urlscan.io logo urlscan.io
SecurityTrails logo

oii.la Open in urlscan Pro
172.67.141.84  Public Scan

Go To Rescan Add Verdict Report
URL: https://oii.la/9RdF
Submission: On October 19 via manual from MX — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 16 domains to perform 36 HTTP transactions. The main IP is 172.67.141.84, located in United States and belongs to CLOUDFLARENET, US. The main domain is oii.la.
TLS certificate: Issued by WE1 on August 23rd 2024. Valid for: 3 months.
This is the only time oii.la was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 172.67.141.84 13335 (CLOUDFLAR...)
1 139.45.197.243 9002 (RETN-AS)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 173.194.175.106 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
6 139.45.197.245 9002 (RETN-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.211.29 13335 (CLOUDFLAR...)
1 172.217.197.94 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
1 139.45.197.242 9002 (RETN-AS)
1 173.194.207.94 15169 (GOOGLE)
1 172.67.178.81 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 139.45.195.254 9002 (RETN-AS)
1 172.67.134.7 13335 (CLOUDFLAR...)
36 17
8    172.67.141.84 (United States)

ASN13335 (CLOUDFLARENET, US)
oii.la
1    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
heejuchee.net
3    2606:4700:4400::6812:21f7 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
1    173.194.175.106 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f106.1e100.net
www.google.com
2    2607:f8b0:400d:c0d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
pedangaishons.com
2    2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    172.67.211.29 (United States)

ASN13335 (CLOUDFLARENET, US)
inklinkor.com
1    172.217.197.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f94.1e100.net
www.gstatic.com
3    2607:f8b0:400d:c0b::71 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
jegnoocmoa.net
1    173.194.207.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f94.1e100.net
www.recaptcha.net
1    172.67.178.81 (United States)

ASN13335 (CLOUDFLARENET, US)
bytogeticr.com
1    2606:4700:3036::ac43:c134 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
2    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
1    172.67.134.7 (United States)

ASN13335 (CLOUDFLARENET, US)
onmanectrictor.com
Apex Domain
Subdomains		 Transfer
8 oii.la
oii.la
421 KB
6 pedangaishons.com
pedangaishons.com
40 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1295
2 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 30351
ui.cleverwebserver.com — Cisco Umbrella Rank: 29066
call.cleverwebserver.com — Cisco Umbrella Rank: 31488
19 KB
2 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 19217
892 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
166 KB
1 onmanectrictor.com
onmanectrictor.com — Cisco Umbrella Rank: 30523
5 KB
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 19882
9 KB
1 bytogeticr.com
bytogeticr.com — Cisco Umbrella Rank: 30165
1 jegnoocmoa.net
jegnoocmoa.net
3 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10912
537 B
1 gstatic.com
www.gstatic.com
216 KB
1 inklinkor.com
inklinkor.com — Cisco Umbrella Rank: 209983
30 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
969 B
1 heejuchee.net
heejuchee.net
27 KB
36 16
Domain Requested by
8 oii.la oii.la
6 pedangaishons.com oii.la
pedangaishons.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.recaptcha.net oii.la
www.gstatic.com
2 fleraprt.com tzegilo.com
2 www.googletagmanager.com oii.la
www.googletagmanager.com
1 onmanectrictor.com
1 tzegilo.com pedangaishons.com
1 bytogeticr.com pedangaishons.com
1 jegnoocmoa.net heejuchee.net
1 my.rtmark.net pedangaishons.com
1 call.cleverwebserver.com oii.la
1 www.gstatic.com www.google.com
1 inklinkor.com oii.la
1 ui.cleverwebserver.com scripts.cleverwebserver.com
1 www.google.com oii.la
1 scripts.cleverwebserver.com oii.la
1 heejuchee.net oii.la
36 18

This site contains links to these domains. Also see Links.

Domain
oko.sh
etextpad.com
www.reviewfoxy.com
www.hostingfoxy.com
ak.goothaufok.net
Subject Issuer Validity Valid
oii.la
WE1		 2024-08-23 -
2024-11-21		 3 months crt.sh
heejuchee.net
R10		 2024-08-31 -
2024-11-29		 3 months crt.sh
cleverwebserver.com
WE1		 2024-09-26 -
2024-12-25		 3 months crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
pedangaishons.com
R11		 2024-10-08 -
2025-01-06		 3 months crt.sh
misc.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
inklinkor.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
rtmark.net
R11		 2024-08-30 -
2024-11-28		 3 months crt.sh
jegnoocmoa.net
R10		 2024-10-18 -
2025-01-16		 3 months crt.sh
bytogeticr.com
WE1		 2024-10-01 -
2024-12-30		 3 months crt.sh
tzegilo.com
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
onmanectrictor.com
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://oii.la/9RdF
Frame ID: 51AC64D9D4D7B5C1469E4D57805AE2F6
Requests: 32 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldvw0AUAAAAALl1bmJzVjqqpQYEkGNwz1uS_Cu9&co=aHR0cHM6Ly9vaWkubGE6NDQz&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=normal&cb=ulcg099ltb9x
Frame ID: C9D3EE062B1D4C4A5C275D6311D4B262
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6Ldvw0AUAAAAALl1bmJzVjqqpQYEkGNwz1uS_Cu9
Frame ID: F7DD174086D53ABB6881A14E73C49B62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PolicyBuzz

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

36
Requests

100 %
HTTPS

29 %
IPv6

16
Domains

18
Subdomains

17
IPs

2
Countries

960 kB
Transfer

3005 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9RdF
oii.la/ 		827 KB
123 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oii.la/9RdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c4f97fee23a1c1017ddff7c8b3a5f87b02aaf904fb5d519c7dd1a03c53674d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d4e1e9b6b366dd9-MIA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 19 Oct 2024 04:45:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MN2soLzRGfw1vFipYoe54OdTgxZiDAx7pJVU5fIT%2BE4N%2Fi61BVhpfyfmHOx1NL%2BQKEINzM4lJkyFcgI9%2FBX7fHphJ2oSMigHk4DMEZ1xq4o64OsR%2BnzI4h8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=33111&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4150&recv_bytes=4478&delivery_rate=514&cwnd=12000&unsent_bytes=0&cid=a97095161234c351&ts=480&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN,SAMEORIGIN
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
tag.min.js
heejuchee.net/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heejuchee.net/tag.min.js
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5ef61a06a8d4a2fddaed6f8e5d6d223c1fd2cc1f1802910c359ed0405f66cf23
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

access-control-max-age
86400
content-encoding
br
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 19 Oct 2024 04:16:20 GMT
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
4a9386995747b6b38933e2a57c5056e5
accept-ranges
bytes
access-control-allow-origin
*
content-length
27238
server
nginx
c86d8aea1b6e9c6a9503a2cecea55b13.js
scripts.cleverwebserver.com/ 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/c86d8aea1b6e9c6a9503a2cecea55b13.js
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba150a7e61fca3a7c86a01515a3f0d94cc7efb4e28d4b3f37631798e94b5cbb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

cache-control
public, max-age=1800
content-encoding
br
cf-cache-status
HIT
etag
W/"b6ae1e0e1cebc6178952f09d62593508"
x-amz-version-id
zAx4TfVEypu5KlOu0b_PyW6Y55Y7gRHE
x-amz-request-id
QFJ71N30PEAYB54G
expires
Sat, 19 Oct 2024 05:15:36 GMT
cf-ray
8d4e1e9f6aeb8dc4-MIA
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 09:32:06 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
DulYo27IXuhS+VMVvpw0ZDakYF4X9kZEmW8ORSqt6558F3OtcTk12Uieqe4/d5mvPymYqTVpLOQ=
styles.min.css
oii.la/cloud_theme/build/css/ 		197 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oii.la/cloud_theme/build/css/styles.min.css?ver=6.6.1
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/9RdF

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
121062
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHwNNQ0QlmHbdOLfy5evfcDzEzUv4l8pESKKfgK2pQqVPhW%2FdexBjjX%2F28jF0QjMDVO5tVn%2B8OVwKHo5kod8LhLAvCFPUW6itD7SemmFw5kpIlq2uMjWk5c%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 19:07:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32700&sent=125&recv=60&lost=0&retrans=0&sent_bytes=133306&recv_bytes=7059&delivery_rate=1840300&cwnd=70800&unsent_bytes=0&cid=a97095161234c351&ts=682&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
text/css
last-modified
Wed, 04 Jan 2023 23:14:18 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4e1e9f5dcf6dd9-MIA
x-xss-protection
1; mode=block
x-turbo-charged-by
LiteSpeed
server
cloudflare
mylogo.png
oii.la/main/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oii.la/main/mylogo.png
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8c9f056d2a354e938eb5372e34ada850b8b0999240fbede302f7770f964299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/9RdF

Response headers

cf-cache-status
HIT
age
4107743
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UL4FXyr3B57AdDjkE89Fue0n3hpiJm0YzAgPZpLjIdjGthXTNueBsYBnFFfi1%2Fte3VFXvFwg9siZBg356XEPREFJM2aTA113ewB2RXL7dMMNmVO6aZP%2FWHo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 01 Sep 2025 15:43:11 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32700&sent=187&recv=65&lost=0&retrans=0&sent_bytes=204154&recv_bytes=9307&delivery_rate=1840300&cwnd=70800&unsent_bytes=0&cid=a97095161234c351&ts=695&x=1", cfExtPri, cfHdrFlush;dur=16
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
image/png
last-modified
Fri, 19 Apr 2024 08:36:39 GMT
vary
User-Agent, Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4e1e9f6dd66dd9-MIA
accept-ranges
bytes
content-length
10787
x-xss-protection
1; mode=block
x-turbo-charged-by
LiteSpeed
server
cloudflare
freeHostinglist.jpg
oii.la/webroot/modern_theme/img/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oii.la/webroot/modern_theme/img/freeHostinglist.jpg
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64b31571aa31997dbf09478f11e0a4122cc02c268f1e4f851a4771222828316f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/9RdF

Response headers

cf-cache-status
HIT
age
4107743
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8l058JdAM6%2F7hWQpm7HVPcv7WCWgVZ5cbbx7ckb4PV%2B3jVaB41tRhdoDQuFVua1%2FEEy1Vr45q2CDi840WYAuIML%2FegRSC9nLwViyvD8pUtSi5nDYTqYWZM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 01 Sep 2025 15:43:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32700&sent=161&recv=65&lost=0&retrans=0&sent_bytes=173601&recv_bytes=9307&delivery_rate=1840300&cwnd=70800&unsent_bytes=0&cid=a97095161234c351&ts=690&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
image/jpeg
last-modified
Wed, 14 Jun 2023 16:06:48 GMT
vary
User-Agent, Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4e1e9f6dda6dd9-MIA
accept-ranges
bytes
content-length
48487
x-xss-protection
1; mode=block
x-turbo-charged-by
LiteSpeed
server
cloudflare
dwndbnr1.png
oii.la/webroot/modern_theme/img/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oii.la/webroot/modern_theme/img/dwndbnr1.png
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/9RdF

Response headers

cf-cache-status
HIT
age
197417
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5b00ZWAZmcLCikckQhhmxj8%2F%2BaUSGCgXGh0lA7mbcFhHxShEqgrMgF9k2pxgUIX6Ed8IggZGIXa%2Fm4XkXvNUoeRXokAOidvq3xzgnAE1WTWxIoQ%2BKnvgUc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 21:55:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32700&sent=171&recv=65&lost=0&retrans=0&sent_bytes=185601&recv_bytes=9307&delivery_rate=1840300&cwnd=70800&unsent_bytes=0&cid=a97095161234c351&ts=691&x=1", cfExtPri, cfHdrFlush;dur=20
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
image/png
last-modified
Wed, 25 Jan 2023 11:06:50 GMT
vary
User-Agent, Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4e1e9f6ddc6dd9-MIA
accept-ranges
bytes
content-length
47787
x-xss-protection
1; mode=block
x-turbo-charged-by
LiteSpeed
server
cloudflare
tagdiv_theme.min.js
oii.la/main/wp-content/themes/Newspaper/js/ 		204 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oii.la/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/9RdF

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
1515731
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0Wn7YbmYo3fJWEGg2AAaFt3Ra94ByntRBLRE5M1Cxx453X18UqQmIN3QCMRXV90d5eejSNQicWeeIGnVJ10BMSlXq7FaJXRco9gsJsaxmL5wA1qL4tkAq8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 15:43:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32700&sent=187&recv=65&lost=0&retrans=0&sent_bytes=204154&recv_bytes=9307&delivery_rate=1840300&cwnd=70800&unsent_bytes=0&cid=a97095161234c351&ts=694&x=1", cfExtPri, cfHdrFlush;dur=18
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
application/javascript
last-modified
Sat, 21 Jan 2023 03:55:10 GMT
vary
Accept-Encoding,User-Agent
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4e1e9f6ddd6dd9-MIA
x-xss-protection
1; mode=block
x-turbo-charged-by
LiteSpeed
server
cloudflare
script.min.js
oii.la/cloud_theme/build/js/ 		274 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oii.la/cloud_theme/build/js/script.min.js?veris=6.6.1
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e5bf03852e76b9f6e4804e74f4cc27dfd3991b0d100875669a4eee1346a83b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/9RdF

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
1515731
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hWbFrca81AAECL3jy7EBKSb6Yxl5Cr4MzDFcpsHVKE0BfWg6Fz0O2zI2KbgMrP8OCHKoUydnZx9P0fCYufsu%2BTJ69uKQG6TQyPMxWLy%2BUQJgc6XGK3YpyMo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 15:43:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32700&sent=187&recv=65&lost=0&retrans=0&sent_bytes=204154&recv_bytes=9307&delivery_rate=1840300&cwnd=70800&unsent_bytes=0&cid=a97095161234c351&ts=696&x=1", cfExtPri, cfHdrFlush;dur=16
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
application/javascript
last-modified
Tue, 07 May 2024 05:45:49 GMT
vary
Accept-Encoding,User-Agent
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4e1e9f6dde6dd9-MIA
x-xss-protection
1; mode=block
x-turbo-charged-by
LiteSpeed
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f106.1e100.net
Software
ESF /
Resource Hash
667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sat, 19 Oct 2024 04:45:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sat, 19 Oct 2024 04:45:36 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		209 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fd9de57679359e7a4d0cc131992e45a617b275d51793bd20d24140e90ac598d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 19 Oct 2024 04:45:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76998
x-xss-protection
0
server
Google Tag Manager
8227169
pedangaishons.com/401/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pedangaishons.com/401/8227169
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d19ba5b927d0d2627ddf29b2a80adfa4f177b6d53439301afd8d689d6eee842c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
application/javascript
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
1d5591359d62790410bd242e6e8ea3cc
access-control-allow-origin
*
server
nginx
/
ui.cleverwebserver.com/ 		204 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: scripts.cleverwebserver.com
URL: https://scripts.cleverwebserver.com/c86d8aea1b6e9c6a9503a2cecea55b13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d890647dda8556e35c73b9020e747c5701bb502f66ced0bbefe65fd3fe4a797

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-ray
8d4e1ea06bd88dc4-MIA
access-control-allow-origin
*
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
application/javascript
server
cloudflare
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
api.js
www.recaptcha.net/recaptcha/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: oii.la
URL: https://oii.la/cloud_theme/build/js/script.min.js?veris=6.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e6e049db2152bcd4d991ef1043ffc0b8d3b0f7dd85466799d0dcd41ad598a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sat, 19 Oct 2024 04:45:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sat, 19 Oct 2024 04:45:36 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
tag.min.js
inklinkor.com/ 		70 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://inklinkor.com/tag.min.js
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.211.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ef61a06a8d4a2fddaed6f8e5d6d223c1fd2cc1f1802910c359ed0405f66cf23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

access-control-max-age
86400
content-encoding
zstd
cf-cache-status
HIT
age
1490
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsGbvb1GazTrHV4xQovNkq1VT8FWZIkxMsO9JcpaHSMdCXISt99X7Kctm3hpikeGdFwJ0hPcj1OjdAly7aBGsXUrR%2Fj%2BH8zaZZap7uW8CDKJUE8ttsZnhz2RwtzHV1NR"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 20 Oct 2024 04:20:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30182&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4127&recv_bytes=4261&delivery_rate=103475&cwnd=12000&unsent_bytes=0&cid=22c939506a449fb0&ts=48&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 19 Oct 2024 04:16:20 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cache-control
max-age=86400
timing-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
8382c899a0463d7f8bafab2d2233e885
cf-ray
8d4e1ea199b9a558-MIA
access-control-allow-origin
https://oii.la
server
cloudflare
recaptcha__en.js
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 		544 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f94.1e100.net
Software
sffe /
Resource Hash
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://oii.la
Referer
https://oii.la/

Response headers

content-encoding
gzip
age
356342
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 01:46:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 01:46:34 GMT
last-modified
Mon, 14 Oct 2024 18:32:27 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220736
x-xss-protection
0
server
sffe
/
call.cleverwebserver.com/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=84977&c=US&r=FL&l=165&b=Chrome&bv=129&os=Linux&mob=0&v=2.17.8&lg=en-US&ref=aHR0cHM6Ly9vaWkubGEvOVJkRg%3D%3D&ruri=&s=2451c3e69eed10087be3a8ae8c422313b267079a442dcb286b79c960cbec72c9&st=W&iv=-1
Requested by
Host: oii.la
URL: https://oii.la/9RdF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

cf-ray
8d4e1ea17d058dc4-MIA
content-length
43
cf-cache-status
DYNAMIC
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
image/gif
server
cloudflare
js
www.googletagmanager.com/gtag/ 		253 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8X8EKR7KXR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ef5077fac2a5da9fab4340889a2821f5744bfe4cf9f4586959bc48db4f12e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 19 Oct 2024 04:45:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 04:45:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91976
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

content-encoding
gzip
age
2586
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 19 Oct 2024 06:02:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 04:02:31 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8X8EKR7KXR&gtm=45je4ah0v874542933za200&_p=1729313136783&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101794737&cid=1437528722.1729313137&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1729313137&sct=1&seg=0&dl=https%3A%2F%2Foii.la%2F9RdF&dt=PolicyBuzz&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1273
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X8EKR7KXR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://oii.la
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 04:45:37 GMT
content-type
text/plain
server
Golfe2
anchor
www.recaptcha.net/recaptcha/api2/ Frame C9D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldvw0AUAAAAALl1bmJzVjqqpQYEkGNwz1uS_Cu9&co=aHR0cHM6Ly9vaWkubGE6NDQz&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=normal&cb=ulcg099ltb9x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8oT1dgv4RF7RevPH1Fu4lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oii.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8oT1dgv4RF7RevPH1Fu4lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Oct 2024 04:45:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1763664391&t=pageview&_s=1&dl=https%3A%2F%2Foii.la%2F9RdF&ul=en-us&de=UTF-8&dt=PolicyBuzz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=969208802&gjid=1067051486&cid=1437528722.1729313137&tid=UA-113561579-2&_gid=726963534.1729313137&_r=1&gtm=457e4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685&jsscut=1&z=1437471276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://oii.la/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 04:45:37 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://oii.la
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
gid.js
my.rtmark.net/ 		65 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f25902b88087e1cf761ab040445f02e5a608a644b9ec37035afc68848b68a0f2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

strict-transport-security
max-age=1
access-control-expose-headers
Authorization
timing-allow-origin
*, *
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://oii.la
content-length
65
date
Sat, 19 Oct 2024 04:45:37 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
/
jegnoocmoa.net/5/8070378/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jegnoocmoa.net/5/8070378/?oo=1&js_build=iclick-v1.978.9-auto&dmn=heejuchee.net&ix=0&is_mobile=false
Requested by
Host: heejuchee.net
URL: https://heejuchee.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
aa9043d22275b7abec20fbd8b6611e70b580bf086c1a53aa81cd35b040d6492e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
date
Sat, 19 Oct 2024 04:45:37 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache, no-cache
access-control-allow-credentials
true
x-trace-id
962357541014c83a538253d71ee7e00f
access-control-allow-origin
https://oii.la
server
nginx
favicon.ico
oii.la/ 		4 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://oii.la/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64cff762fc85c72496ea4a4d36a8f1ca361ad64707d2327b0097687137eaff39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/9RdF

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
121041
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLwDYTtSP%2FQ%2BR%2F363REexKhCU4uJAeD3344DSJ0JU6NawWQH8ZqUqeJXXXwaLbJKRM%2FnmoQOEdY%2BGeJH8HbGTiIT9kxf1TGjCexgEBdQGay3XMwra9ILzNk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 17 Oct 2025 19:08:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30500&sent=395&recv=100&lost=1&retrans=1&sent_bytes=444654&recv_bytes=11441&delivery_rate=3610628&cwnd=124319&unsent_bytes=0&cid=a97095161234c351&ts=2011&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 19 Oct 2024 04:45:37 GMT
content-type
image/x-icon
last-modified
Tue, 17 Jan 2023 15:26:54 GMT
vary
User-Agent, Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4e1ea7aae76dd9-MIA
x-xss-protection
1; mode=block
x-turbo-charged-by
LiteSpeed
server
cloudflare
8227169
pedangaishons.com/401/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pedangaishons.com/401/8227169?oo=1&oaid=0800faed181e46f7e905d13bb3beb41c&sw_version=v1.418.0
Requested by
Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
742679ace34dcff46263f9dddf0506d710019873040617c561f798b1e19e59de
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 19 Oct 2024 04:45:38 GMT
content-type
application/json
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
58a59442ec1936a94562d91af7b93ebf
access-control-allow-origin
https://oii.la
server
nginx
bframe
www.recaptcha.net/recaptcha/api2/ Frame F7DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6Ldvw0AUAAAAALl1bmJzVjqqpQYEkGNwz1uS_Cu9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f94.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZL-XrYCL6VZtoNJ9NyuYRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oii.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZL-XrYCL6VZtoNJ9NyuYRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Oct 2024 04:45:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
split_track
bytogeticr.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bytogeticr.com/split_track?dt=0&r=false&timeout=1000errm=
Requested by
Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8et1CNyysYk7%2BlPN%2FQcfpvM2iZl6JNTcArsbIpQF9Wo%2BHwj6XYXjkKHbTkCbbFpTgBvvbrhit%2B5N9JleMYhZ1xyN5LkI1ncgi%2Fqajf6Iymi%2FmRWASDAGgVmtaUckXPbn3A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS, HEAD
cf-ray
8d4e1ea9aba34bfc-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=29494&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4151&recv_bytes=4421&delivery_rate=506&cwnd=12000&unsent_bytes=0&cid=4ced53258b24fb9f&ts=165&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 19 Oct 2024 04:45:38 GMT
content-type
application/octet-stream
server
cloudflare
priority
u=1,i
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
stattag.js
tzegilo.com/ 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"668fb2be-45d7"
age
16
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3CPU7wIzxUAidNiNNVjyZn606kI57fJyxTVz69A7evBr%2BWT9A%2FiZ2Q0ZxH6REq89s289gA9d5hyMApxN7iUEY7z4VzhVzKtmVFVrr47WF%2FR3StCVe%2FGSEwEwSHLulAkrCdx1lCDhzxOmg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=29145&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4002&recv_bytes=2217&delivery_rate=132050&cwnd=252&unsent_bytes=0&cid=e61a4b8fc0cdcefc&ts=51&x=0"
date
Sat, 19 Oct 2024 04:45:38 GMT
content-type
application/javascript
last-modified
Thu, 11 Jul 2024 10:23:58 GMT
vary
Accept-Encoding
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4e1ea9da530a02-MIA
server
cloudflare
add
fleraprt.com/log/ 		12 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=3fd25119-33f6-4c24-b5cf-9a97674f84af
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://oii.la/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://oii.la
Content-Length
12
Date
Sat, 19 Oct 2024 04:45:38 GMT
Content-Type
application/json; charset=utf-8
Server
nginx/1.19.10
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
fleraprt.com/async_log/ 		0
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=3fd25119-33f6-4c24-b5cf-9a97674f84af
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://oii.la/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://oii.la
Content-Length
0
Date
Sat, 19 Oct 2024 04:45:38 GMT
Server
nginx/1.19.10
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
8227169
pedangaishons.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pedangaishons.com/500/8227169?excludes=&oaid=0800faed181e46f7e905d13bb3beb41c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=1570&wy=1170&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Foii.la%2F9RdF&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&branchId=2410200&sw_version=v1.418.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://oii.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oii.la
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Sat, 19 Oct 2024 04:45:38 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
8227169
pedangaishons.com/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pedangaishons.com/500/8227169?excludes=&oaid=0800faed181e46f7e905d13bb3beb41c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=1570&wy=1170&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Foii.la%2F9RdF&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&branchId=2410200&sw_version=v1.418.0
Requested by
Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8c5461c55b8ff2bbbfcb68922832247ca51a64895aece48507a5d582f2feb71a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://oii.la/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 19 Oct 2024 04:45:38 GMT
content-type
application/javascript
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
5ef5c41161f6a2e8fa1494fadbe0229c
access-control-allow-origin
https://oii.la
server
nginx
/
pedangaishons.com/mtg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pedangaishons.com/mtg/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oii.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oii.la
access-control-max-age
600
allow
OPTIONS, POST
content-length
0
date
Sat, 19 Oct 2024 04:45:38 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
/
pedangaishons.com/mtg/ 		0
499 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pedangaishons.com/mtg/
Requested by
Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/json
Referer
https://oii.la/

Response headers

strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
access-control-expose-headers
Link
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
df5480bffc3e0f4d06dc5581cb6cdf0f
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
access-control-allow-origin
https://oii.la
content-length
0
date
Sat, 19 Oct 2024 04:45:39 GMT
vary
Origin
server
nginx
0f829e0510ada3123df6c2b37e4c0acb.png
onmanectrictor.com/www/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onmanectrictor.com/www/images/0f829e0510ada3123df6c2b37e4c0acb.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f68c48de3f046d5058f65aef88891fba00dc117cd5ef9aca1739d9712f0672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oii.la/

Response headers

cf-cache-status
HIT
etag
"664f5eb4-ffd"
age
22294
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnOp6diwEWkUa5Gm86%2FBJPc81Yc5AVlkviw5VNgqXeunDeoRuvMPSlGrb%2FELQSfxi4vXFBTTIBH0PADLjRj%2BKWituj72S8LDCf2I%2ByyAE7dnxjThNqnj6oQyBapw9bbIClH3EV0%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 19 Oct 2024 22:34:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30278&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4134&recv_bytes=4325&delivery_rate=102297&cwnd=12000&unsent_bytes=0&cid=62f9d0e8512fd727&ts=56&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 19 Oct 2024 04:45:38 GMT
content-type
image/png
last-modified
Thu, 23 May 2024 15:20:20 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=86400
timing-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4e1eae9a017462-MIA
accept-ranges
bytes
content-length
4093
server
cloudflare

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| md81e8qqh2e string| key object| kh5r4lbynbc object| zfgformats object| zfgdlpopup function| submitUserForm function| verifyCaptcha function| td_smart_list_dropdown function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class function| tdModalImage function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update function| td_compute_parallax_background function| td_compute_backstretch_item function| td_date_i18n object| app_vars function| e object| t object| CleverCore object| wow function| fixHeight function| onloadRecaptchaCallback function| onloadHCaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS function| _0x2e725d function| _0x4ed9f9 function| _0xef18fa function| _0x4b74 function| _0x352c0d function| _0x1a4ae1 function| _0x103efe function| _0x17fe function| _0x21a606 function| _0x58a224 function| _0x22fd31 function| _0x1d73c9 object| xhr function| _0xdcfa48 function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| zfgstorage function| onClickTrigger boolean| zfgloadedpopup object| recaptcha object| closure_lm_606430 object| gaplugins object| gaData object| webpushlogs object| syncCallbacks boolean| zfgonclickfirst function| _kubjykfx9c8 boolean| __lwkemfd9q__ number| __qwe33wweq__

10 Cookies

Domain/Path Name / Value
oii.la/ Name: ref9RdF
Value: YjNiY2Q1OTRjOGQyMTlmZDM2YmE2M2RjNDMxYTg4NWM5OWI4YTZjYWJjZDkxMGQ1Nzk2YWMzMTI0ZDFiZDRiOIsmHFVlZS%2F3ca5vFw76HRUHB7HGgyJrRO1Iazlu%2BWRT
oii.la/ Name: ab
Value: 2
.oii.la/ Name: _ga_8X8EKR7KXR
Value: GS1.1.1729313137.1.0.1729313137.0.0.0
.oii.la/ Name: _ga
Value: GA1.2.1437528722.1729313137
.oii.la/ Name: _gid
Value: GA1.2.726963534.1729313137
.oii.la/ Name: _gat_gtag_UA_113561579_2
Value: 1
jegnoocmoa.net/ Name: OAID
Value: 0080fa3e568a4febf795dbac528dcdcc
jegnoocmoa.net/ Name: oaidts
Value: 1729313137
my.rtmark.net/ Name: ID
Value: 0800faed181e46f7e905d13bb3beb41c
pedangaishons.com/ Name: OAID
Value: 0800faed181e46f7e905d13bb3beb41c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bytogeticr.com
call.cleverwebserver.com
fleraprt.com
heejuchee.net
inklinkor.com
jegnoocmoa.net
my.rtmark.net
oii.la
onmanectrictor.com
pedangaishons.com
scripts.cleverwebserver.com
tzegilo.com
ui.cleverwebserver.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
139.45.195.254
139.45.195.8
139.45.197.242
139.45.197.243
139.45.197.245
172.217.197.94
172.67.134.7
172.67.141.84
172.67.178.81
172.67.211.29
173.194.175.106
173.194.207.94
2606:4700:3036::ac43:c134
2606:4700:4400::6812:21f7
2607:f8b0:4004:c08::5e
2607:f8b0:400d:c0b::71
2607:f8b0:400d:c0d::61
2ef5077fac2a5da9fab4340889a2821f5744bfe4cf9f4586959bc48db4f12e9a
40f68c48de3f046d5058f65aef88891fba00dc117cd5ef9aca1739d9712f0672
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
5c8c9f056d2a354e938eb5372e34ada850b8b0999240fbede302f7770f964299
5ef61a06a8d4a2fddaed6f8e5d6d223c1fd2cc1f1802910c359ed0405f66cf23
64b31571aa31997dbf09478f11e0a4122cc02c268f1e4f851a4771222828316f
64cff762fc85c72496ea4a4d36a8f1ca361ad64707d2327b0097687137eaff39
667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4
69c4f97fee23a1c1017ddff7c8b3a5f87b02aaf904fb5d519c7dd1a03c53674d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d890647dda8556e35c73b9020e747c5701bb502f66ced0bbefe65fd3fe4a797
6e5bf03852e76b9f6e4804e74f4cc27dfd3991b0d100875669a4eee1346a83b7
742679ace34dcff46263f9dddf0506d710019873040617c561f798b1e19e59de
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
8c5461c55b8ff2bbbfcb68922832247ca51a64895aece48507a5d582f2feb71a
9e6e049db2152bcd4d991ef1043ffc0b8d3b0f7dd85466799d0dcd41ad598a46
9fd9de57679359e7a4d0cc131992e45a617b275d51793bd20d24140e90ac598d
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa9043d22275b7abec20fbd8b6611e70b580bf086c1a53aa81cd35b040d6492e
ba150a7e61fca3a7c86a01515a3f0d94cc7efb4e28d4b3f37631798e94b5cbb2
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
d19ba5b927d0d2627ddf29b2a80adfa4f177b6d53439301afd8d689d6eee842c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f25902b88087e1cf761ab040445f02e5a608a644b9ec37035afc68848b68a0f2