMDGhzvrL8oiEufhakA1A==

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 590 B
614 B 262ms
230ms XHR
application/json 104.26.5.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f431e684b69f91da09f19db3bbb3a5994a2b07e175012d10a74e47078d4419

Request headers

Accept: */*
Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 57b026187a147233-AMS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
27 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e117682afe7e4639c5f11b123412a186ddadb178981905286d40ec8d34095bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27083
x-xss-protection: 0
last-modified: Sat, 28 Mar 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 413ms
111ms Image
image/jpeg 52.216.29.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.29.148 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 28 Mar 2020 08:58:22 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: C17DB72D22FAD8EF
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: 0t768/IkQ3BhFYCyb5H4t0ajquNQseDjyjtkAIsO65SswmfbLKfOXutUFg2Azb9HHTEWDHsOb30=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 61 KB
23 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MHF7NT7&t=gtm21&cid=533601671.1585385901

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cad7c053474b32e689b24cea20b1af1acfa71885a9120949ce221c31ab774350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23233
x-xss-protection: 0
last-modified: Sat, 28 Mar 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
102 B 6ms
6ms Image
image/gif 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1373473045&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEAjQ~&jid=1288030033&gjid=675901019&cid=533601671.1585385901&tid=UA-61435456-15&_gid=1149994838.1585385901&gtm=2wg3i0TLFP4R&cd2=ocregister.com&cd3=ocregister.com&cd8=&cd9=no&cd10=home&cd11=5.3.2&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fwww.ocregister.com%2F&cd24=home&cd25=SCNG&cd27=Home&cd28=https%3A%2F%2Fwww.ocregister.com%2F&cd29=Home&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=LANewsGroup&cd34=true&cd35=Orange%20County%20Register%2C%20Orange%20County%20News%2C%20Orange%20County%20Sports&cd50=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd51=&cd165=(not%20set)&cd166=(not%20set)&cd167=(not%20set)&cd53=533601671.1585385901&z=1426794571

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 01:51:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2012822
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-61435456-15&cid=533601671.1585385901&jid=1288030033&gjid=675901019&_gid=1149994838.1585385901&_u=aGBAgEAjQ~&z=1907237929
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1288030033&_v=j81&z=1907237929
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1288030033&_v=j81&z=1907237929&slf_rd=1&random=1309156173

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1288030033&_v=j81&z=1907237929&slf_rd=1&random=1309156173

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1288030033&_v=j81&z=1907237929&slf_rd=1&random=1309156173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ocregister.com Show response
srv-2020-03-28-08.config.parsely.com/config/ 402 B
644 B 400ms
101ms Script
text/javascript 34.205.105.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://srv-2020-03-28-08.config.parsely.com/config/ocregister.com
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.105.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-105-54.compute-1.amazonaws.com
Software: / Express
Resource Hash: f4459a0c7af08c0bba80ea01eb5c18ef260ee962f7bdf4d637bfac1117e2ae8a

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Cache-Control: private, no-cache
Connection: keep-alive
X-Powered-By: Express
ETag: W/"192-/TkL6V44/CybDl7qT9kQsA"
Content-Length: 402
Content-Type: text/javascript; charset=utf-8

GET
H2 200 close_54x54.png
www.ocregister.com/wp-content/client-mu-plugins/src/Ads/assets/img/ 1 KB
1 KB 13ms
13ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ocregister.com/wp-content/client-mu-plugins/src/Ads/assets/img/close_54x54.png
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398

Request headers

Referer: https://www.ocregister.com/_static/??-eJyFkOsKwjAMhV/IGpwo/hHxUbo0zmAvo8mQvb3RCV7w8qvpSc6XcODcO84Yh0ACKAKBRaGNBU8uclt9HUF0jDRPnOc2MANzYMlKWaGPQ8fZTIfkclE+MHrlku+od/UvQ+sgaveEq6NUsdXmxBvtvfcTZlLvq1Acn8qv08JK7uVTsFJnSVB9PkFMpfxxMUa2x6XhwakI+yDgRUinQFJpOZLz4UhiebgpWOvs0nax2qyWzaZp1hdvgJfu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
x-rq: ams2 82 50 3165
last-modified: Wed, 05 Dec 2018 21:08:47 GMT
server: nginx
age: 1398910
etag: "5c083e5f-547"
x-cache: hit
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351
expires: Sun, 28 Mar 2021 08:58:20 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 245 KB
51 KB 533ms
533ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=526331013033165&correlator=4440504315130376&output=ldjh&impl=fifs&adsid=NT&eid=21062889&vrg=2020032302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200328&iu_parts=8013%2Cocregister.com%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C300x50%2C728x90%7C970x90%7C970x250%7C970x30%2C300x250%7C300x600%7C300x1050%7C160x600%2C1280x250%7C728x90%7C970x90%7C970x250%2C300x250%2C1280x250%7C728x90%7C970x50%7C970x250%2C300x250%2C1280x250%7C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x50%2C728x90&prev_scp=POS%3Dinterstitial%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_1%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3Dtop_leaderboard%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube1_RRail_ATF%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_2%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube2_RRail_mid%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_3%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube3_RRail_lower%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_4%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3Dbottom_leaderboard%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_1_mobile%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%7CPOS%3Dmobile_adhesion%26kv%3Dhome%26page%3Dhomepage%26RPN%3D38%26rurl%3D%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1585385900&dt=1585385900918&dlt=1585385900390&idt=368&frm=20&biw=1585&bih=1200&oid=3&adxs=153%2C1133%2C-7%2C1130%2C153%2C153%2C153%2C153%2C153%2C153%2C-9%2C-12245933&adys=177%2C17%2C183%2C306%2C1401%2C1939%2C2221%2C4407%2C4125%2C6472%2C-9%2C-12245933&adks=2781511052%2C2238097746%2C2816711387%2C3360934345%2C1953533326%2C83539257%2C674103539%2C1925924907%2C1953533324%2C3387671098%2C1291767109%2C3387983717&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ocregister.com%2F&dssz=83&icsg=898078374629120&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x97%7C1300x50%7C1280x97%7C304x1062%7C1280x6256%7C1280x250%7C1280x6256%7C1280x250%7C1280x6256%7C1280x6256%7C0x-1%7C728x90&msz=1280x1%7C300x50%7C1600x96%7C300x250%7C1280x250%7C1280x250%7C1280x250%7C1280x250%7C1280x250%7C1280x90%7C0x-1%7C0x0&ga_vid=533601671.1585385901&ga_sid=1585385901&ga_hid=1373473045&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C2%2C132&ohw=1280%2C300%2C1585%2C300%2C1280%2C1280%2C1280%2C1280%2C1280%2C1280%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

0f8e92b18330afc87a0e46215b164ba3fcfb17ba576bd8245ad4f6ab75d5233d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14053903032298222195/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14053903032298222195/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNuf3NvmvOgCFVsa4Aod4EEC8g&gqi=&layout=/sadbundle/%24csp%253Der3%24/14053903032298222195/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17432669769736689529/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17432669769736689529/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyc3NvmvOgCFVsa4Aod4EEC8g&gqi=&layout=/sadbundle/%24csp%253Der3%24/17432669769736689529/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14053903032298222195/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14053903032298222195/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNuf3NvmvOgCFVsa4Aod4EEC8g&gqi=&layout=/sadbundle/%24csp%253Der3%24/14053903032298222195/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17432669769736689529/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17432669769736689529/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyc3NvmvOgCFVsa4Aod4EEC8g&gqi=&layout=/sadbundle/%24csp%253Der3%24/17432669769736689529/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
google-creative-id: -2,-2,138304353534,138306817326,-1,138305212766,-1,138304897825,138307266776,138305199404,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 50888
x-xss-protection: 0
google-lineitem-id: -2,-2,5273214702,5330776926,-1,5319543983,-1,5314312254,5335039602,5317389051,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Sat, 28 Mar 2020 08:58:21 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 27ms
27ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25234
x-xss-protection: 0
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 20ms
7ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 rules-p-4ctCQwtnNBNs2.js Show response
rules.quantcount.com/ 3 B
358 B 21ms
7ms Script
application/x-javascript 2600:9000:214f:b000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-4ctCQwtnNBNs2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:b000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 06:00:01 GMT
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:57:14 GMT
server: AmazonS3
age: 10700
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: zGDslSO_ANjt03HBW-07lHFQyHWixLlX5Jsq5jmFHJ3ljAhqlBf02w==

GET
H2 200 1401480206566122 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1401480206566122?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28d6d7ef56c6c231fa7d4d779564035095e3df5436beb09dc1359775d9318ebe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 115038
x-xss-protection: 0
pragma: public
x-fb-debug: mGb/ocBmD153bP7paJhX8cf1ETdTVLQ5sc4FZ57FBx3lZv0v4jrP52SS7QC4Kau4pD1Dq5ed/SOekfVj/N/rCQ==
x-fb-trip-id: 1850256238
date: Sat, 28 Mar 2020 08:58:20 GMT, Sat, 28 Mar 2020 08:58:20 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
247 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2172602973018658&ev=PageView&dl=https%3A%2F%2Fwww.ocregister.com%2F&rl=&if=false&ts=1585385900948&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585385900947.439875893&it=1585385900812&coo=false&rqm=GET

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:20 GMT, Sat, 28 Mar 2020 08:58:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 28 Mar 2020 08:58:20 GMT

GET
H2 200 common-async.1d6f3117a458d86d7bdf.chunk.min.js Show response
assets.digitalfirstmedia.com/prod/static/js/ 50 KB
8 KB 21ms
21ms Script
application/javascript 151.101.13.53
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.digitalfirstmedia.com/prod/static/js/common-async.1d6f3117a458d86d7bdf.chunk.min.js
Requested by: Host: assets.digitalfirstmedia.com
URL: https://assets.digitalfirstmedia.com/prod/static/js/boldcoastal.1d6f3117a458d86d7bdf.min.js?ver=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.53 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d88f2e456aa67f18e91aaa374e8cca5c265e7c2d8b602aeb974b269b3f2265ce

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
age: 213
x-cache: HIT, HIT
status: 200
content-length: 7840
x-served-by: cache-den19626-DEN, cache-fra19169-FRA
last-modified: Fri, 13 Mar 2020 19:14:39 GMT
server: Apache
x-timer: S1585385901.001883,VS0,VE1
etag: "c65e-5a0c147f5c054"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 58, 1

GET
H2 200 boldcoastal-async.1d6f3117a458d86d7bdf.chunk.min.js Show response
assets.digitalfirstmedia.com/prod/static/js/ 2 KB
1 KB 283ms
283ms Script
application/javascript 151.101.13.53
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.digitalfirstmedia.com/prod/static/js/boldcoastal-async.1d6f3117a458d86d7bdf.chunk.min.js
Requested by: Host: assets.digitalfirstmedia.com
URL: https://assets.digitalfirstmedia.com/prod/static/js/boldcoastal.1d6f3117a458d86d7bdf.min.js?ver=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.53 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: c75d44fb1f0f59284ff434b3afdee46cabb8fa6a5353637279c7c206ea57337a

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
age: 255
x-cache: HIT, HIT
status: 200
content-length: 1093
x-served-by: cache-den19635-DEN, cache-fra19169-FRA
last-modified: Fri, 13 Mar 2020 19:14:39 GMT
server: Apache
x-timer: S1585385901.002033,VS0,VE264
etag: "946-5a0c147f5c054"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 93DB 0
0 30ms
29ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&co=aHR0cHM6Ly93d3cub2NyZWdpc3Rlci5jb206NDQz&hl=en&type=image&v=P6KLRNy7h3K160ZmYNUOAce7&theme=light&size=normal&cb=99ji8zwoweot

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QAAsJyUVtlYdKNZOrlT61w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&co=aHR0cHM6Ly93d3cub2NyZWdpc3Rlci5jb206NDQz&hl=en&type=image&v=P6KLRNy7h3K160ZmYNUOAce7&theme=light&size=normal&cb=99ji8zwoweot
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 28 Mar 2020 08:58:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-QAAsJyUVtlYdKNZOrlT61w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11693
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
1 KB 428ms
221ms Script
text/javascript 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.ocregister.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-13-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 006dc45ed3fd042f99a11c72af3962b8bf001c429e14a30307d85b565105f9ea

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 815
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 13ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.3&blog=126836891&post=0&tz=-7&srv=www.ocregister.com&host=www.ocregister.com&ref=&fcp=630&rand=0.34823079105006327
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Sat, 28 Mar 2020 08:58:21 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 a22d15e1e9a0141023cd3d679040a735 Show response
digitalfirstmedia.blueconic.net/plugin/plugin/ 215 KB
56 KB 103ms
103ms Script
text/javascript 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/plugin/plugin/a22d15e1e9a0141023cd3d679040a735

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

02981f84bd383dacf4bc76023abbad26710cf5bf6f75b0b40ae588fd408d7652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
server: -
etag: a22d15e1e9a0141023cd3d679040a735
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 56471
x-xss-protection: 1; mode=block
expires: Sun, 28 Mar 2021 08:58:21 GMT

GET
H/1.1 200
OK pixel;r=483164252;labels=LANewsGroup;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fwww.ocregister.com%2F;fpan=1;fpa=P0-2090028324-1585385901106;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;r...
pixel.quantserve.com/ 35 B
658 B 85ms
22ms Image
image/gif 91.228.74.195
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=483164252;labels=LANewsGroup;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fwww.ocregister.com%2F;fpan=1;fpa=P0-2090028324-1585385901106;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1585385901106;tzo=-60;ogl=type.website%2Ctitle.Orange%20County%20Register%2Curl.https%3A%2F%2Fwww%252Eocregister%252Ecom%2F2020%2F03%2F27%2Fcalifornia-governor-commutes-sentences-inc%2Csite_name.Orange%20County%20Register%2Cimage.https%3A%2F%2Fwww%252Eocregister%252Ecom%2Fwp-content%2Fuploads%2F2017%2F04%2Focr_icon11%252Ejpg%2Cimage%3Awidth.512%2Cimage%3Aheight.512%2Clocale.en_US

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.195 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Sat, 28 Mar 2020 08:58:21 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2Fwww.ocregister.com%2F&rl=&if=false&ts=1585385901133&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585385900947....
https://cx.atdmt.com/?c=2234805277309152420&f=AYz_ldSoP8KDoer7Qd5PTKxQ-hBLBU76Mv7Pr9coEHgpayB3mSIAlFQ0Lif-05DNCWN0xVx2nEfvJPZ07pV0ca-h&id=1401480206566122&l=3&v=0

42 B
430 B

52ms
40ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=2234805277309152420&f=AYz_ldSoP8KDoer7Qd5PTKxQ-hBLBU76Mv7Pr9coEHgpayB3mSIAlFQ0Lif-05DNCWN0xVx2nEfvJPZ07pV0ca-h&id=1401480206566122&l=3&v=0
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 28 Mar 2020 08:58:21 GMT, Sat, 28 Mar 2020 08:58:21 GMT, Sat, 28 Mar 2020 08:58:21 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-27=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:21 GMT, Sat, 28 Mar 2020 08:58:21 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=2234805277309152420&f=AYz_ldSoP8KDoer7Qd5PTKxQ-hBLBU76Mv7Pr9coEHgpayB3mSIAlFQ0Lif-05DNCWN0xVx2nEfvJPZ07pV0ca-h&id=1401480206566122&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 6F88 0
0 17ms
17ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=P6KLRNy7h3K160ZmYNUOAce7&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&cb=dxu1mwo6dgxr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kDdeS/CaQBCXp+58mIdK1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=P6KLRNy7h3K160ZmYNUOAce7&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&cb=dxu1mwo6dgxr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 28 Mar 2020 08:58:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-kDdeS/CaQBCXp+58mIdK1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1180
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

OPTIONS
H2 200 MNG.json Show response
cdn.ayc0zsm69431gfebd.xyz/prod/data/last_publish/ 0
239 B 357ms
357ms XHR
text/plain 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/data/last_publish/MNG.json?_=1585385901282
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://www.ocregister.com
Referer: https://www.ocregister.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
access-control-allow-origin: https://www.ocregister.com
access-control-max-age: 3600
access-control-allow-methods: GET
status: 200
x-ms-request-id: 4fd23d71-101e-00f1-23df-04f7ec000000
access-control-allow-credentials: true
x-ms-version: 2015-02-21
access-control-allow-headers: content-type
content-length: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 96 KB
30 KB 55ms
19ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: d8435911753d7e931e1dda44b3ec12ce5158d6389131eadb584f0097a809c901

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 08:42:53 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5e708d8d-18138"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 29 Mar 2020 08:58:21 GMT

GET
H2 400 identity
api.rlcdn.com/api/ 0
0 45ms
19ms XHR
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 94ms
31ms XHR
application/json 34.252.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185707
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.71.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-71-88.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: aa93a4ebc09684f70123be7e3d7b742ef81f0f397d7cae5ff3aa0970a3baaebe

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 27 Apr 2020 08:58:21 GMT

GET
H2 200 19418322778cecfeff38d015cd7ff18e Show response
digitalfirstmedia.blueconic.net/plugin/library/ 487 KB
142 KB 103ms
103ms Script
text/javascript 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/plugin/library/19418322778cecfeff38d015cd7ff18e

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

99dd99181925b87c12ea03b24e3c79335d0fcaacc5234b0436e0959aa28cec1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
server: -
etag: 19418322778cecfeff38d015cd7ff18e
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 144657
x-xss-protection: 1; mode=block
expires: Sun, 28 Mar 2021 08:58:21 GMT

POST
H2 200 LB-Zone-2 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/json/ 3 KB
2 KB 194ms
194ms XHR
application/json 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/json/LB-Zone-2?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=d6964377-d61e-4df2-8092-fd163cbff9a7&overruleReferrer=&time=2020-03-28T09%3A58%3A21%2B01%3A00&ts=1585385901311

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

04281ad91ce8e1cd6d5f05a9d50e3663073f24ac122881118e2a3dbcfc47bd7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 1026
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ptrack-v1.4.0-engagedtime.js Show response
d1z2jf7jlzjs58.cloudfront.net/code/ 36 KB
15 KB 21ms
21ms Script
application/x-javascript 143.204.208.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/code/ptrack-v1.4.0-engagedtime.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.228 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-228.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: ee1f4329c0546185fbd84070d5fa4da392e9deecb771dc2170d4a2d9135800bc

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Sep 2019 20:27:07 GMT
Content-Encoding: gzip
Age: 15856274
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Thu, 19 Sep 2019 16:47:49 GMT
Server: nginx
ETag: W/"5d83b135-917e"
Content-Type: application/x-javascript
Via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000, public
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: 9OWq-rmxMSHK3KuSy1ozmTxvFooGhh3CH9cG33lxLATadS-B9-HmhA==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK /
srv-2020-03-28-08.pixel.parsely.com/plogger/ 43 B
229 B 398ms
100ms Image
image/gif 34.234.197.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2020-03-28-08.pixel.parsely.com/plogger/?rand=1585385901355&plid=56665386&idsite=ocregister.com&url=https%3A%2F%2Fwww.ocregister.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22fbef3fa5-c483-4319-bcdc-39dc91351470%22%2C%22parsely_site_uuid%22%3A%22fbef3fa5-c483-4319-bcdc-39dc91351470%22%7D&sid=1&surl=https%3A%2F%2Fwww.ocregister.com%2F&sref=&sts=1585385901353&slts=0&title=Orange+County+Register%3A+Local+News%2C+Sports+and+Things+to+Do&date=Sat+Mar+28+2020+09%3A58%3A21+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=7592327&u=fbef3fa5-c483-4319-bcdc-39dc91351470
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.197.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-197-55.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 /
www.facebook.com/tr/ 0
50 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarymr9tADKrU09L84NF

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.ocregister.com
date: Sat, 28 Mar 2020 08:58:21 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame 1478 200 KB
55 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 71698
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame 1478 200 KB
55 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 71698
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003101714470/v0/ Frame 1478 92 KB
28 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 71703
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28328
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f4788313c10056ed"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:18 GMT

GET
DATA 200
OK truncated
/ Frame 1478 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f20bbc5f865bcae43cd4a75eb286d9f70c7fd0c7d4299ac21c6dd741e13ed0d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ 20 KB
7 KB 33ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2b0d171a4179bf00898c430c1c15464e528aff5762fc70a5d02184834c82eff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35067
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7178
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 23:13:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9d3d923337ef7e9b"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 23:13:54 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame C8D8 200 KB
55 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 71698
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame C8D8 200 KB
55 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 71698
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003101714470/v0/ Frame C8D8 92 KB
28 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 71703
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28328
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f4788313c10056ed"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:18 GMT

GET
DATA 200
OK truncated
/ Frame C8D8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5aeb3597e8eda7ec03da7380c6082f3097155f450e99e5f9242a2bae5cc183fb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 10914182175998558871
tpc.googlesyndication.com/simgad/ Frame 1478 63 KB
63 KB 70ms
69ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10914182175998558871

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

931a8976f5100258b515cfc1464a88f7c878e1bae5496a97e45158867d95c3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Feb 2020 18:10:21 GMT
server: sffe
access-control-allow-origin: *
x-dns-prefetch-control: off
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 64197
x-xss-protection: 0
expires: Sun, 28 Mar 2021 08:58:21 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1478 0
332 B 31ms
31ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEBbbopcC8eoRLEalS5O7s3MKiJnRPZIc9ItnLN0xD2gRoUFpSnY3w3rB01xi9QCSy525jvf2umjb7FJlGnatD6FDhpwvFKniYH0dEfIpPiSFWdrALRH2S2qXiPHNfaUEUZX_SnFK2bcsyReybPn97AXeyJpQ9GUlrRCAs0aQUQZ6pAEHTth939VGsSBm6_ZPQZq0k9Ht1Gey74k7fnAc2Vj-QPN-UuYU7ZVg1TeJAnw7Lpei_hg0P4aukipkpYJTl0yIcj1jZP-KyaOJ19A&sai=AMfl-YQYPcRM59A1yMobsYY94p6vrV7pJ8HdKZ_tei-dzfdEr7mHpzEULVE7eGEgX4TBZGMDrkHg0yFHY3aJF0NF_tNfMpWBUrLvnr5gZUbg&sig=Cg0ArKJSzI4A9fir6OJSEAE&adurl=

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 28 Mar 2020 08:58:21 GMT

GET
H/1.1 200
OK c=E5X8_f=spot_si=1385_s=728x90_lid=5273214702 Show response
pr.realvu.net/flip/2/ 49 B
360 B 106ms
106ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=spot_si=1385_s=728x90_lid=5273214702
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=1385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fceeee9146da83cf7baa5d092bc9f852a7846073d56d4218261ac192c55dcd15

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 69
X-Proxy-Cache: BYPASS

GET
H/1.1 200
OK c=E5X8_f=spot_si=1385_s=300x250_lid=5330776926 Show response
pr.realvu.net/flip/2/ 49 B
360 B 241ms
134ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=spot_si=1385_s=300x250_lid=5330776926
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=1385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3eec5278cb4464cc4da8b2dcaefefeda5c73bff1963578ffa477ff4293656a89

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 69
X-Proxy-Cache: BYPASS

GET
H2 200 4823905745693502601
tpc.googlesyndication.com/simgad/ Frame C8D8 28 KB
28 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4823905745693502601

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8876ab4999f16f88cd2cf2c8c137fb421e59c65b69e0b197f46e329e4264c885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:27:17 GMT
x-content-type-options: nosniff
age: 437464
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28397
x-xss-protection: 0
last-modified: Fri, 20 Mar 2020 23:28:04 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Mar 2021 07:27:17 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8D8 0
281 B 36ms
35ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxyoyzCDo6eJy2N40gZAyByknaD35ZLdxU_4RoUefSUVoSRL0PgF-ebs8nnu1vWmuuFMQpQTEARaMvfj8CiefpbF-dKek77MQeR6DulVPcJWj4cu1xoS22-a4hE9YVx2-QrchnhHSVRKTpc595uddIdju1CnYV3e_bAd88nX0kTA-kyL8TFZhF-4unRHTfH_vGLoYXmlMVeuvqVagz1e58NNhyQ9BeNOvcWSOVWwFahzZ54hZCTwzLBBsJqZwSegVt7oA-MN-fORppdGmS0g&sai=AMfl-YQucdRnBREPB3F945TzTHHzJuR3AEsxWwM1c3iAE0zscRTWCJUVyggajW0utV0Pd41y5DLpVy1Q982wkeFfK0LSdvX7aj4LHh4eqb9F&sig=Cg0ArKJSzBdnYVV4iXjGEAE&adurl=

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 28 Mar 2020 08:58:21 GMT

GET
H2 200 81b4af37ca9acccad1e1eaa5ea03f879 Show response
digitalfirstmedia.blueconic.net/templates/ 359 KB
50 KB 99ms
99ms Script
text/javascript 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/templates/81b4af37ca9acccad1e1eaa5ea03f879

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

33f523673e8b63c761d7b553c43d0f6965ddb08100cf3212d43bca4dcf2fcff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
last-modified: Fri, 27 Mar 2020 08:58:21 GMT
server: -
etag: 81b4af37ca9acccad1e1eaa5ea03f879
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 50925
x-xss-protection: 1; mode=block
expires: Wed, 01 Jan 2020 23:00:00 GMT

POST
H2 200 json Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 148 B
944 B 104ms
103ms XHR
application/json 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=d6964377-d61e-4df2-8092-fd163cbff9a7&bctempid=&overruleReferrer=&time=2020-03-28T09%3A58%3A21%2B01%3A00&ts=1585385901547

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

28acca8f42e7b2ebff96b6ac593c72097692010bca0cc3b6cccc730d183d0908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 116
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1060502780777063 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1060502780777063?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac3082cc6d879dec28ccaf8e843ef56d0a40f88483c2fd0e36fb83de6cff342f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114948
x-xss-protection: 0
pragma: public
x-fb-debug: SyhbSTfhwxNsYhWPLxrYy7xhyTNLImedR0GD75a85HuTXTtzitC29R0mjNDgUqgAiHrJ2jct/rFNUHKgDtxpcw==
x-fb-trip-id: 1850256238
date: Sat, 28 Mar 2020 08:58:21 GMT, Sat, 28 Mar 2020 08:58:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 json Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 195 B
853 B 101ms
101ms XHR
application/json 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

84ec20c99a6c9cf0044725ebdeb7b64c924b5ab35b5df1fe86796f2e03e4466b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 117
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1373473045&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20N...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61435456-15&cid=533601671.1585385901&jid=1731753813&_gid=1149994838.1585385901&gjid=957885178&_v=j81&z=1670515833
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1731753813&_v=j81&z=1670515833
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1731753813&_v=j81&z=1670515833&slf_rd=1&random=1649950239

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1731753813&_v=j81&z=1670515833&slf_rd=1&random=1649950239

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61435456-15&cid=533601671.1585385901&jid=1731753813&_v=j81&z=1670515833&slf_rd=1&random=1649950239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B2D5 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 28 Mar 2020 08:18:59 GMT
expires: Sun, 28 Mar 2021 08:18:59 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2362
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585308637081045"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27959
x-xss-protection: 0
expires: Sat, 28 Mar 2020 08:58:21 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame A91C 200 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 71698
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame A91C 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 71698
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003101714470/v0/ Frame A91C 92 KB
28 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 71703
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28328
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f4788313c10056ed"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:18 GMT

GET
DATA 200
OK truncated
/ Frame A91C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b68be6d4ae0912ad4036471bb2c405bffb0a94b1c698c66d2b17a430da8a89b6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame BF1D 0
0 10ms
5ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 28 Mar 2020 08:18:59 GMT
expires: Sun, 28 Mar 2021 08:18:59 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2362
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D9AA 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 28 Mar 2020 08:18:59 GMT
expires: Sun, 28 Mar 2021 08:18:59 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2362
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame BAE4 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 28 Mar 2020 08:18:59 GMT
expires: Sun, 28 Mar 2021 08:18:59 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2362
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DD1B 0
0 7ms
7ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 28 Mar 2020 08:18:59 GMT
expires: Sun, 28 Mar 2021 08:18:59 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2362
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK c=E5X8_f=spot_si=1385_s=970x90_lid=5137595479 Show response
pr.realvu.net/flip/2/ 978 B
847 B 216ms
106ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=spot_si=1385_s=970x90_lid=5137595479
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=1385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7f1ac0339db5af2c9c30e00d5fc4803032108eebba7549b678ebf980f2bf0bfe

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 555
X-Proxy-Cache: BYPASS

GET
H/1.1 200
OK c=E5X8_f=spot_si=1385_s=300x250_lid=5319543983 Show response
pr.realvu.net/flip/2/ 49 B
360 B 217ms
107ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=spot_si=1385_s=300x250_lid=5319543983
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=1385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2afecb700aa8656dcd8e12a01d11a27e78a2a78b1738a27d4d0edfb457727e3c

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 69
X-Proxy-Cache: BYPASS

GET
H/1.1 200
OK c=E5X8_f=spot_si=1385_s=970x250_lid=5137595479 Show response
pr.realvu.net/flip/2/ 983 B
850 B 305ms
100ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=spot_si=1385_s=970x250_lid=5137595479
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=1385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d7e0dd24d8c20a571fbdf722187dd1dfeda4935f35b0f676439dbd5c722a62b0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 558
X-Proxy-Cache: BYPASS

GET
H/1.1 200
OK c=E5X8_f=spot_si=1385_s=300x250_lid=5314312254 Show response
pr.realvu.net/flip/2/ 49 B
360 B 305ms
103ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=spot_si=1385_s=300x250_lid=5314312254
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=1385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8969c36aa5470fecbcbe616929f0fbbf5fb2f6aea4717adc4553eaaadb9b1135

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 69
X-Proxy-Cache: BYPASS

GET
H/1.1 200
OK c=E5X8_f=spot_si=1385_s=970x250_lid=5335039602 Show response
pr.realvu.net/flip/2/ 983 B
847 B 309ms
104ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=spot_si=1385_s=970x250_lid=5335039602
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=1385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d0b25f8e9376d4300b9f2953cb04da769ed075ff802c7ba9c5e27940490ffd64

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 555
X-Proxy-Cache: BYPASS

GET
H/1.1 200
OK c=E5X8_f=spot_si=1385_s=970x250_lid=5317389051 Show response
pr.realvu.net/flip/2/ 983 B
848 B 204ms
104ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5X8_f=spot_si=1385_s=970x250_lid=5317389051
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5X8_f=site_si=1385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9028e306d76a80950f1f5372ebd89daab6cbed7ecd0a058b92e88e3e0ab0a1ed

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 556
X-Proxy-Cache: BYPASS

GET
H2 200 7640759804108581347
tpc.googlesyndication.com/simgad/ Frame A91C 29 KB
29 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7640759804108581347

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

338d9a9ad3abb06ada43f3aa399784c2d2dd3229987712ce010c509a420e3dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 10:35:30 GMT
x-content-type-options: nosniff
age: 1462971
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29241
x-xss-protection: 0
last-modified: Wed, 04 Mar 2020 01:35:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Mar 2021 10:35:30 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A91C 0
57 B 32ms
30ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucBxMk7AI3B3dlQN4EJFEit_YSOUj1XiPCQKqd4mxdW2-76mzJOx3L1o0W26CG3tZTY_sXGqg6RgpNcuYoRSJWqogIPPVxgWq4Etm8xXUtvdrBrUaqOWTMo3LpaDpkGv-WW8OTyUfqUl2Yy-MdnynLmx7pNEbj_kgra5uaBssQJ4ICQJtm3KJqiX9u_aaQegBk3CIF3XDdlQQXTn9Y0hgTqKeJfBdBww1fCw7Go35iyjfGIKpofMkusE2giv-44AzzJS6SEb4aEYuIV4HHXg&sai=AMfl-YS2w5hI0386PKpTjLuks6EtVsAhj4xC_YPyfsWeaBF5HFqsUhYbgnzSVlmPygqKyPpvg1O1ksWa6GCspqlZeIvuQHXgL8vIBgTRBwqO&sig=Cg0ArKJSzBHtBOpaUb7oEAE&adurl=

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 105ms
103ms Image
image/gif 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=7da5e096-1c26-41a3-85f5-60afb2b5dc71&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=rRF_XgA&ntv_at=303,302&ntv_a=AAAAAAAAAADyEQA&ord=1585385901659&ntv_dpl=1011,1028,1016,1001,1050,1018,1003,1019,1005,1006,1022,1007&ntv_it
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-13-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:21 GMT
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 104ms
103ms Image
image/gif 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=866f3d77-2820-4b4b-a5a5-c99933b49a1d&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=rRF_XgA&ntv_at=303&ntv_a=AAAAAAAAAAESEQA&ord=1585385901660&ntv_dpl=1011,1028,1016,1001,1050,1018,1003,1019,1005,1006,1022,1007&ntv_it
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-13-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:21 GMT
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 103ms
102ms Image
image/gif 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=8606be49-4bd3-445e-b392-5c0fdbe114a6&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=rRF_XgA&ntv_at=303&ntv_a=AAAAAAAAAAECEQA&ord=1585385901661&ntv_dpl=1011,1028,1016,1001,1050,1018,1003,1019,1005,1006,1022,1007&ntv_it
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-13-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:21 GMT
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 MNG.json Show response
cdn.ayc0zsm69431gfebd.xyz/prod/data/last_publish/ 2 KB
3 KB 6ms
6ms XHR
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/data/last_publish/MNG.json?_=1585385901282
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F31) /
Resource Hash: dcecdb1840690863ca0cfb49910dc86fdd185f6f129330f29c3fd190e7f16aba

Request headers

Accept: */*
Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-ms-blob-type: AppendBlob
date: Sat, 28 Mar 2020 08:58:21 GMT
age: 35659
x-cache: HIT
status: 200
content-length: 2464
x-ms-lease-status: unlocked
last-modified: Fri, 27 Mar 2020 21:01:29 GMT
server: ECAcc (frc/8F31)
x-ms-blob-committed-block-count: 1
etag: 0x8D7D292055A1E4C
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: b5a59918-701e-008c-4b8c-046b24000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 collect
www.google-analytics.com/ 35 B
111 B 6ms
6ms Image
image/gif 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1373473045&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=BlueConic.VIEW&ea=SCNG%20OCR%20Recs%20Article%20Page%20Widget&el=Conversion%20Mix%202&_u=aGDACEAjR~&jid=&gjid=&cid=533601671.1585385901&tid=UA-61435456-15&_gid=1149994838.1585385901&gtm=2wg3i0TLFP4R&cd2=ocregister.com&cd3=ocregister.com&cd8=&cd9=no&cd10=home&cd11=5.3.2&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fwww.ocregister.com%2F&cd24=home&cd25=SCNG&cd27=Home&cd28=https%3A%2F%2Fwww.ocregister.com%2F&cd29=Home&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=LANewsGroup&cd34=true&cd35=Orange%20County%20Register%2C%20Orange%20County%20News%2C%20Orange%20County%20Sports&cd50=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd51=&cd125=d6964377-d61e-4df2-8092-fd163cbff9a7&cd126=PERSONAL&cd127=DP%20Non-Subscribers%7Cextras.mercurynews%20non-subscribers%7CSCNG%20-%20Channel%20visited%7CBANG%20Non-Subscribers%7CVisitors%20not%20in%20segment%20%22bv%20data%20exports%22%7C%5BBlueConic%20Dev%5D%20Anonymous%20Profiles%20not%20modified%20in%20last%20365%20days%7CEngagement%20Score%3A%7CVisitors%20not%20in%20segment%20%22BANG%20confirmation%20number%20true%22%7ClastModified_s3bucketDelta%7CAllvisitorslast7%7CVariants%20Viewed%20Distribution%7CAll%20Visitors%7CTwin%20Cities%20Non-Subscribers%7C%5BBC%20Dev%5D%20Anonymous%20Profiles%7C%5BBC%20DEV%5D%20BlueConic%20Test%20User&cd129=0&cd135=low&cd136=0&cd137=https%3A%2F%2Fwww.ocregister.com%2F&cd138=1585385900844&cd145=web&cd146=https%3A%2F%2Fwww.ocregister.com%2F&cd147=www.ocregister.com&cd151=1&cd154=1585385901543&cd165=(not%20set)&cd166=(not%20set)&cd167=(not%20set)&cd53=533601671.1585385901&z=606270969

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 01:51:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2012823
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 731C 85 KB
30 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: projects.ocregister.com
URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 05 Feb 2020 05:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4505653
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Fri, 24 Mar 2017 20:55:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 05:24:08 GMT

GET
H/1.1 200
OK bootstrap.css
projects.ocregister.com/css/ Frame 731C 139 KB
139 KB 643ms
135ms Stylesheet
text/css 63.147.64.74
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://projects.ocregister.com/css/bootstrap.css
Requested by: Host: projects.ocregister.com
URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.147.64.74 Waldorf, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software: Apache /
Resource Hash: d1f8606bc7758c83642910a63c776b2ac85176c26322fd090a1fd1632c4bda98

Request headers

Referer: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 28 Mar 2020 08:58:22 GMT
Via: AX-CACHE-2.7:56
Last-Modified: Thu, 03 Nov 2016 19:37:28 GMT
Server: Apache
Age: 0
ETag: "2100bc-22bc2-5406ab00e6e00"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 142274

GET
H/1.1 200
OK custom.css
projects.ocregister.com/css/ Frame 731C 2 KB
2 KB 638ms
130ms Stylesheet
text/css 63.147.64.74
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://projects.ocregister.com/css/custom.css
Requested by: Host: projects.ocregister.com
URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.147.64.74 Waldorf, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software: Apache /
Resource Hash: 9176f6e7ebd144a18e59a766383334c5d5f5ba5c40d638505d9c8af83375067e

Request headers

Referer: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 28 Mar 2020 08:55:31 GMT
Via: AX-CACHE-2.7:56
Last-Modified: Thu, 28 Jul 2016 16:32:54 GMT
Server: Apache
Age: 171
ETag: "2100be-74b-538b4af8bd980"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1867

GET
H/1.1 404
Not Found custom.css
projects.ocregister.com/extras/embeds/2020/coronavirus/ Frame 731C 0
0 645ms
136ms Stylesheet
text/html 63.147.64.74
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/custom.css
Requested by: Host: projects.ocregister.com
URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.147.64.74 Waldorf, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 28 Mar 2020 08:58:22 GMT
Server: Apache
Connection: close
Content-Length: 239
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 line-awesome.min.css
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/ Frame 731C 88 KB
15 KB 151ms
41ms Stylesheet
text/css 195.181.175.52
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Requested by: Host: projects.ocregister.com
URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: unn-195-181-175-52.datapacket.com
Software: CDN77-Turbo /
Resource Hash: ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854

Request headers

Referer: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: br
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 2064483
last-modified: Wed, 04 Mar 2020 07:32:27 GMT
server: CDN77-Turbo
etag: W/"5e5f598b-15e81"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-edge-ip: 195.181.175.50
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Fri, 03 Apr 2020 11:30:18 GMT

GET
H/1.1 200
OK cvirus.css
projects.ocregister.com/extras/embeds/2020/coronavirus/css/ Frame 731C 7 KB
8 KB 640ms
131ms Stylesheet
text/css 63.147.64.74
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/css/cvirus.css
Requested by: Host: projects.ocregister.com
URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.147.64.74 Waldorf, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software: Apache /
Resource Hash: 05f488e3eb0946ed18b5d5d563b1c1458e1268ae6e86ad776369d79a81280591

Request headers

Referer: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 28 Mar 2020 08:57:52 GMT
Via: AX-CACHE-2.7:56
Last-Modified: Wed, 25 Mar 2020 23:42:15 GMT
Server: Apache
Age: 29
ETag: "ee0c0-1cf2-5a1b66b0283c0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 7410

GET
H2 200 recommendations Show response
digitalfirstmedia.blueconic.net/rest/ 12 KB
3 KB 103ms
102ms Script
text/javascript 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/rest/recommendations?storeId=517a0bba-21e3-4326-8648-7a0c8269a68b&profileId=d6964377-d61e-4df2-8092-fd163cbff9a7&frequencyCap=3&itemId=www.ocregister.com%2F&request=%5B%7B%22id%22%3A1561500701741%2C%22filters%22%3A%5B%22VIEWED%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_VIEW%22%7D%2C%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENCY%22%7D%5D%2C%22count%22%3A4%7D%2C%7B%22id%22%3A1560907820833%2C%22filters%22%3A%5B%22VIEWED%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A10%2C%22algorithm%22%3A%22COLLABORATIVE_FILTERING%22%2C%22rampUp%22%3A%22INSTANT%22%7D%2C%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENCY%22%7D%5D%2C%22count%22%3A4%7D%2C%7B%22id%22%3A1561750584002%2C%22filters%22%3A%5B%22VIEWED%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A10%2C%22algorithm%22%3A%22INTEREST%22%2C%22rampUp%22%3A%22INSTANT%22%7D%2C%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENCY%22%7D%5D%2C%22count%22%3A4%7D%2C%7B%22id%22%3A%22default%22%2C%22filters%22%3A%5B%22VIEWED%22%2C%22section%3A%5C%22News%5C%22%2C%5C%22Housing%5C%22%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENCY%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_VIEW%22%7D%5D%2C%22count%22%3Anull%7D%5D&referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=d6964377-d61e-4df2-8092-fd163cbff9a7&bctempid=&overruleReferrer=&time=2020-03-28T09%3A58%3A21%2B01%3A00&callback=bc_json523

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

8cca71ffd0b69f5c08452a4b1d959cbd749397c573730c6bc8dd5af82bef5433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript;charset=utf-8
server: -
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 2877
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1849213471865744 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1849213471865744?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acec6a9c02378fec393f4dca906c9ebd7c42409a60a66ab8cdfca8bc529626da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114919
x-xss-protection: 0
pragma: public
x-fb-debug: kaEGlkTrfUTm7LyHnIrppHUB3IZzBGIH8B6OAlZFW/ly1HwJeLhJc6CYJ8E8PIoxrgXWj9Zoju38Caok+6fx3w==
x-fb-trip-id: 1850256238
date: Sat, 28 Mar 2020 08:58:21 GMT, Sat, 28 Mar 2020 08:58:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10914182175998558871
tpc.googlesyndication.com/simgad/ Frame 1478 63 KB
63 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10914182175998558871

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

931a8976f5100258b515cfc1464a88f7c878e1bae5496a97e45158867d95c3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 64197
x-xss-protection: 0
last-modified: Wed, 26 Feb 2020 18:10:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Mar 2021 08:58:21 GMT

GET
H2 200 4823905745693502601
tpc.googlesyndication.com/simgad/ Frame C8D8 28 KB
28 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4823905745693502601

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8876ab4999f16f88cd2cf2c8c137fb421e59c65b69e0b197f46e329e4264c885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 07:27:17 GMT
x-content-type-options: nosniff
age: 437464
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28397
x-xss-protection: 0
last-modified: Fri, 20 Mar 2020 23:28:04 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Mar 2021 07:27:17 GMT

GET
H2 200 7640759804108581347
tpc.googlesyndication.com/simgad/ Frame A91C 29 KB
29 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7640759804108581347

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

338d9a9ad3abb06ada43f3aa399784c2d2dd3229987712ce010c509a420e3dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 10:35:30 GMT
x-content-type-options: nosniff
age: 1462971
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29241
x-xss-protection: 0
last-modified: Wed, 04 Mar 2020 01:35:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Mar 2021 10:35:30 GMT

POST
H2 200 json Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 98 B
844 B 100ms
100ms XHR
application/json 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

cac6d67cb017c8ce68b56c366f99bf7095788ceaf07a42c896b738ffb8b98dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Mar 2020 08:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 109
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryIY6XB3hkzTVPDRgi

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.ocregister.com
date: Sat, 28 Mar 2020 08:58:21 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 values Show response
spreadsheets.google.com/feeds/list/1XvQfm5sRCjTREnZXkyWmoJ2c6GVryQ8YApdvAyqHt4E/6/public/ Frame 731C 4 KB
2 KB 441ms
417ms Fetch
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://spreadsheets.google.com/feeds/list/1XvQfm5sRCjTREnZXkyWmoJ2c6GVryQ8YApdvAyqHt4E/6/public/values?alt=json

Requested by

Host: projects.ocregister.com
URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0bc63eb8757ab7f3ed8cfa58eddf780caced87a9ec8d54fc6a1dae8300cfc6b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-xPA+X9jLiy2CuPYq2E0XZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://projects.ocregister.com/extras/embeds/2020/coronavirus/
Origin: https://projects.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 08:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://projects.ocregister.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Mar 2020 08:58:23 GMT
server: GSE
x-frame-options: SAMEORIGIN
vary: Accept, X-GData-Authorization, GData-Version
content-type: application/json; charset=UTF-8
gdata-version: 1.0
access-control-expose-headers: Cache-Control,Content-Encoding,Content-Length,Content-Type,Date,Expires,Last-Modified,Server,Transfer-Encoding,Vary
cache-control: private, max-age=0, must-revalidate, no-transform
content-security-policy: base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-xPA+X9jLiy2CuPYq2E0XZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self'
x-robots-tag: noindex, nofollow, nosnippet
expires: Sat, 28 Mar 2020 08:58:23 GMT

GET
H2 200 nr-1167.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 62ms
20ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:22 GMT
content-encoding: gzip
x-amz-request-id: 9F168BA697B778D0
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: yYgBioLjCplIhDxMZm/PKonf0xZGo/IH9CxBrQAf8lWo1+WyLnApygFOHARQZ+4eJQtQu20EMwQ=
x-served-by: cache-hhn4031-HHN
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1585385903.886367,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 15328

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 8ms
8ms Script
application/x-javascript 2600:9000:2057:4200:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4200:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:34:13 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:24:02 GMT
server: nginx
age: 1449
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: OJuK8uIsmRZGxuPyDmdBHxT5541MpOAcMqWxHvxSRsVX0tEee18ucQ==
via: 1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
expires: Sat, 28 Mar 2020 10:34:13 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/6035443/ 0
400 B 474ms
473ms Script
application/x-javascript 23.45.99.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/6035443/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.99.242 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-99-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 28 Mar 2020 08:58:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Tue, 31 Mar 2020 08:58:23 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 33ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

367e67259643fa97e357d9996a4c7697dd2cea56bd65147cd3ee5989ff61490a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Mar 2020 08:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5096
x-xss-protection: 0

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 103ms
103ms Image
image/gif 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1057040&ntv_gdpr_consent=&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-13-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:22 GMT
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 306ms
101ms Image
image/gif 54.173.180.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=ocregister.com&p=%2F&u=DoMeWKjRGBLCdaetn&d=ocregister.com&g=53628&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6367&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2789&t=BFke0YBQUFtzBBgt5dCKFkiSC99HVi&V=118&i=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&tz=-60&sn=1&sv=D0SGRy3F6jTCFKc26BLrup1DpkRsM&sd=1&im=06430c43&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.180.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-180-235.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Sat, 28 Mar 2020 08:58:23 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 08:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Sat, 28 Mar 2020 08:58:22 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 103ms
102ms Image
image/gif 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=7da5e096-1c26-41a3-85f5-60afb2b5dc71&ntv_a=AAAAAAAAAADyEQA&ntv_ht=rRF_XgA&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ord=-1657342165&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-13-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:22 GMT
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A800 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sat, 28 Mar 2020 08:18:58 GMT
expires: Sun, 28 Mar 2021 08:18:58 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2364
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

OPTIONS
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 0
311 B 90ms
21ms XHR
text/plain 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://www.ocregister.com
Referer: https://www.ocregister.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,sdk-context

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 28 Mar 2020 08:58:22 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 0
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST

GET
H/1.1 200
OK 7998548d3f Show response
bam.nr-data.net/1/ 57 B
275 B 458ms
115ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7998548d3f?a=50256569&v=1167.2a4546b&to=Ml0BbUEAXENYUBBfWAsXIlpHCF1eFlUWWVkRFRNYVAQ%3D&rst=2858&ref=https://www.ocregister.com/&ap=1059&be=406&fe=2789&dc=959&perf=%7B%22timing%22:%7B%22of%22:1585385900047,%22n%22:0,%22f%22:326,%22dn%22:326,%22dne%22:326,%22c%22:326,%22ce%22:326,%22rq%22:328,%22rp%22:341,%22rpe%22:403,%22dl%22:343,%22di%22:959,%22ds%22:959,%22de%22:971,%22dc%22:2789,%22l%22:2789,%22le%22:2797%7D,%22navigation%22:%7B%7D%7D&fp=629&fcp=629&at=HhoWGwkaTxwbUkYMTBhF&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C8D8 42 B
271 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3OzY0hPjSXxFTWvZuYux62vZMJmC3I45iGYKGBzM3ZOXYlgHkcX4ED0abkbkhZAiqDgdzVo_MBSgjbD8tECWIyH83ib395MsaokWq1SM&sig=Cg0ArKJSzDP7qJDwVDhhEAE&id=ampim&o=1130,305&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=192&tls=1192&g=100&h=100&tt=1192&r=v&adk=3360934345&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1478 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0D1KY2q493eajYFW7GxxOq2-G7PGkC3Mr4031xZs-M7I2MzY3XcjAJSAElmC9AB0jmgUuVsLzlURgjtIir39FJDM-dFC3WS7nNfFB0WM&sig=Cg0ArKJSzN20tGGixHEbEAE&id=ampim&o=429,182&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=175&tls=1177&g=100&h=100&tt=1177&r=v&adk=2816711387&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 49 B
472 B 437ms
437ms XHR
application/json 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2d4e6fc4cc086cf99949cb1d9c45ece2336d1a1b457fe7eb3136377bdf285aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: AD8CCF9D-E143-409F-B149-11227721C0EF
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 28 Mar 2020 08:58:22 GMT
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 49

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032302&jk=526331013033165&bg=!VFelV09YwL8Br36vBXQCAAAATFIAAAAOmQFeNRt-7SQPvSRy1a1zw2XAu3feQwPDzhQbtQXY0xIa6V4Jy7YqzuqC1y_zIbNei1Hte8QhxhtBqzusVut3De3YhWycQzvIMCWAhYDmIIdHJJkBeYx_jd1W-TycPILMWgRPqCxLlhKKCuLCuj2ozJki8lSMa-vSMuYxyQXRl7UIuLfmQe36ArTrorInKkhMXVwkWwiQI8ZrbD9k4L7F_5ZBEeitxtyAVvqinIvvyO50ygOlgWWumvVzL9Yot4YN_h6D0w36Pplrios_CRD9reom-rKnvZSvf-SRedHDbUNO8iZbQ3fAsMRZMsKlde5jkHtPPXu73-h37Vn394rhym_20zv5br6GTJLdrBBpJNplKtyZeNYgdpefnFH7r2YNd9yXZpv_l6aZJRhbrKhGLsIfvZbV0cwhsNW8tVGOJrz1s1xCv1hHksnWUSL0Lmyu1SIpLt-9UFdIZDHTmm6vZyI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 28 Mar 2020 08:58:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 la-solid-900.woff2
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/ Frame 731C 94 KB
95 KB 64ms
20ms Font
application/octet-stream 195.181.175.52
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: unn-195-181-175-52.datapacket.com
Software: CDN77-Turbo /
Resource Hash: 10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Request headers

Referer: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Origin: https://projects.ocregister.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 08:58:23 GMT
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 2064483
content-length: 96752
last-modified: Wed, 04 Mar 2020 07:32:27 GMT
server: CDN77-Turbo
etag: "5e5f598b-179f0"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-edge-ip: 195.181.175.50
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Fri, 03 Apr 2020 11:30:20 GMT

GET
H/1.1 200
OK /
srv-2020-03-28-08.pixel.parsely.com/plogger/ 43 B
229 B 99ms
99ms Image
image/gif 34.234.197.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2020-03-28-08.pixel.parsely.com/plogger/?rand=1585385911855&plid=56665386&idsite=ocregister.com&url=https%3A%2F%2Fwww.ocregister.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22fbef3fa5-c483-4319-bcdc-39dc91351470%22%2C%22parsely_site_uuid%22%3A%22fbef3fa5-c483-4319-bcdc-39dc91351470%22%7D&sid=1&surl=https%3A%2F%2Fwww.ocregister.com%2F&sref=&sts=1585385911855&slts=0&date=Sat+Mar+28+2020+09%3A58%3A31+GMT%2B0100+(Central+European+Standard+Time)&action=heartbeat&inc=5&tt=4900&pvid=7592327&u=fbef3fa5-c483-4319-bcdc-39dc91351470
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.197.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-197-55.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 28 Mar 2020 08:58:31 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 200
OK 7998548d3f Show response
bam.nr-data.net/events/1/ 24 B
185 B 116ms
115ms XHR
image/gif 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/7998548d3f?a=50256569&v=1167.2a4546b&to=Ml0BbUEAXENYUBBfWAsXIlpHCF1eFlUWWVkRFRNYVAQ%3D&rst=12858&ref=https://www.ocregister.com/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ocregister.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 08:23:09	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 17:44:41	Name: IDE Value: AHWqTUlSvNok_3Ip1cbt_TM69GKwzq7MQ0E4dyhxr6up4Uy2A8djuIUHWRVpBS-8
.ocregister.com/	1970-01-19 08:23:05	Name: _gat_UA-61435456-15 Value: 1
.ocregister.com/	1970-01-20 01:54:17	Name: __gads Value: ID=0d29a5564f0029fb:T=1585385900:S=ALNI_MaKI0-0yYoOX7mGrU0f5ZnAdutKhQ
.ocregister.com/	1970-01-19 17:52:29	Name: _parsely_visitor Value: {%22id%22:%22fbef3fa5-c483-4319-bcdc-39dc91351470%22%2C%22session_count%22:1%2C%22last_session_ts%22:1585385901353}
projects.ocregister.com/	1970-01-19 08:24:32	Name: sto-id-LANGWEB-SSL Value: EKBBJEAK
.ocregister.com/	1970-01-19 10:32:41	Name: _fbp Value: fb.1.1585385900947.439875893
.ocregister.com/	1970-01-19 08:23:07	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.ocregister.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1585385901353%2C%22slts%22:0}
www.ocregister.com/	1970-02-24 20:23:05	Name: anonDeviceId Value: a4579b8014a24a3f993481ac7c1bc178
.ocregister.com/	1970-01-19 08:24:32	Name: _gid Value: GA1.2.1149994838.1585385901
www.ocregister.com/	1970-01-19 08:23:07	Name: ai_session Value: lT2PN\|1585385901122.995\|1585385901122.995
www.ocregister.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}
www.ocregister.com/	1970-01-19 17:08:41	Name: ai_user Value: nEWiU\|2020-03-28T08:58:20.790Z
.ocregister.com/	1970-01-19 08:23:05	Name: _dc_gtm_UA-61435456-15 Value: 1
.ocregister.com/	1970-01-20 01:54:17	Name: _ga Value: GA1.2.533601671.1585385901
www.ocregister.com/	1970-01-19 17:08:38	Name: BCSessionID Value: d6964377-d61e-4df2-8092-fd163cbff9a7
.ocregister.com/	1970-01-19 17:47:34	Name: __qca Value: P0-2090028324-1585385901106
www.ocregister.com/	1970-01-19 17:51:53	Name: _cb_ls Value: 1

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp-v.1.0/static/loader.min.js?ver=1.0.0(Line 1) Message: TypeError: Cannot read property 'setItem' of null
console-api	log	URL: https://cdn.blueconic.net/digitalfirstmedia.js(Line 129) Message: [BC]DataLayer available
console-api	log	URL: https://cdn.blueconic.net/digitalfirstmedia.js(Line 129) Message: [BC]Item will not be scraped due to incorrect type: !== article
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js(Line 6) Message: TypeError: Cannot read property 'className' of null
console-api	log	URL: https://cdn.blueconic.net/digitalfirstmedia.js(Line 129) Message: [BC]Pushing event: BlueConic.VIEW
console-api	info	URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003101714470 https://www.ocregister.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003101714470 https://www.ocregister.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003101714470 https://www.ocregister.com/
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 2172602973018658.
console-api	log	URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/(Line 27) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
api-mg2.db-ip.com
api.rlcdn.com
assets.digitalfirstmedia.com
az416426.vo.msecnd.net
bam.nr-data.net
c.amazon-adsystem.com
cdn.ampproject.org
cdn.ayc0zsm69431gfebd.xyz
cdn.blueconic.net
connect.facebook.net
cx.atdmt.com
d1wa9546y9kg0n.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
dc.services.visualstudio.com
digitalfirstmedia.blueconic.net
disqus.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
imasdk.googleapis.com
jadserve.postrelease.com
js-agent.newrelic.com
js-sec.indexww.com
loader-cdn.azureedge.net
mab.chartbeat.com
match.adsrvr.org
maxst.icons8.com
ocregister.com
ocregister.disqus.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
ping.chartbeat.net
pixel.quantserve.com
pixel.wp.com
pr.realvu.net
projects.ocregister.com
rules.quantcount.com
s.ntv.io
sb.scorecardresearch.com
scng-dash.digitalfirstmedia.com
scripts.webcontentassessor.com
secure.quantserve.com
securepubads.g.doubleclick.net
spreadsheets.google.com
srv-2020-03-28-08.config.parsely.com
srv-2020-03-28-08.pixel.parsely.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
trkn.us
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ocregister.com
104.26.5.15
143.204.202.102
143.204.208.228
143.204.208.8
143.204.213.153
151.101.0.134
151.101.114.110
151.101.114.217
151.101.12.134
151.101.13.53
152.199.19.160
162.247.242.21
172.217.23.162
192.0.66.2
192.0.76.3
195.181.175.52
23.45.99.242
2600:9000:2057:4200:18:1fcd:349:ca21
2600:9000:214f:b000:6:44e3:f8c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:81b::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::200e
2a00:1450:4001:824::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c0c::9c
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::714
34.205.105.54
34.230.135.71
34.234.197.55
34.252.71.88
35.168.135.69
35.244.174.68
51.140.6.23
52.216.29.148
52.22.44.87
54.173.180.235
54.197.13.220
63.147.64.74
91.228.74.187
91.228.74.195
95.101.185.135
95.101.185.51
006dc45ed3fd042f99a11c72af3962b8bf001c429e14a30307d85b565105f9ea
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
02981f84bd383dacf4bc76023abbad26710cf5bf6f75b0b40ae588fd408d7652
03af56a50b6ebd95a2b569186046a2173d25fa0d2967b1b4709e310d00b1f7b8
04281ad91ce8e1cd6d5f05a9d50e3663073f24ac122881118e2a3dbcfc47bd7a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05f488e3eb0946ed18b5d5d563b1c1458e1268ae6e86ad776369d79a81280591
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cf461eb6ba9d98e96a5e7303fa79f97d789b552d6fc2da9578a21ef581adf4a
0ea2b666e9f807f22c36379deec02f5c1574c6aa8c913fa742132b7121a8bac6
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f8e92b18330afc87a0e46215b164ba3fcfb17ba576bd8245ad4f6ab75d5233d
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11aea2464b347a9f139a6d4c4df4e31cdf650b3bdcd699002b72db4ee5bf5c68
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
18f431e684b69f91da09f19db3bbb3a5994a2b07e175012d10a74e47078d4419
18f64bb5e8e53b96347373c7668ed2eacf8bf1f4db6bbd365f63f3d8163baa0b
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
24df358354a7d99f56df3a0666b234cc07166a404ef23f73dd0c112b297e5366
26bc3cbed51cc9ff3df5e6fccfbc5851af067bef7a6adbbf3b15c94c588453d6
26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd
28acca8f42e7b2ebff96b6ac593c72097692010bca0cc3b6cccc730d183d0908
28d6d7ef56c6c231fa7d4d779564035095e3df5436beb09dc1359775d9318ebe
29ea35b9076f7089f1d5e90e698c4a929a900d3019bf01b76cb1cd0a7060f9be
2afecb700aa8656dcd8e12a01d11a27e78a2a78b1738a27d4d0edfb457727e3c
2d4e6fc4cc086cf99949cb1d9c45ece2336d1a1b457fe7eb3136377bdf285aa2
2f17ab3ac118eeddb8ac29b08b41a35c0a5f6cdb4a94097c69a36569c5e4d87e
31e07f44d0408b73520a2fd47ebf1442ef363654793b9027ad6562fb7de1cbf8
3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea
338d9a9ad3abb06ada43f3aa399784c2d2dd3229987712ce010c509a420e3dff
33f523673e8b63c761d7b553c43d0f6965ddb08100cf3212d43bca4dcf2fcff8
3403ab128f3101090be315ceca0b48db89d5e6968d142df2afe694980011854c
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
367e67259643fa97e357d9996a4c7697dd2cea56bd65147cd3ee5989ff61490a
3baefb1f1d318071050003b74da20dd6ff4d657856202b90e9b88be2e560e8e1
3dc074b7407d481e42e493a031a84cf0e16b56c26f5a77e781134ef2fec68c15
3eec5278cb4464cc4da8b2dcaefefeda5c73bff1963578ffa477ff4293656a89
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10
486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6
4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287
4dc7898ac7cdc6eb727823fbaccc51c6aa405abfef6a70a37a4b9778f6bc569f
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
58cc50f68c91d8bf425adf77d5b3d0d8cc59b68d8080cd4c7fadf8273d6ed4cf
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5aeb3597e8eda7ec03da7380c6082f3097155f450e99e5f9242a2bae5cc183fb
5b8d88fa91e1fe5000528d4ee6fae7c81d81c65e57c329401b1581cc3aade867
5bf5bcdc6cf95428cfba64375b54f6b95d050164fc6f2f6c58fdbb5cde7a05bc
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75c01ef77d8d1d0bf70a51fccd15a0c230b1b4ef712a56bd87d5c23c0ecfc7d0
76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398
78df7458b54163c90f1565f000ada53425d6efc80a4d018956d4598236f8b751
7f1ac0339db5af2c9c30e00d5fc4803032108eebba7549b678ebf980f2bf0bfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
84ec20c99a6c9cf0044725ebdeb7b64c924b5ab35b5df1fe86796f2e03e4466b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba
8876ab4999f16f88cd2cf2c8c137fb421e59c65b69e0b197f46e329e4264c885
8969c36aa5470fecbcbe616929f0fbbf5fb2f6aea4717adc4553eaaadb9b1135
8cca71ffd0b69f5c08452a4b1d959cbd749397c573730c6bc8dd5af82bef5433
8fb736731d4b9f314989458fcc858ec8beae28a22e7f7fed5f10dde55027c15b
9028e306d76a80950f1f5372ebd89daab6cbed7ecd0a058b92e88e3e0ab0a1ed
9176f6e7ebd144a18e59a766383334c5d5f5ba5c40d638505d9c8af83375067e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
931a8976f5100258b515cfc1464a88f7c878e1bae5496a97e45158867d95c3f0
995cfee51888bf45da433851cde23b72297a5b39b1bb2f745193c073e12e6381
99dd99181925b87c12ea03b24e3c79335d0fcaacc5234b0436e0959aa28cec1e
9a9bd9043e12b5357de4390c035d2f64663063b87172358d30c5c0dec78ea379
9ccf67bb23a7b3eb248d90791c53f9986df5aca3893225e6650c5da2fc2b4826
9dd1db00ed32d1cf4187f2ae448791d5c1f1478521cf9fa6ac2c63d65f0c6cfe
9f20bbc5f865bcae43cd4a75eb286d9f70c7fd0c7d4299ac21c6dd741e13ed0d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a51b9344eeedd9867f68a4592e139dd598ae2bd7f6f00e11bfa1d05462d3c6f8
a650705be45c0734e35d8f22947556b6082c1c6a49f5393b5e0a7104c184e9a1
aa93a4ebc09684f70123be7e3d7b742ef81f0f397d7cae5ff3aa0970a3baaebe
ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce
ac3082cc6d879dec28ccaf8e843ef56d0a40f88483c2fd0e36fb83de6cff342f
acec6a9c02378fec393f4dca906c9ebd7c42409a60a66ab8cdfca8bc529626da
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2d6fcca7b06d9b949f7f407e9229e0323cb2a75cb6ee4ad35b53e25cf161605
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b68be6d4ae0912ad4036471bb2c405bffb0a94b1c698c66d2b17a430da8a89b6
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
beb58d113da73001dfcbbb97b0e041c737361f1ae0050e6c60c96c14d69a46a7
c16b5e0a7baf923398f1a497be1d4cd389abd3352b5e148eaa24354fb6a66a21
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c2b0d171a4179bf00898c430c1c15464e528aff5762fc70a5d02184834c82eff
c75d44fb1f0f59284ff434b3afdee46cabb8fa6a5353637279c7c206ea57337a
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac6d67cb017c8ce68b56c366f99bf7095788ceaf07a42c896b738ffb8b98dff
cad7c053474b32e689b24cea20b1af1acfa71885a9120949ce221c31ab774350
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b25f8e9376d4300b9f2953cb04da769ed075ff802c7ba9c5e27940490ffd64
d1f8606bc7758c83642910a63c776b2ac85176c26322fd090a1fd1632c4bda98
d68b3bc76f5dbed345b301eba29332f77221ebcfaf868bbc65200b3c9d8345d8
d7e0dd24d8c20a571fbdf722187dd1dfeda4935f35b0f676439dbd5c722a62b0
d8435911753d7e931e1dda44b3ec12ce5158d6389131eadb584f0097a809c901
d88f2e456aa67f18e91aaa374e8cca5c265e7c2d8b602aeb974b269b3f2265ce
d8e421ae0eb93b48b5f543fde39a6fd026d7fb7922e362c16a6e044616624c8b
dcecdb1840690863ca0cfb49910dc86fdd185f6f129330f29c3fd190e7f16aba
dd70270858a126679ef84740f47b37a51dc9bfb21598961b3a872a4d7046a37b
df045e008100880eac4a1075503b080e9025059072bfd9d3555dc6995a415571
e117682afe7e4639c5f11b123412a186ddadb178981905286d40ec8d34095bc1
e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84
e192beae0933b0038f4437b76b55d7b6ea5a1b2f05a95c2e399c139180a880e1
e1f4313af62f95dc370551eeb6bb032b7be8c8ed9cb0b8ae02dda007801c51d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6663a15ba588e2aefc9628eaa5755e740f7a31c3caff63430d14248f53281ff
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebe20f1880d82161778aae30a95b58a7d868f83494e04b10f1e59bffb8f52e41
ede7269398b226911a34277c26e4553f6b1247f826642265203d2c27346f7a31
ee1f4329c0546185fbd84070d5fa4da392e9deecb771dc2170d4a2d9135800bc
eee221cbc80a91974aa8586d186f394db85dfffe67bebbec50f48b0cbccfc71f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bc63eb8757ab7f3ed8cfa58eddf780caced87a9ec8d54fc6a1dae8300cfc6b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4459a0c7af08c0bba80ea01eb5c18ef260ee962f7bdf4d637bfac1117e2ae8a
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f563b310dd7962997c0fcda0bdf991153c655ed93b29d1797ab7058e6494445f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fceeee9146da83cf7baa5d092bc9f852a7846073d56d4218261ac192c55dcd15
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

www.ocregister.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

172 Requests

100 %HTTPS

40 %IPv6

44 Domains

64 Subdomains

54 IPs

8 Countries

3201 kBTransfer

10354 kBSize

18 Cookies

38 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ocregister.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

100 %
HTTPS

40 %
IPv6

44
Domains

64
Subdomains

54
IPs

8
Countries

3201 kB
Transfer

10354 kB
Size

18
Cookies

172 HTTP transactions
6 data transactions