Submitted URL: http://forwrdnow.com/aS/feedclick?s=S6mYPbIMlJqPoaSuk4_fMkWut6U4gTSnpjcTajzqm_S-SYgZMbocSsy4VhBg5laH8mFgHSWE3TYDsnAVY...
Effective URL: https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
Submission: On September 24 via manual from US

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3032::681b:b2fe, located in United States and belongs to CLOUDFLARENET, US. The main domain is ozosk.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2020. Valid for: a year.
This is the only time ozosk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.168.193.184 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 3 213.32.106.141 16276 (OVH)
1 1 213.227.134.196 60781 (LEASEWEB-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 104.18.26.20 13335 (CLOUDFLAR...)
14 6
Domain Requested by
8 ozosk.com www.platinium.best
ozosk.com
3 assets.hcaptcha.com ozosk.com
hcaptcha.com
3 www.platinium.best 2 redirects www.textifier.net
1 hcaptcha.com 1 redirects
1 6948d4de.linkbooster.click 1 redirects
1 admoustache.go2affise.com 1 redirects
1 stackpath.bootstrapcdn.com www.textifier.net
1 www.textifier.net
1 forwrdnow.com 1 redirects
14 9

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
www.textifier.net
GTS CA 1D2
2020-08-24 -
2020-11-22
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
www.platinium.best
Let's Encrypt Authority X3
2020-08-25 -
2020-11-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-08 -
2021-08-08
a year crt.sh

This page contains 3 frames:

Primary Page: https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
Frame ID: 0D18D0DEE7024999ACB7A389DCC363AB
Requests: 13 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/fac4185/static/hcaptcha-challenge.html
Frame ID: 307AD639F6D9A16E7A9D6D6147992B12
Requests: 1 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/fac4185/static/hcaptcha-checkbox.html
Frame ID: FA1AAC04264A2B7C367F1671C155C7D5
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://forwrdnow.com/aS/feedclick?s=S6mYPbIMlJqPoaSuk4_fMkWut6U4gTSnpjcTajzqm_S-SYgZMbocSsy4VhBg5... HTTP 302
    https://www.textifier.net/ Page URL
  2. https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2 Page URL
  3. https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2&eyeg=ebdd2133cba855d406b93842fbc... HTTP 302
    https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2&oyeg=ebdd2133cba855d406b93842fbc... HTTP 301
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=453&sub1=330009cb09fcbab832d619ab395db919... HTTP 302
    https://6948d4de.linkbooster.click/rc/2d6e24facd?affclick=5f6cb9b0d796fb0001d579f4&pubid=453 HTTP 302
    https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

98 kB
Transfer

371 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://forwrdnow.com/aS/feedclick?s=S6mYPbIMlJqPoaSuk4_fMkWut6U4gTSnpjcTajzqm_S-SYgZMbocSsy4VhBg5laH8mFgHSWE3TYDsnAVYI3BEIeYI5rfRV2QiUnMKG1xv33F3wbX5VhbZLXvy1OIW1pxobt_CXD7W1KPeOWoM6b-N-rdNkL0KhiQUNGPlDA7ct7dSQh7Or_yafCKMXNP9MN7ZVN9gty8x-iAvqudV-pvnC9rqEqwBeaydl2PvLBwJw_GEzhidU_ub2iJkqgHMA7HXm5Cq189nKcpODO6hRImU4rGsiYgEjl4EVk4bzAGg_ryNpnggAr_y9xmpptyX9fB_eUMQGu617ZXUpap5ROEEipvZkbFDww5WGlbfRWzzzgzws40KJgaZxocob4co5Z0-ekMBTV9tTXgXI8mkMgM9RmBfQFyw2kkhicjPmEv7ASA1PIrYQFpDa1BcXWFolL1xSsABYJaIqdYHfW-6uXUsbcu1ybWzhBeEy2D91pxACP8i3XXdpVFf7BeEcba6N9YqZhhllmDdKO5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEBUGgfDc7UaminJ5zlQmtYLVaHcodejbvmZ4JNqwvtfxNjTcQOom_iFTCMkECjwUBFT_pzCrMi7wnB6LJneQnlwvHM7OxzOG0DoFZeBROUlkP5B8gI5mYZd9P705unKMoaDaiydQS7oCfEKDLF8V41zhUEMFyftZfbIHjk5sol4ornblSMB1D729fBSVr2GuQn3vg0_LsWhG6TnfaPyB8GRIyJWrzlJpHNs7M3cBsXTZqroUKhP-V3XH8dLYd0OJF0zseX3VWu053WxEO2JfmwtsJP540HI5FHD-C4Utm56AhGtEg0NuGFsAjKIsa6aWLOFQQwXJ-1l9sgeOTmyiXigeQrKU3UgubC5Ei6qhSQ1xMKyxAGjlv4KfFUzM3o4GMVykTZ6PKfeORho-ntqBamGPF3pEdA4vzCxYelVoe1e9iAbtp9NeTI HTTP 302
    https://www.textifier.net/ Page URL
  2. https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2 Page URL
  3. https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2&eyeg=ebdd2133cba855d406b93842fbce5eba&eyer=0.5139052045793604&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net HTTP 302
    https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2&oyeg=ebdd2133cba855d406b93842fbce5eba&eyer=0.5139052045793604&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net&eyeg=3 HTTP 301
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=453&sub1=330009cb09fcbab832d619ab395db919d9efe0924-202009-flb*4828796-4dcd2**sl_4828796-4dcd2*2543ccf3b9a793593bfc7f25e0d38d1abe2af55e** HTTP 302
    https://6948d4de.linkbooster.click/rc/2d6e24facd?affclick=5f6cb9b0d796fb0001d579f4&pubid=453 HTTP 302
    https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://forwrdnow.com/aS/feedclick?s=S6mYPbIMlJqPoaSuk4_fMkWut6U4gTSnpjcTajzqm_S-SYgZMbocSsy4VhBg5laH8mFgHSWE3TYDsnAVYI3BEIeYI5rfRV2QiUnMKG1xv33F3wbX5VhbZLXvy1OIW1pxobt_CXD7W1KPeOWoM6b-N-rdNkL0KhiQUNGPlDA7ct7dSQh7Or_yafCKMXNP9MN7ZVN9gty8x-iAvqudV-pvnC9rqEqwBeaydl2PvLBwJw_GEzhidU_ub2iJkqgHMA7HXm5Cq189nKcpODO6hRImU4rGsiYgEjl4EVk4bzAGg_ryNpnggAr_y9xmpptyX9fB_eUMQGu617ZXUpap5ROEEipvZkbFDww5WGlbfRWzzzgzws40KJgaZxocob4co5Z0-ekMBTV9tTXgXI8mkMgM9RmBfQFyw2kkhicjPmEv7ASA1PIrYQFpDa1BcXWFolL1xSsABYJaIqdYHfW-6uXUsbcu1ybWzhBeEy2D91pxACP8i3XXdpVFf7BeEcba6N9YqZhhllmDdKO5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEBUGgfDc7UaminJ5zlQmtYLVaHcodejbvmZ4JNqwvtfxNjTcQOom_iFTCMkECjwUBFT_pzCrMi7wnB6LJneQnlwvHM7OxzOG0DoFZeBROUlkP5B8gI5mYZd9P705unKMoaDaiydQS7oCfEKDLF8V41zhUEMFyftZfbIHjk5sol4ornblSMB1D729fBSVr2GuQn3vg0_LsWhG6TnfaPyB8GRIyJWrzlJpHNs7M3cBsXTZqroUKhP-V3XH8dLYd0OJF0zseX3VWu053WxEO2JfmwtsJP540HI5FHD-C4Utm56AhGtEg0NuGFsAjKIsa6aWLOFQQwXJ-1l9sgeOTmyiXigeQrKU3UgubC5Ei6qhSQ1xMKyxAGjlv4KfFUzM3o4GMVykTZ6PKfeORho-ntqBamGPF3pEdA4vzCxYelVoe1e9iAbtp9NeTI HTTP 302
  • https://www.textifier.net/
Request Chain 8
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload HTTP 302
  • https://assets.hcaptcha.com/captcha/v1/fac4185/hcaptcha.js

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.textifier.net/
Redirect Chain
  • http://forwrdnow.com/aS/feedclick?s=S6mYPbIMlJqPoaSuk4_fMkWut6U4gTSnpjcTajzqm_S-SYgZMbocSsy4VhBg5laH8mFgHSWE3TYDsnAVYI3BEIeYI5rfRV2QiUnMKG1xv33F3wbX5VhbZLXvy1OIW1pxobt_CXD7W1KPeOWoM6b-N-rdNkL0KhiQU...
  • https://www.textifier.net/
71 KB
19 KB
Document
General
Full URL
https://www.textifier.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.textifier.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-robots-tag
all
content-type
text/html; charset=UTF-8
expires
Thu, 24 Sep 2020 15:22:23 GMT
date
Thu, 24 Sep 2020 15:22:23 GMT
cache-control
private, max-age=0
last-modified
Sun, 13 Sep 2020 10:39:26 GMT
etag
W/"385c43a3d89314b108f38f46bdce593967f04b3bf5cc152853835d49ab3d40f5"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
19615
server
GSE

Redirect headers

Server
nginx
Date
Thu, 24 Sep 2020 15:22:23 GMT
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=5
Set-Cookie
rhid=73620940749; Max-Age=15552000; Expires=Tue, 23-Mar-2021 15:22:23 GMT; Path=/; SameSite=None; secure;
Location
https://www.textifier.net/
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/
137 KB
21 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
Requested by
Host: www.textifier.net
URL: https://www.textifier.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.textifier.net
Referer
https://www.textifier.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:10 GMT
status
200
etag
"1544639650"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
21024
/
www.platinium.best/
4 KB
4 KB
Document
General
Full URL
https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2
Requested by
Host: www.textifier.net
URL: https://www.textifier.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.32.106.141 , France, ASN16276 (OVH, FR),
Reverse DNS
ip141.ip-213-32-106.eu
Software
/
Resource Hash
e4b44519a4c3019034144420f7878f5035a9b259d107761616cf0d2d9438ae9e

Request headers

Host
www.platinium.best
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://www.textifier.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.textifier.net/

Response headers

Date
Thu, 24 Sep 2020 15:22:24 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-transform
Primary Request /
ozosk.com/
Redirect Chain
  • https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2&eyeg=ebdd2133cba855d406b93842fbce5eba&eyer=0.5139052045793604&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net
  • https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2&oyeg=ebdd2133cba855d406b93842fbce5eba&eyer=0.5139052045793604&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.textifier.net&eyeg=3
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=453&sub1=330009cb09fcbab832d619ab395db919d9efe0924-202009-flb*4828796-4dcd2**sl_4828796-4dcd2*2543ccf3b9a793593bfc7f25e0d38d1abe...
  • https://6948d4de.linkbooster.click/rc/2d6e24facd?affclick=5f6cb9b0d796fb0001d579f4&pubid=453
  • https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
11 KB
5 KB
Document
General
Full URL
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
Requested by
Host: www.platinium.best
URL: https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:b2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
289f00883bde2c744b35aeec2a4513024e39e8acd51fd9339064ae1b9f9b8d9b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ozosk.com
:scheme
https
:path
/?utm_source=IP-not-valid&af5=IP-not-valid
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.platinium.best/?sl=4828796-4dcd2&data1=Track1&data2=Track2

Response headers

status
403
date
Thu, 24 Sep 2020 15:22:24 GMT
content-type
text/html; charset=UTF-8
cf-chl-bypass
1
set-cookie
__cfduid=d9513537622982a2499f79d26fcdee8721600960944; expires=Sat, 24-Oct-20 15:22:24 GMT; path=/; domain=.ozosk.com; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options
SAMEORIGIN
cf-request-id
05624e71fb0000323c4416d200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5d7d802ffd3e323c-FRA
content-encoding
br

Redirect headers

status
302
date
Thu, 24 Sep 2020 15:22:24 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d96edbcca3ea2421dfddd0e3a6b370d5a1600960944; expires=Sat, 24-Oct-20 15:22:24 GMT; path=/; domain=.linkbooster.click; HttpOnly; SameSite=Lax AWSELB=C723C109122745B344257D865D5D1ACC183B61B7F1AE90E342C0B438939A7AE20B51299DE3A5243AECAD55C2EB179589E6884CD2C67FD7E527BA7E012C3F6350D151EF00AD;PATH=/;MAX-AGE=360 __cf_bm=5ee5c3c32d5070e6cca07ceeab9b43db0601b846-1600960944-1800-AZbzVV5lpYfICxu2yD1i2jHMLjjzNMDGMc8GjMOV2Qlh; path=/; expires=Thu, 24-Sep-20 15:52:24 GMT; domain=.linkbooster.click; HttpOnly; Secure; SameSite=None
cache-control
no-cache="set-cookie"
content-language
en
location
https://ozosk.com?utm_source=IP-not-valid&af5=IP-not-valid
vary
Accept-Language,Cookie
cf-cache-status
DYNAMIC
cf-request-id
05624e7192000005fd522e7200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5d7d802f5f3f05fd-FRA
cf.errors.css
ozosk.com/cdn-cgi/styles/
23 KB
4 KB
Stylesheet
General
Full URL
https://ozosk.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: ozosk.com
URL: https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:b2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:22:24 GMT
content-encoding
gzip
last-modified
Mon, 14 Sep 2020 19:47:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f5fc8eb-5c88"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200, public
cf-ray
5d7d80302db0323c-FRA
cf-request-id
05624e72180000323c44170200000001
expires
Thu, 24 Sep 2020 17:22:24 GMT
v1
ozosk.com/cdn-cgi/challenge-platform/orchestrate/captcha/
38 KB
13 KB
Script
General
Full URL
https://ozosk.com/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Requested by
Host: ozosk.com
URL: https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:b2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
084338d981d882ecb742f4c6ed446f7f04fab0cd39307e60f6fd6c9a3066520a

Request headers

Referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:22:24 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cf-ray
5d7d80303de3323c-FRA
cf-request-id
05624e72270000323c44171200000001
transparent.gif
ozosk.com/cdn-cgi/images/trace/captcha/nojs/h/
42 B
153 B
Image
General
Full URL
https://ozosk.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=5d7d802ffd3e323c
Requested by
Host: ozosk.com
URL: https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:b2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:22:24 GMT
last-modified
Mon, 14 Sep 2020 19:47:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f5fc8eb-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5d7d80304dee323c-FRA
content-length
42
cf-request-id
05624e722a0000323c44172200000001
expires
Thu, 24 Sep 2020 17:22:24 GMT
browser-bar.png
ozosk.com/cdn-cgi/images/
715 B
822 B
Image
General
Full URL
https://ozosk.com/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: ozosk.com
URL: https://ozosk.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:b2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ozosk.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:22:24 GMT
last-modified
Mon, 14 Sep 2020 19:47:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f5fc8eb-2cb"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5d7d80304def323c-FRA
content-length
715
cf-request-id
05624e722b0000323c44173200000001
expires
Thu, 24 Sep 2020 17:22:24 GMT
cf-no-screenshot-warn.png
ozosk.com/cdn-cgi/images/
3 KB
3 KB
Image
General
Full URL
https://ozosk.com/cdn-cgi/images/cf-no-screenshot-warn.png
Requested by
Host: ozosk.com
URL: https://ozosk.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:b2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ozosk.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:22:24 GMT
last-modified
Mon, 14 Sep 2020 19:47:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f5fc8eb-a20"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5d7d80304df1323c-FRA
content-length
2592
cf-request-id
05624e722b0000323c44174200000001
expires
Thu, 24 Sep 2020 17:22:24 GMT
hcaptcha.js
assets.hcaptcha.com/captcha/v1/fac4185/
Redirect Chain
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
  • https://assets.hcaptcha.com/captcha/v1/fac4185/hcaptcha.js
61 KB
20 KB
Script
General
Full URL
https://assets.hcaptcha.com/captcha/v1/fac4185/hcaptcha.js
Requested by
Host: ozosk.com
URL: https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6965727169b99a8b2b2b49fdf4ee81fb1fdf2ce9a302a95bddbe46b4f793235f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
6071
cf-polished
origSize=62585
status
200
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
21CD76C3B7354213
x-amz-id-2
VB99F7CNmi5q3muOwsqPC7wS9j5U9X4hK3ceAHa6U3aFGkoxEkjfhfq/FgH+QwPmIIhU+hTUF3A=
last-modified
Tue, 22 Sep 2020 10:36:26 GMT
server
cloudflare
etag
W/"d766c779fc539c3f78759e659b8739c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600
cf-request-id
05624e72da0000177af6857200000001
cf-ray
5d7d803158f5177a-FRA
cf-bgj
minify

Redirect headers

date
Thu, 24 Sep 2020 15:22:24 GMT
x-content-type-options
nosniff
server
cloudflare
status
302
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://assets.hcaptcha.com/captcha/v1/fac4185/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
5d7d803138a9177a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05624e72c50000177af6853200000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
0acf0592446155d
ozosk.com/cdn-cgi/challenge-platform/generate/ov1/0.8557484702587839:1600958674:df16c7e99eaf82afb794fb81fff6bdcdfafb5863bd74dca63c6ce2af5e7cab66/5d7d802ffd3e323c/
18 KB
5 KB
XHR
General
Full URL
https://ozosk.com/cdn-cgi/challenge-platform/generate/ov1/0.8557484702587839:1600958674:df16c7e99eaf82afb794fb81fff6bdcdfafb5863bd74dca63c6ce2af5e7cab66/5d7d802ffd3e323c/0acf0592446155d
Requested by
Host: ozosk.com
URL: https://ozosk.com/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:b2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce3e132fb978cff77ef912cd0d9fbb36cd15ae9fc90c076534e85d596afe0ea3

Request headers

Referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
0acf0592446155d
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 24 Sep 2020 15:22:24 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5d7d80313868323c-FRA
cf-request-id
05624e72c70000323c4417c200000001
truncated
/
254 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e2d06fa3b530ba5fea8f74637adbc33a61828a0ee5f64365312edbece838186

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
0acf0592446155d
ozosk.com/cdn-cgi/challenge-platform/generate/ov1/0.8557484702587839:1600958674:df16c7e99eaf82afb794fb81fff6bdcdfafb5863bd74dca63c6ce2af5e7cab66/5d7d802ffd3e323c/
4 KB
2 KB
XHR
General
Full URL
https://ozosk.com/cdn-cgi/challenge-platform/generate/ov1/0.8557484702587839:1600958674:df16c7e99eaf82afb794fb81fff6bdcdfafb5863bd74dca63c6ce2af5e7cab66/5d7d802ffd3e323c/0acf0592446155d
Requested by
Host: ozosk.com
URL: https://ozosk.com/cdn-cgi/challenge-platform/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:b2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc560ef3ff8107e754f556a12109737e90fa74f97145a06624916688871f24b

Request headers

Referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
0acf0592446155d
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 24 Sep 2020 15:22:25 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5d7d80336e00323c-FRA
cf-request-id
05624e74200000323c4419e200000001
hcaptcha-challenge.html
assets.hcaptcha.com/captcha/v1/fac4185/static/ Frame 307A
0
0
Document
General
Full URL
https://assets.hcaptcha.com/captcha/v1/fac4185/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/fac4185/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid

Response headers

status
200
date
Thu, 24 Sep 2020 15:22:25 GMT
content-type
text/html
set-cookie
__cfduid=df973153ba3b11d49e7e6d162cdefd6791600960945; expires=Sat, 24-Oct-20 15:22:25 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
YbVH2Re6UsSp1QHrY+absg7BIs4AZXqDLcBHhMolV4hVvDpTCuCI51fVL6YSIFh5ONsrGgoacKo=
x-amz-request-id
2CE3333B290578FA
cache-control
max-age=1209600
last-modified
Tue, 22 Sep 2020 10:36:27 GMT
cf-cache-status
DYNAMIC
cf-request-id
05624e75050000177af6889200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5d7d8034d9df177a-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.html
assets.hcaptcha.com/captcha/v1/fac4185/static/ Frame FA1A
0
0
Document
General
Full URL
https://assets.hcaptcha.com/captcha/v1/fac4185/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/fac4185/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ozosk.com/?utm_source=IP-not-valid&af5=IP-not-valid

Response headers

status
200
date
Thu, 24 Sep 2020 15:22:25 GMT
content-type
text/html
set-cookie
__cfduid=df973153ba3b11d49e7e6d162cdefd6791600960945; expires=Sat, 24-Oct-20 15:22:25 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
WNCXw4FTL3Z56g9UGUo/iiUxLRDvbYLVkS6niIqUC2klXhHGl3qe1uqGND/QbGzy1ZG5Ayt6dJE=
x-amz-request-id
C88C437F9E808FF2
cache-control
max-age=1209600
last-modified
Tue, 22 Sep 2020 10:36:27 GMT
cf-cache-status
DYNAMIC
cf-request-id
05624e75060000177af688a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5d7d8034d9e5177a-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _cf_chl_opt function| _cf_chl_enter function| a function| b object| _cf_translation function| SHA256 boolean| _cf_chl_done_ran function| _cf_chl_done function| _cf_chl_hload function| sendRequest object| _cf_chl_ctx object| hcaptcha object| grecaptcha boolean| _cf_chl_hloaded function| _ number| jEcJQb

2 Cookies

Domain/Path Name / Value
ozosk.com/ Name: cf_chl_prog
Value: e
.ozosk.com/ Name: __cfduid
Value: d9513537622982a2499f79d26fcdee8721600960944

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block