urlscan.io logo urlscan.io
SecurityTrails logo

oko.sh Open in urlscan Pro
2606:4700:3030::6815:817  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://iir.ai/y4AIl
Effective URL: https://oko.sh/y4AIl
Submission: On October 11 via manual from PE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3030::6815:817, located in United States and belongs to CLOUDFLARENET, US. The main domain is oko.sh. The Cisco Umbrella rank of the primary domain is 391184.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time oko.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
iir.ai
6    2606:4700:3030::6815:817 (United States)

ASN13335 (CLOUDFLARENET, US)
oko.sh
1    23.109.87.15 (Netherlands)

ASN7979 (SERVERS-COM, US)
trustbummler.com
1    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
upgulpinon.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::681a:c76 (United States)

ASN13335 (CLOUDFLARENET, US)
iclickcdn.com
1    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
forfrogadiertor.com
1    139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)
bedrapiona.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
6 oko.sh
oko.sh — Cisco Umbrella Rank: 391184
308 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
region1.google-analytics.com — Cisco Umbrella Rank: 2144
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
107 KB
1 gstatic.com
www.gstatic.com
158 KB
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2291
1001 B
1 bedrapiona.com
bedrapiona.com — Cisco Umbrella Rank: 28650
430 B
1 forfrogadiertor.com
forfrogadiertor.com — Cisco Umbrella Rank: 302179
357 B
1 iclickcdn.com
iclickcdn.com — Cisco Umbrella Rank: 92194
25 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 19
971 B
1 upgulpinon.com
upgulpinon.com — Cisco Umbrella Rank: 28643
130 B
1 trustbummler.com
trustbummler.com — Cisco Umbrella Rank: 112179
1 iir.ai
iir.ai — Cisco Umbrella Rank: 792473
555 B
19 12
Domain Requested by
6 oko.sh oko.sh
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com oko.sh
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 www.recaptcha.net oko.sh
1 bedrapiona.com iclickcdn.com
1 forfrogadiertor.com oko.sh
1 iclickcdn.com oko.sh
1 www.google.com oko.sh
1 upgulpinon.com oko.sh
1 trustbummler.com oko.sh
1 iir.ai 1 redirects
19 13

This site contains links to these domains. Also see Links.

Domain
iir.ai
taghaugh.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
trustbummler.com
R3		 2022-08-03 -
2022-11-01		 3 months crt.sh
upgulpinon.com
R3		 2022-08-26 -
2022-11-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
forfrogadiertor.com
R3		 2022-08-29 -
2022-11-27		 3 months crt.sh
bedrapiona.com
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://oko.sh/y4AIl
Frame ID: ED3444B076043908463D3AD3A4530EA8
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Health2Wealth

Page URL History Show full URLs

  1. https://iir.ai/y4AIl HTTP 301
    https://oko.sh/y4AIl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

19
Requests

100 %
HTTPS

69 %
IPv6

12
Domains

13
Subdomains

12
IPs

4
Countries

621 kB
Transfer

2274 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://iir.ai/y4AIl HTTP 301
    https://oko.sh/y4AIl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request y4AIl
oko.sh/
Redirect Chain
  • https://iir.ai/y4AIl
  • https://oko.sh/y4AIl
794 KB
97 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oko.sh/y4AIl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bcb86fe188c71a132e482eb48bcdfa6ff2dcac79a775489960803b053a0ae9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7583def039dc91e4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:37:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlZXu0xwA9k8UnD5ddY966cpcbUkQ9shG%2BZAQlXW%2BTQFygO2N4YlZhNRBa%2F9aomDiVx31JJI7WKCsy9vpP2s59Kxi1o3oCSczypj1mWL5bCnWWaOH4ZfnEnYJPigYD29bGjChMQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN,SAMEORIGIN
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7583deed3c7092bd-FRA
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:37:29 GMT
location
https://oko.sh/y4AIl
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ItB9dI%2BWQnzp96x3u%2FkSHHPGo2RUSGBd45QWOgwuID0idf421yl8vO3TGbJ%2BWdgUeX3Lkz0pH5IkEstIitlN4piy2e863dE3zuld97FLdsr%2BvGJqP%2BALU5cQutwlzveCibjMjw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
styles.min.css
oko.sh/cloud_theme/build/css/ 		197 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oko.sh/cloud_theme/build/css/styles.min.css?ver=6.5.3
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/y4AIl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Nov 2021 17:45:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMs8D4RjBYRt0MJ3%2Bol9Gr%2F4xHdSQ4jnUwj%2FoT0FI%2BdIEXd%2Fgo3dvdxt1bWtdbMadDoJNJZi9fOhURwBMLbNY%2FdsEiG3C9cludvajMXjpLpxUKT%2FNB%2BSXUu9ipAjBDfsvfS3CLI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
7583def5bfbd91e4-FRA
expires
Sat, 15 Oct 2022 08:33:22 GMT
logo.png
oko.sh/main/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oko.sh/main/logo.png
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4243aacfbc570a5f68224470cffa3d6c23c4d2cd889157ac87a5cd66fab18c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/y4AIl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12653
x-xss-protection
1; mode=block
last-modified
Tue, 12 Apr 2022 02:23:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erI84Ab6usi6C2MAE2DJHqXWro%2BalSqwLcaVmIFTNRGJhMOM93LaJQaKC6whqGXVmvdhH5uwU8KRmfUcjHzwazpOvrIiku7qzEbjF4ke07WOvlXYqCl9C445vwo6uityYcGXTPc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7583def5bfc291e4-FRA
expires
Fri, 15 Sep 2023 08:33:22 GMT
14504
trustbummler.com/tSXyF1oQpqC/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://trustbummler.com/tSXyF1oQpqC/14504
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.87.15 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
dwndbnr1.png
oko.sh/webroot/modern_theme/img/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oko.sh/webroot/modern_theme/img/dwndbnr1.png
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/y4AIl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47787
x-xss-protection
1; mode=block
last-modified
Fri, 15 Nov 2019 16:03:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IR6yTXobZN6HMeqgeKbAkfTiPpHPmbKV5BVy3BqNyttLvtjrsUK4F%2B%2FKAdpBpy%2BRoU5yThHI%2FeC1nAOzBVyNwsl3jUWhhoqLWaMGy%2BrW0qyF1%2BsAQylIzCMPK5sJ0dN1bzoD2KE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7583def5f9fa9243-FRA
expires
Fri, 15 Sep 2023 08:33:23 GMT
1
upgulpinon.com/ 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
https://upgulpinon.com/1?z=5324394
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:37:30 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
tagdiv_theme.min.js
oko.sh/main/wp-content/themes/Newspaper/js/ 		204 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oko.sh/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/y4AIl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 13 Nov 2020 05:39:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu0jfJU0sqZ%2BOWsxq2VB52hGAnIockjmo70hqF96r1cWPgNaBZLS1Uf8ewLfgNJrG2TCa%2FxXAdvuMX4O6QvDX%2F%2BBB%2Bh0x9H%2F9LodlQUdnP9SP5U7rOEqpikjD1zQIzP7VHL%2BU28%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
7583def5e9ea9243-FRA
expires
Sat, 15 Oct 2022 08:33:22 GMT
script.min.js
oko.sh/cloud_theme/build/js/ 		221 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oko.sh/cloud_theme/build/js/script.min.js?ver=6.5.3
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f77a19278bb4839222a13521b55fde34d5633a73cc82260d33b65aab5ec822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/y4AIl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Nov 2021 17:45:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uge4r3IWU0SIPmnvx0SLUfBpqtAWmNIdsFCD7cF7fwSH%2FKqA63nhoXGhBC%2FtLuhNrqcLEuoMm0ZMZupI3uvf5Oxkh6QTJLDYGzircwVJLKFOIVdKe1orybILNtqRaI%2BZcN6wOZU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
7583def5f9f89243-FRA
expires
Sat, 15 Oct 2022 08:33:23 GMT
api.js
www.google.com/recaptcha/ 		850 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c964d941255838a0ede85ac1944c8e9af9174721a6748162c4eddf1c4818b06e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
558
x-xss-protection
1; mode=block
expires
Tue, 11 Oct 2022 01:37:30 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
723269b7324d5afad5a5de620999a71c750104ff3df176ef70e7f31e7b0bb43b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43509
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 11 Oct 2022 01:37:30 GMT
tag.min.js
iclickcdn.com/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b2531ed85ae4f9a55515c76bcaf44df4925c5a6e582003528c2ab9629b6265

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39872
x-trace-id
9993cd537c218514c5b8a794b913c585
pragma
no-cache
last-modified
Mon, 10 Oct 2022 14:13:57 GMT
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygMJmIsqV5U2W%2BbtOgAqaiar%2BkzyDKSZRHAPZaFVjjoVvs43TvTWaF802tQ6wktMP21BShN9PE4L44Kt8ip1ZX0WLnluJQPgKFuv%2BiSUtSco2u1YwGgT45VjcIOeOzi13%2FgNMd6tcPQGKIM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
cf-ray
7583def64ce6996c-FRA
expires
Tue, 11 Oct 2022 14:32:58 GMT
3487732
forfrogadiertor.com/400/ 		0
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forfrogadiertor.com/400/3487732
Requested by
Host: oko.sh
URL: https://oko.sh/y4AIl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-trace-id
2651ca3589518800e9aff3af317fb8d9
pragma
no-cache
date
Tue, 11 Oct 2022 01:37:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
bedrapiona.com/5/3491150/ 		0
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.436.1
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 11 Oct 2022 01:37:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oko.sh
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
api.js
www.recaptcha.net/recaptcha/ 		921 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: oko.sh
URL: https://oko.sh/cloud_theme/build/js/script.min.js?ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
34d9da7ae96a659027a4de206178e562c2c99d02e8bbbd6ca918f4b06697adce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
588
x-xss-protection
1; mode=block
expires
Tue, 11 Oct 2022 01:37:30 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		394 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5645096462c6f8cee61cfc3641793f0dd6fe0a2536109fe31562e6ccfe7262a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oko.sh/
Origin
https://oko.sh
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 14:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
160761
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 14:21:33 GMT
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8X8EKR7KXR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
762ced7b8519d8262aaa7998b3a34d477f5ae18f900c4db209abfcd476e61316
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:37:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
65532
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 11 Oct 2022 01:37:30 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Oct 2022 01:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1293
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 11 Oct 2022 03:15:57 GMT
collect
region1.google-analytics.com/g/ 		0
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8X8EKR7KXR&gtm=2oeaa0&_p=374769162&cid=1619269130.1665452251&ul=en-us&sr=1600x1200&_s=1&sid=1665452250&sct=1&seg=0&dl=https%3A%2F%2Foko.sh%2Fy4AIl&dt=Health2Wealth&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X8EKR7KXR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oko.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:37:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oko.sh
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=374769162&t=pageview&_s=1&dl=https%3A%2F%2Foko.sh%2Fy4AIl&ul=en-us&de=UTF-8&dt=Health2Wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=319431590&gjid=822523925&cid=1619269130.1665452251&tid=UA-113561579-2&_gid=571191233.1665452251&_r=1&gtm=2ouaa0&z=721957014
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oko.sh/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:37:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oko.sh
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| tdDetect undefined| tdViewport undefined| tdMenu undefined| tdUtil undefined| tdAffix function| td_smart_list_dropdown undefined| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life undefined| tdIsScrollingAnimation undefined| td_mouse_wheel_or_touch_moved undefined| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class undefined| tdLoadingBox undefined| tdAjaxSearch undefined| tdModalImageLastEl function| tdModalImage undefined| tdBlocks undefined| tdLogin undefined| tdLoginMob undefined| tdDemoMenu undefined| tdTrendingNow undefined| td_history undefined| tdSmartSidebar undefined| tdInfiniteLoader undefined| Froogaloop undefined| tdCustomEvents undefined| tdEvents undefined| tdAjaxCount undefined| tdYoutubePlayers undefined| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update undefined| tdPullDown undefined| td_fps undefined| tdAnimationScroll undefined| tdHomepageFull undefined| tdBackstr undefined| tdAnimationStack undefined| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item undefined| tdAjaxLoop undefined| tdWeather undefined| tdAnimationSprite function| td_date_i18n undefined| tdSocialSharing object| app_vars object| e object| zfgstorage object| iurgdrmm01s object| zfgformats function| onClickTrigger boolean| zfgloadedpopup object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| onloadHCaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| recaptcha

10 Cookies

Domain/Path Name / Value
oko.sh/ Name: AppSession
Value: 899bdf1426e5891528ce1156befe7ea6
oko.sh/ Name: refy4AIl
Value: MThhOWEwMmI1NjBiMTEzNTMzMzgzMWIwZDcwZTdlMmQwODMzMGNlZjZlZTRjYjNkMjkxMTdkZGYxMTI2NzVkNA5vLs%2FRbOWMWEFVkOYq4zZjnaPCeV1H7tvHc9q7IxLG
oko.sh/ Name: csrfToken
Value: 68153443e420976d97b0cb7f574ec8c137403494391afbc3c4bd4636adcc7e4560ef0873a4398bd7d906ce5a28490f5987e9aca2cf2afce912467eae6e9d22cf
trustbummler.com/ Name: GL_UI4
Value: eJw9jVtOhDAYhYFycTJCPAkLmCWAMuCrcRE%2Bkpb%2Fh6kD7aTgEHdvY6JP58u55ARBEJUFwnsqIL7kGacXeh14rBtFzblrlVTtM9WSxnHsmpapw0Gv%2FSbVzFuMx4kNOz30gyXO8eSjP%2Bdq7G5iJMpJQzmSxTfmHJlydl%2FZlQKxkQsjfb846zVZ5Kd1EHXVetbGc1ghsmspigOyD23ID4sjoroq8jTA8TbLbbRu6TWlIZLJSWKEb3gY5MaTdd%2FIiNfrZm%2BAnan%2F7%2F%2F%2Bir2ukBLf9eDP7XZh9wOB4Eu9
trustbummler.com/ Name: GL_GI10
Value: eJw9jMtOwzAURFMHmaYlQSOxYdcfwBsqHltoxabqDlhaJrltLci9lm0e4etRi9TVjObMTFEU6qKB8gGT61szvzP3c3ODcksCtVjirJVPznGw7HrC6RPF3vEAHWnrhWtM%2F41tpSNMFsurZ35n%2BeYj2O9qnLQ%2BDzWqvRy6zRilTwGXK3KJXulttqa8o%2FjhuEuzB%2FNiUDFlmwJRh%2BpRYpDoMqE5pocfXWLskw1RfgY9wnn2Pf0Kk5XNJlHWCqMvrf4AkCRE%2Bw%3D%3D
oko.sh/ Name: ab
Value: 2
.oko.sh/ Name: _ga_8X8EKR7KXR
Value: GS1.1.1665452250.1.0.1665452250.0.0.0
.oko.sh/ Name: _ga
Value: GA1.2.1619269130.1665452251
.oko.sh/ Name: _gid
Value: GA1.2.571191233.1665452251
.oko.sh/ Name: _gat_gtag_UA_113561579_2
Value: 1

1 Console Messages

Source Level URL
Text
security error URL: https://oko.sh/y4AIl
Message:
Refused to execute script from 'https://forfrogadiertor.com/400/3487732' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bedrapiona.com
forfrogadiertor.com
iclickcdn.com
iir.ai
oko.sh
region1.google-analytics.com
trustbummler.com
upgulpinon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
139.45.197.234
139.45.197.239
139.45.197.242
2001:4860:4802:34::36
23.109.87.15
2606:4700:20::681a:c76
2606:4700:3030::6815:817
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::2004
2a00:1450:4001:827::200e
2a00:1450:4001:830::2003
2a06:98c1:3120::3
1bcb86fe188c71a132e482eb48bcdfa6ff2dcac79a775489960803b053a0ae9d
1f4243aacfbc570a5f68224470cffa3d6c23c4d2cd889157ac87a5cd66fab18c
34d9da7ae96a659027a4de206178e562c2c99d02e8bbbd6ca918f4b06697adce
63f77a19278bb4839222a13521b55fde34d5633a73cc82260d33b65aab5ec822
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
723269b7324d5afad5a5de620999a71c750104ff3df176ef70e7f31e7b0bb43b
762ced7b8519d8262aaa7998b3a34d477f5ae18f900c4db209abfcd476e61316
93b2531ed85ae4f9a55515c76bcaf44df4925c5a6e582003528c2ab9629b6265
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
c964d941255838a0ede85ac1944c8e9af9174721a6748162c4eddf1c4818b06e
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5645096462c6f8cee61cfc3641793f0dd6fe0a2536109fe31562e6ccfe7262a