urlscan.io logo urlscan.io
SecurityTrails logo

oko.sh Open in urlscan Pro
2606:4700:3030::6815:817  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/FhJu0vfYwZ
Effective URL: https://oko.sh/FSDSS423FHD
Submission: On November 21 via manual from VN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3030::6815:817, located in United States and belongs to CLOUDFLARENET, US. The main domain is oko.sh. The Cisco Umbrella rank of the primary domain is 745004.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time oko.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
6    2606:4700:3030::6815:817 (United States)

ASN13335 (CLOUDFLARENET, US)
oko.sh
1    23.109.150.145 (Netherlands)

ASN7979 (SERVERS-COM, US)
trustbummler.com
1    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
upgulpinon.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::681a:c76 (United States)

ASN13335 (CLOUDFLARENET, US)
iclickcdn.com
1    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
forfrogadiertor.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)
bedrapiona.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
6 oko.sh
oko.sh — Cisco Umbrella Rank: 745004
308 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 2536
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
109 KB
1 bedrapiona.com
bedrapiona.com — Cisco Umbrella Rank: 48392
430 B
1 gstatic.com
www.gstatic.com
162 KB
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1848
996 B
1 forfrogadiertor.com
forfrogadiertor.com
356 B
1 iclickcdn.com
iclickcdn.com — Cisco Umbrella Rank: 155679
25 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
964 B
1 upgulpinon.com
upgulpinon.com — Cisco Umbrella Rank: 58260
130 B
1 trustbummler.com
trustbummler.com — Cisco Umbrella Rank: 430598
1 t.co
t.co — Cisco Umbrella Rank: 475
552 B
20 12
Domain Requested by
6 oko.sh t.co
oko.sh
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com oko.sh
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 bedrapiona.com iclickcdn.com
1 www.gstatic.com www.google.com
1 www.recaptcha.net oko.sh
1 forfrogadiertor.com oko.sh
1 iclickcdn.com oko.sh
1 www.google.com oko.sh
1 upgulpinon.com oko.sh
1 trustbummler.com oko.sh
1 t.co
20 13

This site contains links to these domains. Also see Links.

Domain
iir.ai
taghaugh.com
Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
trustbummler.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh
upgulpinon.com
R3		 2022-10-24 -
2023-01-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
forfrogadiertor.com
R3		 2022-10-28 -
2023-01-26		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
bedrapiona.com
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://oko.sh/FSDSS423FHD
Frame ID: CA530056AA92BAF226959CCC4B624A8D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Health2Wealth

Page URL History Show full URLs

  1. https://t.co/FhJu0vfYwZ Page URL
  2. https://oko.sh/FSDSS423FHD Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

20
Requests

100 %
HTTPS

62 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

628 kB
Transfer

2289 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/FhJu0vfYwZ Page URL
  2. https://oko.sh/FSDSS423FHD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
FhJu0vfYwZ
t.co/ 		233 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/FhJu0vfYwZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
179
content-type
text/html; charset=utf-8
date
Mon, 21 Nov 2022 19:30:43 GMT
expires
Mon, 21 Nov 2022 19:35:44 GMT
perf
7626143928
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
49c53561bbc3655ad854d67624221096a98b59c24f8dcebd25fb8bc5d21b14dd
x-response-time
112
x-transaction-id
a9b97e20bde591b8
x-xss-protection
0
Primary Request FSDSS423FHD
oko.sh/ 		794 KB
97 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oko.sh/FSDSS423FHD
Requested by
Host: t.co
URL: https://t.co/FhJu0vfYwZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8267b127fd7387f776305a520e964a0587197966accc70a947881075fb4fc15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
76dbd7787d7890d7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 21 Nov 2022 19:30:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKVUkQeDeQi6sC7nwS3JP5Hul5j48qcZwuiQyMACc46Y2%2FESspogDpld4W2RE5I3VrQ84JvO7%2FqTB2jSHohJw0Dp9e0xG1rl4RK4rb0CqJoxrx9VcVmQnj78fvDirdCo2iqQt8Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN,SAMEORIGIN
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
styles.min.css
oko.sh/cloud_theme/build/css/ 		197 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oko.sh/cloud_theme/build/css/styles.min.css?ver=6.5.3
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/FSDSS423FHD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1744611
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Nov 2021 17:45:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfeHjYlo7zLLHSxa5u8Ohmn%2BhjatBAwpyHiWKO9hIGe12DxKKpqQFl1zsinp0KJ8wRXLUMH6xacHNjRB8AWisex6wgZusx5rA%2B9dXoaZ4bLkxOTr0CQfloTFcJqdmY8i4IltX0M%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
76dbd77e7a9790d7-FRA
expires
Thu, 01 Dec 2022 14:53:53 GMT
logo.png
oko.sh/main/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oko.sh/main/logo.png
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4243aacfbc570a5f68224470cffa3d6c23c4d2cd889157ac87a5cd66fab18c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/FSDSS423FHD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1744621
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12653
x-xss-protection
1; mode=block
last-modified
Tue, 12 Apr 2022 02:23:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEqB0aWA2m2WkawOLrg%2FyHuMP63vwCrh%2FXt%2FZgw4c%2F0SwCqP7iuCrsqmOEKkjkOBaZWawUzvSFgdgi6dUUNuZYV7Ey5g4gEGAbQ4amGyHfevQl4dBBSEaS%2FF0fEZ22hZqlWMXo8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
76dbd77e7a9990d7-FRA
expires
Wed, 01 Nov 2023 14:53:44 GMT
14504
trustbummler.com/tSXyF1oQpqC/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://trustbummler.com/tSXyF1oQpqC/14504
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.150.145 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
dwndbnr1.png
oko.sh/webroot/modern_theme/img/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oko.sh/webroot/modern_theme/img/dwndbnr1.png
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/FSDSS423FHD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1744600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47787
x-xss-protection
1; mode=block
last-modified
Fri, 15 Nov 2019 16:03:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmVLzmGM7WGUV1Gpk%2F1fvqnWw89aFtlBSy5R5631FQ9Y37LBXYJsF3%2FOoJdt4mh%2FwXWC%2BbRWknzL9q6A1f6nq4nKBeP8IRUtiGj80VVVeJLGwFig%2Fm1MUVyanuRyv2NdzffS0sE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
76dbd77f0bfe7264-HAM
expires
Wed, 01 Nov 2023 14:54:04 GMT
1
upgulpinon.com/ 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
https://upgulpinon.com/1?z=5324394
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Nov 2022 19:30:46 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
tagdiv_theme.min.js
oko.sh/main/wp-content/themes/Newspaper/js/ 		204 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oko.sh/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/FSDSS423FHD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1744600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 13 Nov 2020 05:39:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RJ0G0GZfRdQVVNBsdbZ7OAmDzfUV507Of0lLWAVa%2FirQOElg8x3I6L4akPxsXkczGJBGktmUXAg2zdZ8JDxvZChFt%2BhaK5viCqeDA%2F39m9gxhz7ItnrkeJAGomVP%2FSXLMz6Weg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
76dbd77ecb9b7264-HAM
expires
Thu, 01 Dec 2022 14:54:04 GMT
script.min.js
oko.sh/cloud_theme/build/js/ 		221 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oko.sh/cloud_theme/build/js/script.min.js?ver=6.5.3
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f77a19278bb4839222a13521b55fde34d5633a73cc82260d33b65aab5ec822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/FSDSS423FHD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1744600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Nov 2021 17:45:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fM%2BXTwBb7Dw0z%2B9pVk5As4BuIb%2BrZUtcRYuZpDOWro7MEeG619SSTQZysGDEnz4asWVqffHbmmx4IvQ6LNSQTZQUCupJ%2F88BSiUeo1I3dvtyR6%2Br2YZeQVNPK4HDx051%2BOgOo2A%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
76dbd77eebe87264-HAM
expires
Thu, 01 Dec 2022 14:54:04 GMT
api.js
www.google.com/recaptcha/ 		850 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
551
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 19:30:46 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbad28fc691d36cdaaed16ebae703c42cf6db55dab9e028cd6baaca50457072a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44717
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 21 Nov 2022 19:30:46 GMT
tag.min.js
iclickcdn.com/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
280d3111b38f3defc37b2ebbbf228c4e4b1dfd84b83855b5977d2bd3655b83b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54057
x-trace-id
8603575ab69215bac43618b71e3f27ab
pragma
no-cache
last-modified
Fri, 18 Nov 2022 12:18:11 GMT
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSDmBkwuMyeirq9TJKxECu0MrzzxDsaj0kByceSuFnY1BE4wU8YrUu8rFE2R%2BxZ4Br440nn%2BEZ4qlxKoHJRkb%2Fmbvx4sOmzhM4dROy0VeoV8YIBwmMIld2kzZ8GNQiBm6QAtrlq7ZnGDflE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
cf-ray
76dbd77f6dc49262-FRA
expires
Tue, 22 Nov 2022 04:29:49 GMT
5533285
forfrogadiertor.com/400/ 		0
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/400/5533285
Requested by
Host: oko.sh
URL: https://oko.sh/FSDSS423FHD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-trace-id
a7e0cca3c0b1cae61b9b88baa561ae7e
pragma
no-cache
date
Mon, 21 Nov 2022 19:30:46 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
api.js
www.recaptcha.net/recaptcha/ 		921 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: oko.sh
URL: https://oko.sh/cloud_theme/build/js/script.min.js?ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2bf3deed6ec970d96bee17e12a46d180bc15dc0582007581bf3a0639521d4b7e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 19:30:46 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 		402 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oko.sh/
Origin
https://oko.sh
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164812
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 03:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Nov 2023 18:44:37 GMT
js
www.googletagmanager.com/gtag/ 		177 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8X8EKR7KXR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de6a8642b2e02f493dc3680fd783a5b8909cea23bd17498d1bdc5fa45e356917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:30:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66654
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 21 Nov 2022 19:30:46 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Nov 2022 19:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
357
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 21 Nov 2022 21:24:49 GMT
/
bedrapiona.com/5/3491150/ 		0
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.450.0
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 21 Nov 2022 19:30:46 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oko.sh
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2090514837&t=pageview&_s=1&dl=https%3A%2F%2Foko.sh%2FFSDSS423FHD&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Health2Wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1715380337&gjid=1356371092&cid=476747631.1669059046&tid=UA-113561579-2&_gid=706487433.1669059046&_r=1&gtm=2oub90&z=182651245
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oko.sh/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Nov 2022 19:30:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oko.sh
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8X8EKR7KXR&gtm=2oeb90&_p=2090514837&cid=476747631.1669059046&ul=en-us&sr=1600x1200&_s=1&sid=1669059046&sct=1&seg=0&dl=https%3A%2F%2Foko.sh%2FFSDSS423FHD&dr=https%3A%2F%2Ft.co%2F&dt=Health2Wealth&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X8EKR7KXR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Nov 2022 19:30:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oko.sh
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| tdDetect undefined| tdViewport undefined| tdMenu undefined| tdUtil undefined| tdAffix function| td_smart_list_dropdown undefined| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life undefined| tdIsScrollingAnimation undefined| td_mouse_wheel_or_touch_moved undefined| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class undefined| tdLoadingBox undefined| tdAjaxSearch undefined| tdModalImageLastEl function| tdModalImage undefined| tdBlocks undefined| tdLogin undefined| tdLoginMob undefined| tdDemoMenu undefined| tdTrendingNow undefined| td_history undefined| tdSmartSidebar undefined| tdInfiniteLoader undefined| Froogaloop undefined| tdCustomEvents undefined| tdEvents undefined| tdAjaxCount undefined| tdYoutubePlayers undefined| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update undefined| tdPullDown undefined| td_fps undefined| tdAnimationScroll undefined| tdHomepageFull undefined| tdBackstr undefined| tdAnimationStack undefined| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item undefined| tdAjaxLoop undefined| tdWeather undefined| tdAnimationSprite function| td_date_i18n undefined| tdSocialSharing object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| onloadHCaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| zfgstorage object| 6d6yg842s2c object| zfgformats function| onClickTrigger boolean| zfgloadedpopup object| gaplugins object| gaGlobal object| gaData object| recaptcha

11 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 81ca191d-37a6-49e4-ab9d-3dc9c4b3d716
oko.sh/ Name: AppSession
Value: 50d32fe2e38ea7a726ba765782dcd379
oko.sh/ Name: refFSDSS423FHD
Value: ODMyMjY0NGI2MmU1ZjE5MDdmMzAyYWYyMGY4YzhhMGRhNWIyNTlmYzg3Zjg1NjdiZmMxYzVkZDc3ZGI1YjliMUM%2F5H1%2BSeKQkXMngjOlvvamoredzxlP1ZlF1jlOsARwV2BEFo6gBfZgh%2F64c9iyhg%3D%3D
oko.sh/ Name: csrfToken
Value: ad11301b0793cbb140724aab2366ecda0d6bb1a6b5631e4587cc834fa292650a65532b54a6f3fb170610f432e1c30a298dc1f96fbc0c5ab833290be8751a8ec7
trustbummler.com/ Name: GL_UI4
Value: eJw9jUtugzAYhCHm0SgFdSQO0COYoASzrHqILpHBf4gbsCPjBvX2tSq1q%2Fk0D00URbuqRPzIGNiXPOH1IgbRnRsSJz4SHbtWHDsheM2blp8bzrHXa%2B%2FlMJNP8DyRIafHfrSKCryE6M%2B5GbuZBOngpFEF0iU05gL54Oy2kqsYEiMXQvZ%2BdTZoushP68Bq3gbWJnDMsbNrxco98g9tVBiWB%2BxqXhZZhMN9lv5i3dJrlcVIJycVIX7D0yg9TdZ9I1e03ry9A3ZW%2FX%2F%2F95dtNUem6KHHcG79ldwPsV5JuA%3D%3D
trustbummler.com/ Name: GL_GI10
Value: eJxljNGKwjAURGuqVVFcBvyA%2FoAFq6A%2Ba3d90G8Iod5KkOaGJIr1660Ky8K%2BDWfmTBRFYjqB0Bbj%2BWaR5atsvszyNeIzMcSuwLjkqwmukUbVhP4PuVqZBomjs2YDsS8w%2BmRZ8onQ2xWzP%2Bxt9fbkPaFb6tAA306ZS3V1IVV1elTaYPgqPvq01f8PYu0tBsd8uUoP4YShoSC9JWrjlp1lpwJh8kvfV0mMgfbSOr43SQdfQdf0YEOSq8pTaFHnlogniKZMUw%3D%3D
oko.sh/ Name: ab
Value: 2
.oko.sh/ Name: _gid
Value: GA1.2.706487433.1669059046
.oko.sh/ Name: _gat_gtag_UA_113561579_2
Value: 1
.oko.sh/ Name: _ga_8X8EKR7KXR
Value: GS1.1.1669059046.1.0.1669059046.0.0.0
.oko.sh/ Name: _ga
Value: GA1.1.476747631.1669059046

1 Console Messages

Source Level URL
Text
security error URL: https://oko.sh/FSDSS423FHD(Line 243)
Message:
Refused to execute script from 'https://forfrogadiertor.com/400/5533285' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bedrapiona.com
forfrogadiertor.com
iclickcdn.com
oko.sh
region1.google-analytics.com
t.co
trustbummler.com
upgulpinon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
104.244.42.133
139.45.197.234
139.45.197.239
139.45.197.242
2001:4860:4802:32::36
23.109.150.145
2606:4700:20::681a:c76
2606:4700:3030::6815:817
2a00:1450:4001:800::2008
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
1f4243aacfbc570a5f68224470cffa3d6c23c4d2cd889157ac87a5cd66fab18c
280d3111b38f3defc37b2ebbbf228c4e4b1dfd84b83855b5977d2bd3655b83b6
2bf3deed6ec970d96bee17e12a46d180bc15dc0582007581bf3a0639521d4b7e
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
63f77a19278bb4839222a13521b55fde34d5633a73cc82260d33b65aab5ec822
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8267b127fd7387f776305a520e964a0587197966accc70a947881075fb4fc15
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
dbad28fc691d36cdaaed16ebae703c42cf6db55dab9e028cd6baaca50457072a
de6a8642b2e02f493dc3680fd783a5b8909cea23bd17498d1bdc5fa45e356917
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71