urlscan.io logo urlscan.io
SecurityTrails logo

i777777o6d6170696e63o6f7267z.oszar.com Open in urlscan Pro
172.67.220.76  Public Scan

Go To Rescan Add Verdict Report
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Submission: On January 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 172.67.220.76, located in United States and belongs to CLOUDFLARENET, US. The main domain is i777777o6d6170696e63o6f7267z.oszar.com.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.
This is the only time i777777o6d6170696e63o6f7267z.oszar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 172.67.220.76 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
14 4
Apex Domain
Subdomains		 Transfer
12 oszar.com
i777777o6d6170696e63o6f7267z.oszar.com
26 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
109 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
14 4
Domain Requested by
12 i777777o6d6170696e63o6f7267z.oszar.com 1 redirects i777777o6d6170696e63o6f7267z.oszar.com
static.cloudflareinsights.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com i777777o6d6170696e63o6f7267z.oszar.com
1 static.cloudflareinsights.com i777777o6d6170696e63o6f7267z.oszar.com
14 4
Subject Issuer Validity Valid
oszar.com
WE1		 2024-11-14 -
2025-02-12		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-12-30 -
2025-03-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Frame ID: 870BE3CC700BC3D8619C599B44DFE5EE
Requests: 12 HTTP requests in this frame

Frame: https://i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 0F1CAFC25A94501635A5B11DE77A7DFB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

US MT: Poll: Majority of Montanans Favor Repeal of Medical

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

14
Requests

93 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

141 kB
Transfer

393 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request a09.html
i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/ 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
07259867af17572b1f9da25b0ab801e27648ef2c358b936f79a11f58565b5315

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fb7d01b1a2dd374-FRA
content-encoding
zstd
content-type
text/html;charset=UTF-8
date
Thu, 02 Jan 2025 03:55:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXj7c7ZphJAKJ%2B1O2qYDco7EYL1nv7MMvaEsUpgE9GdRu1u9afI4zPIt4%2FP7iIaAvsVQRDWu33OPDuisCPgDR5KVPApzNiWQyPkUS6cX%2Fktd7by81qYQJoC%2FBQJz9UAsz8e0%2BZcXvtKGECZvuAlbtFuOvZIN%2F8eU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=9565&min_rtt=6443&rtt_var=7258&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4525&delivery_rate=892&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=1419&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-cache
MISS from i777777o6d6170696e63o6f7267z.oszar.com
x-powered-by
PHP/8.2.18
clip.css
i777777o6d6170696e63o6f7267z.oszar.com/dnpages/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/dnpages/clip.css
Requested by
Host: i777777o6d6170696e63o6f7267z.oszar.com
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=539w8iq6re6TBixrvhw4ilwRznGQBXvPNWP0uu6tn8Y2yE5YjOUwkNnETxDiv5aJwg2fgb0ET6KSGzC3UriOdicddvg%2F%2BJbJdY4cwPP9UM%2BbHzmDdsWNVSAATDZA0tAuNG3CnXaNVB1HKgOrv%2F9yENMOyeSwSQ0yxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fb7d023fa71d374-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7844&min_rtt=6332&rtt_var=1529&sent=34&recv=25&lost=0&retrans=0&sent_bytes=20426&recv_bytes=9302&delivery_rate=27204&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=2410&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 03:55:22 GMT
content-type
text/html; charset=iso-8859-1
x-powered-by
PHP/8.2.18
vary
Accept-Encoding
priority
u=0,i=?0
facebook.gif
i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/ 		927 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/facebook.gif
Requested by
Host: i777777o6d6170696e63o6f7267z.oszar.com
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
0038df8b402e8e3976a8cc246a3fdea1c776e664998366622eccee9960db69e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html

Response headers

cf-cache-status
HIT
etag
"1dec2a-39f-489e54b8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LizSZgLXzcTnbW9DbCMnwb7UIJpK%2B8D3MQC45fB%2Bhfbm%2B%2FeZ5MN5BtBDE55nmPGRDOsYHJrt5voRJ69bdcKIeXzoIZ0b%2BznmUupFgZXXRhYj3vWc1Yft6dJdDgRw2KO5LRjDR%2FgvVLVpL%2B2eVrVmGZcdSptJShf1BA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 06 Jan 2025 03:44:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8617&min_rtt=6443&rtt_var=2646&sent=23&recv=18&lost=0&retrans=0&sent_bytes=13410&recv_bytes=6910&delivery_rate=1402714&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=1458&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 03:55:21 GMT
content-type
image/gif
vary
Accept-Encoding
last-modified
Sun, 10 Aug 2008 02
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fb7d023fa72d374-FRA
accept-ranges
bytes
content-length
927
x-powered-by
PHP/8.2.18
server
cloudflare
stumble.gif
i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/stumble.gif
Requested by
Host: i777777o6d6170696e63o6f7267z.oszar.com
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
6b9a5fd52fd61421618ddd1e243888d90bd1367b16cc8157ed99fed95b324fa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html

Response headers

cf-cache-status
HIT
etag
"1dec2c-43a-489e54b7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IeVoihakv7sQv5%2FTF0pfqh0VCUOZVnqM2oZXMLMZZRDCAl%2BbquPPO2Sa5dKgXgLx5VDnkCIT1vidK2r941d6wQtzGFPJXfxPcaX%2BMcwgevnYVfGrPMrzQqq%2BxBay0M6JjmLUQOlXqmSJARCAxzpVeteC2%2FhFlAo9Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 00:00:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8617&min_rtt=6443&rtt_var=2646&sent=25&recv=18&lost=0&retrans=0&sent_bytes=15138&recv_bytes=6910&delivery_rate=1402714&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=1460&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 03:55:21 GMT
content-type
image/gif
vary
Accept-Encoding
last-modified
Sun, 10 Aug 2008 02
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fb7d023fa73d374-FRA
accept-ranges
bytes
content-length
1082
x-powered-by
PHP/8.2.18
server
cloudflare
diggit.gif
i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/ 		244 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/diggit.gif
Requested by
Host: i777777o6d6170696e63o6f7267z.oszar.com
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
744e8ad0dc8877ba35a9740cdade7361e5e79a7dda1bb1d9e6aa55b5d8ce904b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html

Response headers

cf-cache-status
HIT
etag
"1dec29-f4-489e54b8"
age
331152
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3bgsxxQHi%2B1T%2FbyM5pmS298gzmSk8rgiCcVG%2BpZnbdPSH2YV7FAV5FyrkNwS47m0ypKpwxQWOLp5GEu562uSAdg%2Bn5DcZdRgEz4uKq61xnCCn2kmZXjNHdOtjAvXJ1AAq7y5zupp7dxGFZ6LzT2jda8TV0xiY%2BmIg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 23:40:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8362&min_rtt=6443&rtt_var=1917&sent=29&recv=22&lost=0&retrans=0&sent_bytes=17064&recv_bytes=8470&delivery_rate=112057&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=1478&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 03:55:21 GMT
content-type
image/gif
vary
Accept-Encoding
last-modified
Sun, 10 Aug 2008 02
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fb7d0243a9cd374-FRA
accept-ranges
bytes
content-length
244
x-powered-by
PHP/8.2.18
server
cloudflare
reddit.gif
i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/ 		635 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/reddit.gif
Requested by
Host: i777777o6d6170696e63o6f7267z.oszar.com
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
30517ff41fbba35e2a3454b66061994b44a1df009343ef0326aaf66d46e134a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html

Response headers

cf-cache-status
HIT
etag
"1dec2b-27b-489e54b7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTwP3X9FWN6l%2F4cFNtrT1lCKxEpynq3SuahMTPg0QWHYlLcSEph%2FbpuSX8xtmADPseSZTL6YB3%2FAC1g73oswRoujmopFlUCr4POQllK%2B6hVDLYGe8G75Fs7wk5YGHVyIukOBO5Uvng%2F4%2B4ykTt0lgdBeliHn7aC%2BFw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 02 Jan 2025 23:07:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8130&min_rtt=6443&rtt_var=1903&sent=31&recv=23&lost=0&retrans=0&sent_bytes=18111&recv_bytes=9215&delivery_rate=48960&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=1499&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 03:55:21 GMT
content-type
image/gif
vary
Accept-Encoding
last-modified
Sun, 10 Aug 2008 02
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fb7d0243a9ed374-FRA
accept-ranges
bytes
content-length
635
x-powered-by
PHP/8.2.18
server
cloudflare
delicious.gif
i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/ 		110 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/pix/icons/delicious.gif
Requested by
Host: i777777o6d6170696e63o6f7267z.oszar.com
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.18
Resource Hash
d7b19b9edef96e79f80e76d7621becba7b264895fcf89322250507e43e163a3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html

Response headers

cf-cache-status
HIT
etag
"1dec28-6e-489e54b9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXKa8qhY%2FEMzvNqJvtrLD4QYMI3S3IgUkhI3%2BkbQTQY9JEpjq1fawvEMryFAhWUiCeaRaha%2FZpJH7Lvh5wcSbOcg8I27hyS7OQBqCC6YcZCQ2WBbToPkb2KdHKhiOoOZWy2akHwcq5RHZkzGGHlGojzplBKs9u%2BLCw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 02 Jan 2025 17:51:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7905&min_rtt=6332&rtt_var=1877&sent=33&recv=24&lost=0&retrans=0&sent_bytes=19544&recv_bytes=9258&delivery_rate=87352&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=1546&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 03:55:21 GMT
content-type
image/gif
vary
Accept-Encoding
last-modified
Sun, 10 Aug 2008 02
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fb7d0245ab8d374-FRA
accept-ranges
bytes
content-length
110
x-powered-by
PHP/8.2.18
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: i777777o6d6170696e63o6f7267z.oszar.com
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://i777777o6d6170696e63o6f7267z.oszar.com
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8fb7d024dadb3631-FRA
access-control-allow-origin
*
date
Thu, 02 Jan 2025 03:55:21 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		325 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ
Requested by
Host: i777777o6d6170696e63o6f7267z.oszar.com
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77cd6f799979f9560aea4eeb70d630714d4a16fcf44883971e3fc286d6bb6cc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 02 Jan 2025 03:55:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 03:55:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110436
x-xss-protection
0
server
Google Tag Manager
main.js
i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 0F1C
Redirect Chain
  • https://i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Protocol
H3
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85594c8dba6b06df8c2fcb0a95dd0acab79bb33cd39b388fdf1691d381f1c2b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qc8hSqVcRAUi16SSi5%2BPPcPhHrJ18Js1cYTeX4S44uCXJNYhbYncBeqnoasWn8ki%2FRvvp%2Fl1CdzdGRVO%2FUz3RYqmku4K01%2BVSOydIfy32wG%2FopfAqTDhEYwlzq%2B4FwrVs2xB3LdE3SKlqUKwZsIqOXlq1n8lxjpOzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8fb7d02a6915d374-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8048&min_rtt=6332&rtt_var=1861&sent=41&recv=32&lost=0&retrans=0&sent_bytes=23228&recv_bytes=14219&delivery_rate=53005&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=2459&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 03:55:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ux971x0%2FOb3Rk2AYWfzcqVXV38m5XjOY%2FMsan1JOIXdCf2u4T9o70GiiLYGOWaJwKrgGQ3q1guNkmoartJvbT3xD1VszH%2Fn6%2Fw5JTOz4ex1B4iTE9O0D1ykAeVUOf5LWX%2B9n51QpCo37yX1iK65G%2Fj2H3lD1zx%2FmrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fb7d02a48f9d374-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=7675&min_rtt=6332&rtt_var=1486&sent=37&recv=27&lost=0&retrans=0&sent_bytes=22249&recv_bytes=9965&delivery_rate=277435&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=2445&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 03:55:22 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PNFHQ1FTKQ&gtm=45je4cc1v9137753640za200&_p=1735790122588&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1055901411.1735790123&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735790122&sct=1&seg=0&dl=https%3A%2F%2Fi777777o6d6170696e63o6f7267z.oszar.com%2Fdrugnews%2Fv11%2Fn184%2Fa09.html&dt=US%20MT%3A%20Poll%3A%20Majority%20of%20Montanans%20Favor%20Repeal%20of%20Medical&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2468
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://i777777o6d6170696e63o6f7267z.oszar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 03:55:22 GMT
content-type
text/plain
server
Golfe2
rum
i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8fb7d02a6914d374-FRA
access-control-allow-origin
https://i777777o6d6170696e63o6f7267z.oszar.com
date
Thu, 02 Jan 2025 03:55:22 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
i777777o6d6170696e63o6f7267z.oszar.com/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f325400640fe23f1d99a31b40dfd43cb4c37c5fec9fe428f2042576b4bbb7654

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"3a5e-6516f11b-1f2268;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psaMwzXWgaV2Dnu7X1VunoJNcSAFGuULdQD5cdFBWt%2BN21s02GT3KhVbu8u%2ByjV%2Bwc5FsRn%2BC%2BX5CjwS46I4RPtGe7Gqk9pq%2BmYmsvcvy0tL2O8u%2BwI2NOLFQFCNZmGu0Th%2BEP%2BRCRY3iBU8kdWAyuSP5yFmBQwJWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 01 Jan 2025 04:52:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8669&min_rtt=6332&rtt_var=2160&sent=60&recv=51&lost=0&retrans=0&sent_bytes=29730&recv_bytes=32015&delivery_rate=73669&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=2595&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 03:55:22 GMT
content-type
image/x-icon
last-modified
Fri, 29 Sep 2023 15:45:31 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fb7d02a6916d374-FRA
server
cloudflare
8fb7d01b1a2dd374
i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0F1C 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/jsd/r/8fb7d01b1a2dd374
Requested by
Host: i777777o6d6170696e63o6f7267z.oszar.com
URL: https://i777777o6d6170696e63o6f7267z.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pl5wZV%2FWL3V0gC8BQ%2BbGvoJbLzG%2BysJvk%2B3Q9mJDib%2Bu49cuRWGD%2BiOsqy7H5Ftk8Ig2u2NqRo5P9EWgR5Q91uWI1ZzvScvwAGMWIKanKsTSuCdnZGFIY20c8GqPs8RseAxPCzHspLjvCahAndnEowY4Q5abN4ezjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fb7d02ab96ed374-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8945&min_rtt=6332&rtt_var=2146&sent=58&recv=50&lost=0&retrans=0&sent_bytes=28497&recv_bytes=31972&delivery_rate=484256&cwnd=12000&unsent_bytes=0&cid=8b9b0324d086efbb&ts=2518&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Thu, 02 Jan 2025 03:55:22 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| share_this string| email function| male2 function| popUp function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| __cfBeacon function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.i777777o6d6170696e63o6f7267z.oszar.com/ Name: mapinc_org
Value: %7B%22HttpHost%22%3A%22www.mapinc.org%22%2C%22HttpDomain%22%3A%22mapinc.org%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fdrugnews%5C%2Fv11%5C%2Fn184%5C%2Fa09.html%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.mapinc.org%5C%2Fdrugnews%5C%2Fv11%5C%2Fn184%5C%2Fa09.html%22%2C%22GirisIP%22%3A%2267.223.102.139%22%7D
.oszar.com/ Name: _ga_PNFHQ1FTKQ
Value: GS1.1.1735790122.1.0.1735790122.0.0.0
.oszar.com/ Name: _ga
Value: GA1.1.1055901411.1735790123
.oszar.com/ Name: cf_clearance
Value: .0rkok3b3FYNYjlCLycSybgP.GTDn1TE.Mxkf.H2roI-1735790122-1.2.1.1-oeojKi27e3EgE9bZo9Wp43I88WKCB6L.NjViuXqVSaS.7vAbSVQws9UJUons5KMjgCxlDTT8p4G57jWwDFlReF48YcctSIvi4v8Wvc9xwkLWNdfpf1EnywLWOPlSYye8lPPOW3I_rtbct2PzQMrsnEtZvTqrydlGO10h.L.U5roxKCyNEP_ccpItPEGxF.Elk.DVsqwNXHdVPXo8l8pnpM7UVVbX5UnKW0Do93tp7lBDlwZy_XzkCMAj.jU7Y.Qn1X546Md1rWbMmYtyQyjL0outDaovtC18tyAQsDldxT7lurF2q2RSpd7f0tEPd1C.FmSPBD.sCwMHgKbBgMGoT4lyusESo.1Uck5Yqvtghm8RvBf90NlTz37qNX3lP9nh

2 Console Messages

Source Level URL
Text
security error URL: https://i777777o6d6170696e63o6f7267z.oszar.com/drugnews/v11/n184/a09.html(Line 8)
Message:
Blocked setting the `cookies=true` cookie from a `<meta>` tag.
network error URL: https://i777777o6d6170696e63o6f7267z.oszar.com/dnpages/clip.css
Message:
Failed to load resource: the server responded with a status of 404 ()