urlscan.io logo urlscan.io
SecurityTrails logo

ozwl.xyz Open in urlscan Pro
2606:4700:3036::ac43:bf06  Public Scan

Go To Rescan Add Verdict Report
URL: https://ozwl.xyz/ph_share_ugc.html?pid=app_invites&uid=43000958064&af_adset=gra_graModal1_copy_lpA&page_name=gra&...
Submission Tags: @phish_report
Submission: On September 20 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3036::ac43:bf06, located in United States and belongs to CLOUDFLARENET, US. The main domain is ozwl.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.
This is the only time ozwl.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 118.194.233.238 135377 (UCLOUD-HK...)
8 3
Apex Domain
Subdomains		 Transfer
5 ozwl.xyz
ozwl.xyz
97 KB
1 idtopnews.com
api-task.idtopnews.com
1 phugc.com
stat.phugc.com — Cisco Umbrella Rank: 854136
450 B
8 3
Domain Requested by
5 ozwl.xyz ozwl.xyz
1 api-task.idtopnews.com ozwl.xyz
1 stat.phugc.com ozwl.xyz
8 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-26		 a year crt.sh
*.phugc.com
R3		 2023-09-12 -
2023-12-11		 3 months crt.sh
*.idtopnews.com
R3		 2023-09-12 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ozwl.xyz/ph_share_ugc.html?pid=app_invites&uid=43000958064&af_adset=gra_graModal1_copy_lpA&page_name=gra&trigger_item=graModal1&shared_to=lpA&shared_by=copy&country_code=ph&product=phugc
Frame ID: C4B1889A36FDD18347328A9A5CFFFCE4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bling Story - Earn money by watching news and videos

Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

98 kB
Transfer

155 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ph_share_ugc.html
ozwl.xyz/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozwl.xyz/ph_share_ugc.html?pid=app_invites&uid=43000958064&af_adset=gra_graModal1_copy_lpA&page_name=gra&trigger_item=graModal1&shared_to=lpA&shared_by=copy&country_code=ph&product=phugc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:bf06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4bacb4334fd3d37f7eaa21f62f72a0597acf04c05fcbfc49119bb0cb5099a49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8098a55d8d46b52d-OSL
content-encoding
br
content-type
text/html
date
Wed, 20 Sep 2023 08:19:53 GMT
last-modified
Tue, 25 Oct 2022 12:26:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWyN3HKWencfM%2FQ6A9IGg5ZQbpH2q0TXbk5371bi6Q9uFyX%2BV05XIz%2FVo4GgSLGpqJioBzQJBkBykiSDSPRHahy3QJd4GmCFbZA5E6HProETPjscYSXc2du4FeZ%2F2cq64ePE0p66iw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ph_share_ugc.6108b604d70068cd25cc.css
ozwl.xyz/css/ 		21 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ozwl.xyz/css/ph_share_ugc.6108b604d70068cd25cc.css
Requested by
Host: ozwl.xyz
URL: https://ozwl.xyz/ph_share_ugc.html?pid=app_invites&uid=43000958064&af_adset=gra_graModal1_copy_lpA&page_name=gra&trigger_item=graModal1&shared_to=lpA&shared_by=copy&country_code=ph&product=phugc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:bf06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4338b51caf3776f1389299373324be947a8e02795f591c3c87dba7d6d20d15fd

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ozwl.xyz/ph_share_ugc.html?pid=app_invites&uid=43000958064&af_adset=gra_graModal1_copy_lpA&page_name=gra&trigger_item=graModal1&shared_to=lpA&shared_by=copy&country_code=ph&product=phugc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 08:19:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 Oct 2022 12:26:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6357d60e-54e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoqTgZ5v413wYYHGR8QA%2BiWjtI0sIVzu82JkBZEUpw8E07Au%2BUednLDmitoCvIJryzF3cP0k1RD0K%2Fc%2FBOWSRj%2FDA7EKxx1isEARYs14XOppWeyse%2B4YviW1p%2Bp5rB5D5g2g6PxMhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8098a5615fc3b52d-OSL
alt-svc
h3=":443"; ma=86400
ph_share_ugc.5a389706ad57ef7fa542.js
ozwl.xyz/js/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ozwl.xyz/js/ph_share_ugc.5a389706ad57ef7fa542.js
Requested by
Host: ozwl.xyz
URL: https://ozwl.xyz/ph_share_ugc.html?pid=app_invites&uid=43000958064&af_adset=gra_graModal1_copy_lpA&page_name=gra&trigger_item=graModal1&shared_to=lpA&shared_by=copy&country_code=ph&product=phugc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:bf06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
992e9a78a0c8e52fb3b2394f6ac2ce8918bff67d2487d9eb3df8b3d1b2ff8de7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ozwl.xyz/ph_share_ugc.html?pid=app_invites&uid=43000958064&af_adset=gra_graModal1_copy_lpA&page_name=gra&trigger_item=graModal1&shared_to=lpA&shared_by=copy&country_code=ph&product=phugc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 08:19:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 Oct 2022 12:26:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6357d60e-eea4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2B%2BrpdreH1Lr%2Buqwylo36wy5O2hge85Ak0yT7lmgyq78mCrueKOwnD8BD%2Btk1AabcHNRazYGggrcLTQo%2FFA5Hbfyr5t1XD0Iw0LEohzs4G4NFumsNnhR06GeOdL7rWSKkVFsyctktQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8098a5616fc7b52d-OSL
alt-svc
h3=":443"; ma=86400
ed0cd38487ed5ea68409122523febee8.png
ozwl.xyz/img/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ozwl.xyz/img/ed0cd38487ed5ea68409122523febee8.png
Requested by
Host: ozwl.xyz
URL: https://ozwl.xyz/css/ph_share_ugc.6108b604d70068cd25cc.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:bf06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62317ab3860c8020ebc2ccda2fa7b2dbb64e07fada17b1c4c072faae1890f47d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ozwl.xyz/css/ph_share_ugc.6108b604d70068cd25cc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 08:19:54 GMT
cf-cache-status
MISS
last-modified
Tue, 25 Oct 2022 12:26:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6357d60e-9e43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOg%2B%2BNNtbAwJyLMTCU3XcB%2FPwEZO7TER3na%2B0qVddVRW5Y6gVoQmMU0C27HYx1s90ECnotpuDIz0KBkIZTV5Ez5TUZfwRwq%2BD2EJt4UomWiSy%2F8bGpBU1AdnelEwXIXfGyHqTBRGSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8098a56519e1569c-OSL
alt-svc
h3=":443"; ma=86400
content-length
40515
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c3584b66eaf63443c4abb5776751cc0be23e294e378eaf2d1fdc6cc351fc4d6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
80ae108d67cd09b0fef35f153fa90e11.png
ozwl.xyz/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ozwl.xyz/img/80ae108d67cd09b0fef35f153fa90e11.png
Requested by
Host: ozwl.xyz
URL: https://ozwl.xyz/css/ph_share_ugc.6108b604d70068cd25cc.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:bf06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9da7affe7294b0dc807621077788b43bacbd6ed04d9e8ff38b3007aa2199200

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ozwl.xyz/css/ph_share_ugc.6108b604d70068cd25cc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 08:19:54 GMT
cf-cache-status
MISS
last-modified
Tue, 25 Oct 2022 12:26:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6357d60e-5226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kl8MmeAVIn%2BrYecH4TkDtVZMZj64NNwYpSa3j8aAyjFPky9d36Lrh0O0Qg8z5HVlJmot0QkhLAcr5xszSG4RiOdWjHog2t754FgluuqOrJVeDizSHxRo7GBwRwNCvOpv8JU05kgVZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8098a56529e3569c-OSL
alt-svc
h3=":443"; ma=86400
content-length
21030
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e42b59282d4e9c75b234ddeeefd32820816f7c0548607528b3e34a224e218125

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d23125f860addf09a4725784ce9597db8b9c2616164b55141e5e8b4a0f9af74

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		894 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f0551824968832e090d25551160f007f2176ac6bbcbe04b7a0e58ec0aa25efd

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
h5_stat
stat.phugc.com/api/ 		9 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.phugc.com/api/h5_stat?sign=988428f473c34cd285188e7b6becd9e3
Requested by
Host: ozwl.xyz
URL: https://ozwl.xyz/js/ph_share_ugc.5a389706ad57ef7fa542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.194.233.238 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822

Request headers

Referer
https://ozwl.xyz/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 20 Sep 2023 08:19:55 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ozwl.xyz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
9
latest_withdraw_list
api-task.idtopnews.com/v1/cash/cashout/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-task.idtopnews.com/v1/cash/cashout/latest_withdraw_list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.194.233.238 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ozwl.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
43
Content-Type
application/json
Date
Wed, 20 Sep 2023 08:19:55 GMT
Referrer-Policy
same-origin
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
latest_withdraw_list
api-task.idtopnews.com/v1/cash/cashout/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api-task.idtopnews.com
URL
https://api-task.idtopnews.com/v1/cash/cashout/latest_withdraw_list

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| lib number| rem number| dpr function| Zepto function| $ string| product string| countryCode number| timeoutInterval number| milliInterval

0 Cookies

2 Console Messages

Source Level URL
Text
javascript error URL: https://ozwl.xyz/ph_share_ugc.html?pid=app_invites&uid=43000958064&af_adset=gra_graModal1_copy_lpA&page_name=gra&trigger_item=graModal1&shared_to=lpA&shared_by=copy&country_code=ph&product=phugc
Message:
Access to XMLHttpRequest at 'https://api-task.idtopnews.com/v1/cash/cashout/latest_withdraw_list' from origin 'https://ozwl.xyz' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api-task.idtopnews.com/v1/cash/cashout/latest_withdraw_list
Message:
Failed to load resource: net::ERR_FAILED