ozowin.online Open in urlscan Pro
104.21.112.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portalsfailover.winzip.fr/
Effective URL:
https://ozowin.online/RFSZ005
Submission Tags: @phish_report
Submission: On January 15 via api (January 15th 2025, 8:21:01 pm UTC) from FI — Scanned from AU

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 51 HTTP transactions. The main IP is 104.21.112.1, located in and belongs to CLOUDFLARENET, US. The main domain is ozowin.online.
TLS certificate: Issued by WE1 on December 8th 2024. Valid for: 3 months.

This is the only time ozowin.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	185.53.177.72 185.53.177.72	61969 (TEAMINTER...) (TEAMINTERNET-AS Team Internet AG)
1	108.158.29.87 108.158.29.87	16509 (AMAZON-02) (AMAZON-02)
1 2	35.171.240.102 35.171.240.102	14618 (AMAZON-AES) (AMAZON-AES)
23	104.21.112.1 104.21.112.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.71.74 142.250.71.74	15169 (GOOGLE) (GOOGLE)
1	47.246.42.231 47.246.42.231	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	142.250.204.8 142.250.204.8	15169 (GOOGLE) (GOOGLE)
4	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
1	142.250.66.227 142.250.66.227	15169 (GOOGLE) (GOOGLE)
10	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
2	142.250.66.238 142.250.66.238	15169 (GOOGLE) (GOOGLE)
51	12

4 185.53.177.72 (Germany)

ASN61969 (TEAMINTERNET-AS Team Internet AG, DE)

portalsfailover.winzip.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.29.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-29-87.syd3.r.cloudfront.net

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.171.240.102 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-240-102.compute-1.amazonaws.com

ernus-dop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.21.112.1 (None, )

ASN13335 (CLOUDFLARENET, US)

ozowin.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.71.74 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.42.231 (Sydney, Australia)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

o.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	ozowin.online ozowin.online	2 MB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	81 KB
4	winzip.fr portalsfailover.winzip.fr	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	184 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
2	ernus-dop.com 1 redirects ernus-dop.com	4 KB
1	gstatic.com fonts.gstatic.com	126 KB
1	alicdn.com o.alicdn.com — Cisco Umbrella Rank: 22534	72 KB
1	cloudfront.net d38psrni17bvxu.cloudfront.net	1 KB
51	11

	Domain	Requested by
23	ozowin.online	ernus-dop.com ozowin.online
10	www.facebook.com	ozowin.online
4	connect.facebook.net	portalsfailover.winzip.fr connect.facebook.net
4	portalsfailover.winzip.fr	d38psrni17bvxu.cloudfront.net portalsfailover.winzip.fr
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	ozowin.online www.googletagmanager.com
2	fonts.googleapis.com	ozowin.online
2	ernus-dop.com	1 redirects portalsfailover.winzip.fr
1	fonts.gstatic.com	fonts.googleapis.com
1	o.alicdn.com	ozowin.online
1	d38psrni17bvxu.cloudfront.net	portalsfailover.winzip.fr
51	11

This site contains no links.

Subject Issuer	Validity	Valid
portalsfailover.winzip.fr R10	`2025-01-15` - `2025-04-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
ernus-dop.com Amazon RSA 2048 M02	`2024-11-22` - `2025-12-22`	a year	crt.sh
ozowin.online WE1	`2024-12-08` - `2025-03-08`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3	`2024-06-19` - `2025-07-21`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-25` - `2025-01-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ozowin.online/RFSZ005
Frame ID: CC39EDC5441D4F41C6F90AB80FB80263
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OZOWIN - OZ Best Online Casino, Better Odds, Bigger Win!

Page URL History Show full URLs

http://portalsfailover.winzip.fr/ HTTP 307
https://portalsfailover.winzip.fr/ Page URL
https://ernus-dop.com/zclkvisitor/34f69513-d37e-11ef-9f8c-0affdcd764f1/85aefdc2-9ed0-48aa-922d-60f... Page URL
https://ernus-dop.com/zclkredirect?visitid=34f69513-d37e-11ef-9f8c-0affdcd764f1&type=js&browserWid... HTTP 302
https://ozowin.online/RFSZ005 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

51
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

12
IPs

4
Countries

2451 kB
Transfer

5410 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portalsfailover.winzip.fr/ HTTP 307
https://portalsfailover.winzip.fr/ Page URL
https://ernus-dop.com/zclkvisitor/34f69513-d37e-11ef-9f8c-0affdcd764f1/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f20c19f0-c428-11ef-9507-12832fc4c381 Page URL
https://ernus-dop.com/zclkredirect?visitid=34f69513-d37e-11ef-9f8c-0affdcd764f1&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B08%3A00&timezoneName=Australia%2FPerth HTTP 302
https://ozowin.online/RFSZ005 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://portalsfailover.winzip.fr/ HTTP 307
https://portalsfailover.winzip.fr/

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
portalsfailover.winzip.fr/
Redirect Chain

http://portalsfailover.winzip.fr/
https://portalsfailover.winzip.fr/

2 KB
2 KB

2671ms
833ms

Document
text/html

185.53.177.72
TEAMINTERNET-AS T...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsfailover.winzip.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: Caddy nginx /
Resource Hash: 7dcb250da41117750f8caff06446cefcf428f2840b70c0361e9af3c0f569001b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ch: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":8443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 15 Jan 2025 20:20:48 GMT
server: Caddy nginx
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_bBTjriptFyadtDBeY9cEmHvBE4JLKxLSdGDN9zcw3b6lzjXPYLWhEzFuuZe2Kljao/FvOlAdI45glkm5ShZyvQ==
x-buckets: bucket014,bucket088,bucket077
x-domain: winzip.fr
x-language: english
x-pcrew-blocked-reason: hosting network
x-pcrew-ip-organization: ProtonVPN
x-redirect: zeropark_zeroclick
x-subdomain: portalsfailover
x-template: tpl_MobileCleanBlack_twoclick

Redirect headers

Location: https://portalsfailover.winzip.fr/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js3.js Show response
d38psrni17bvxu.cloudfront.net/scripts/ 1 KB
1 KB 424ms
186ms Script
text/javascript 108.158.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by: Host: portalsfailover.winzip.fr
URL: https://portalsfailover.winzip.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-29-87.syd3.r.cloudfront.net
Software: nginx /
Resource Hash: 036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://portalsfailover.winzip.fr/

Response headers

etag: "czzekhpparg7ug"
age: 65589
via: 1.1 6d9ff63cdcc93ca8f7c1714fbd746b66.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1096
x-amz-cf-id: FSlxZPPK7brlFhfW0SyAzl3Zpgc5T09Aeyd5Nb7Fv34RLhVqLrMZOQ==
date: Wed, 15 Jan 2025 02:07:39 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 21 Mar 2024 11:48:11 GMT
server: nginx
x-amz-cf-pop: SYD3-P2
vary: Accept-Encoding

GET
H2 200 track.php Show response
portalsfailover.winzip.fr/ 0
92 B 254ms
254ms XHR
text/html 185.53.177.72
TEAMINTERNET-AS T...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsfailover.winzip.fr/track.php?domain=winzip.fr&toggle=browserjs&uid=MTczNjk3MjQ0Ny44MjA0OjMzMDg0MjZjYTAzMjA5NzFlMTRjZjdiNTViYWFmZTdhOTFkYThiYzc1OTcxOGMwZmQ3ZTk5NDMxMjA0Nzg4ODU6Njc4ODE4OWZjODRhYQ%3D%3D
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: Caddy, nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width: 1600
ect: 4g
Referer: https://portalsfailover.winzip.fr/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
rtt: 150
downlink: 10

Response headers

content-encoding: gzip
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
x-custom-track: browserjs
access-control-allow-origin: *
alt-svc: h3=":8443"; ma=2592000
date: Wed, 15 Jan 2025 20:20:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, nginx

GET
H2 201 ls.php
portalsfailover.winzip.fr/ 16 B
391 B 257ms
257ms XHR
text/javascript 185.53.177.72
TEAMINTERNET-AS T...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsfailover.winzip.fr/ls.php?t=678818a0&token=aec422398b155eccceab50c5833136302531e86e
Requested by: Host: portalsfailover.winzip.fr
URL: https://portalsfailover.winzip.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: Caddy, nginx /
Resource Hash

Request headers

viewport-width: 1600
ect: 4g
Referer: https://portalsfailover.winzip.fr/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
rtt: 150
downlink: 10

Response headers

access-control-max-age: 86400
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods: POST, OPTIONS
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_paAZMHaEwDJYFsaYfpfF2Ui0WpCyFWyVgsf8kKe90GWfA7SnDVkwm9D+q5cNJNxTs49DS/NaFkgfn/5z5JdgVw==
accept-ch-lifetime: 30
x-log-success: 678818a1b3c3ad33710db830
access-control-allow-origin
alt-svc: h3=":8443"; ma=2592000
date: Wed, 15 Jan 2025 20:20:49 GMT
charset: utf-8
content-type: text/javascript;charset=UTF-8
server: Caddy, nginx

GET
H2 200 track.php
portalsfailover.winzip.fr/ 0
76 B 345ms
345ms XHR
text/html 185.53.177.72
TEAMINTERNET-AS T...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsfailover.winzip.fr/track.php?click=a33d2d320b04d90d264ddafabdaca9b119a743e3&domain=winzip.fr&uid=MTczNjk3MjQ0Ny44MjA0OjMzMDg0MjZjYTAzMjA5NzFlMTRjZjdiNTViYWFmZTdhOTFkYThiYzc1OTcxOGMwZmQ3ZTk5NDMxMjA0Nzg4ODU6Njc4ODE4OWZjODRhYQ%3D%3D&ts=fE1vYmlsZUNsZWFuQmxhY2t8fDQ3OWMwfGJ1Y2tldDAxNCxidWNrZXQwODgsYnVja2V0MDc3fHx8fHx8Njc4ODE4OWZjODQ3MHx8fDE3MzY5NzI0NDguMTkzOXxmODE1NTE5NGQ4NDY1ZWUyYzI3YmZiNzNkY2ZlZDI4ZGFlYzdmMGZkfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxXMTA9fHwxfFcxMD18YWVjNDIyMzk4YjE1NWVjY2NlYWI1MGM1ODMzMTM2MzAyNTMxZTg2ZXwwfHwwfDB8ODE3MzI3NjQ3Nnx8fA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: Caddy, nginx /
Resource Hash

Request headers

viewport-width: 1600
ect: 4g
Referer: https://portalsfailover.winzip.fr/
device-memory: 8
dpr: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
rtt: 150
downlink: 10

Response headers

content-encoding: gzip
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
x-custom-track: none
access-control-allow-origin: *
alt-svc: h3=":8443"; ma=2592000
date: Wed, 15 Jan 2025 20:20:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, nginx

GET
H2 200 85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d Show response
ernus-dop.com/zclkvisitor/34f69513-d37e-11ef-9f8c-0affdcd764f1/ 3 KB
3 KB 1478ms
642ms Document
text/html 35.171.240.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ernus-dop.com/zclkvisitor/34f69513-d37e-11ef-9f8c-0affdcd764f1/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f20c19f0-c428-11ef-9507-12832fc4c381

Requested by

Host: portalsfailover.winzip.fr
URL: https://portalsfailover.winzip.fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.171.240.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-171-240-102.compute-1.amazonaws.com

Software

Resource Hash

a0493b4dab9736db6e839bd56f88c8a04c105e04f8ec14f6056c4e60f1608c87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: https://portalsfailover.winzip.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Wed, 15 Jan 2025 20:20:50 GMT

GET
H3

200

Primary Request RFSZ005 Show response
ozowin.online/
Redirect Chain

https://ernus-dop.com/zclkredirect?visitid=34f69513-d37e-11ef-9f8c-0affdcd764f1&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
https://ozowin.online/RFSZ005

426 KB
97 KB

742ms
636ms

Document
text/html

104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ozowin.online/RFSZ005

Requested by

Host: ernus-dop.com
URL: https://ernus-dop.com/zclkvisitor/34f69513-d37e-11ef-9f8c-0affdcd764f1/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f20c19f0-c428-11ef-9507-12832fc4c381

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3610fe232ca00af20d8b84ce6d65b0fb8ce1c07143a1f70607ba6cbacb4862

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://ernus-dop.com/zclkvisitor/34f69513-d37e-11ef-9f8c-0affdcd764f1/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f20c19f0-c428-11ef-9507-12832fc4c381
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9028919e9d175c09-SYD
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 15 Jan 2025 20:20:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVzSTNBgpVt4rvhMUf88h%2BKu9t7jTVSVWzuLz4cTexkm6w5jAfAziv9lmoR4hzGS6rm2TnIir4s2HC7o996WmzoAeGXmmx5%2BkhMJGcBQf9OjAArBqrSsK%2BilgRK7i9EG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY

Redirect headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
date: Wed, 15 Jan 2025 20:20:51 GMT
location: https://ozowin.online/RFSZ005

GET
H2 200 css
fonts.googleapis.com/ 3 KB
928 B 532ms
240ms Stylesheet
text/css 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand|Dancing+Script&display=swap

Requested by

Host: ozowin.online
URL: https://ozowin.online/RFSZ005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

ESF /

Resource Hash

da19821a9bb3fb06dab3ca76aa72dc4447da632b431cd50d5e1b0d1991c01155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 15 Jan 2025 20:20:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 15 Jan 2025 20:20:52 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 icon
fonts.googleapis.com/ 572 B
423 B 578ms
286ms Stylesheet
text/css 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: ozowin.online
URL: https://ozowin.online/RFSZ005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

ESF /

Resource Hash

54536ef1791134c345fd1d7b264c675bb30dee22d74102dd84eea00fcefc0e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 15 Jan 2025 20:20:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 15 Jan 2025 20:20:52 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 html5-qrcode.min.js Show response
ozowin.online/mobile/qrcode-scanner/ 367 KB
110 KB 165ms
163ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ozowin.online/mobile/qrcode-scanner/html5-qrcode.min.js
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660b12437b1d747e3e68b8be0685c08cb728140110ad213f167b14b66f8b1d8e

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"d88d3200cb547c9e86ee972975561dcd"
age: 7183
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ok1m3LjmbbgcW%2BHLV4qD%2BlvrTtTLvBDq6GkbWu%2Fp2N%2Fg5JolJeanFwrA%2BoLRxiNHhJSbZOvaGNrVE5mRQeN6HvCP0pY9Dy2pJYM0pDQL6wTYyJADLYGSIUCVjbr3bJna"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: ae9j3oNFJ6PAhDNqLIPau7Dz4j-27s8uIPM9Cy-WlhdDtlsrdZ1vqQ==
date: Wed, 15 Jan 2025 20:20:52 GMT
content-type: application/javascript
last-modified: Tue, 09 May 2023 12:46:56 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
via: 1.1 69ce12cd28f192f5e142ba57e5fe0b80.cloudfront.net (CloudFront)
cf-ray: 902891a2bd185c09-SYD
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 tesseract.min.js Show response
ozowin.online/mobile/tesseract5/ 65 KB
11 KB 257ms
256ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ozowin.online/mobile/tesseract5/tesseract.min.js
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8e29918d098b2b06e1012bdaeffb4aec0445c5d5654709023e0bd1f442a80e8

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"762c42567bee631741908f3541ebf1c2"
age: 2918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxPHyB3A2AkBoGdZ9qJ00baSrgQAi3ffaSR2JRFHAhWvxBlXeYNcIUswkFavZJHo%2FozbU5WjK4GAwdZN5GDmbrBg4FtNgL90TK5UtDWzBDjOfcD0pf1E0Q6UqXPK1v0f"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: efoxtiu7C2aj-MSgqURoCW0y-49Nj4Kf885nT6eInYVL8TCNMzD8Nw==
date: Wed, 15 Jan 2025 20:20:52 GMT
content-type: application/javascript
last-modified: Sun, 06 Oct 2024 10:24:32 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
via: 1.1 9a7106deb28dfd2ab51b2cf73a38e2f8.cloudfront.net (CloudFront)
cf-ray: 902891a2bd195c09-SYD
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 AliyunCaptcha.js Show response
o.alicdn.com/captcha-frontend/aliyunCaptcha/ 206 KB
72 KB 405ms
156ms Script
application/javascript 47.246.42.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.alicdn.com/captcha-frontend/aliyunCaptcha/AliyunCaptcha.js
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.42.231 Sydney, Australia, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: a95de22f3c6203996be537135f9af005560c4f90210df2e75a73cfa87e65fbd4

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

x-oss-cdn-auth: success
content-md5: BHu6jfaEeL4iIgrDYvoKJg==
x-oss-storage-class: Standard
content-encoding: gzip
etag: W/"047BBA8DF68478BE22220AC362FA0A26"
age: 35206
x-oss-object-type: Normal
x-assets-pt: pt0
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Wed, 15 Jan 2025 10:34:06 GMT
x-oss-server-time: 2
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-assets-path: /captcha-frontend/aliyunCaptcha/AliyunCaptcha.js
last-modified: Thu, 26 Dec 2024 10:33:40 GMT
cache-control: max-age=604800,s-maxage=86400
x-swift-cachetime: 86400
timing-allow-origin: *
x-er-version: 0.0.6
x-oss-hash-crc64ecma: 6331265880991845412
x-assets-grey: false
via: cache22.l2sg2[88,63,304-0,C], cache27.l2sg2[66,0], ens-cache4.au4[0,0,200-0,H], ens-cache6.au4[2,0], ens-cache4.au4[6,0]
ali-swift-global-savetime: 1736937246
x-swift-savetime: Wed, 15 Jan 2025 10:34:06 GMT
access-control-allow-origin: *
eagleid: 2ff62a9817369724525642122e
x-oss-request-id: 67878F1E3A2124FE05951E51
server: Tengine

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 208 KB
75 KB 595ms
260ms Script
application/javascript 142.250.204.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8XGL5VR

Requested by

Host: ozowin.online
URL: https://ozowin.online/RFSZ005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

085c5dd455083c13d1f1bed4cff707a0eb548ba6932816e84dbcc2521fb671ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 15 Jan 2025 20:20:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 15 Jan 2025 20:00:54 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 75602
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 app.js Show response
ozowin.online/mobile/ 1 MB
370 KB 103ms
103ms Script
text/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ozowin.online/mobile/app.js?v=5257
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8903561af70a865979d1886a9fde66db54207e3d00f59c58fab690eb1daf6f1d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "5d8a0d4e89659041b04d4967ddc48a06"
age: 2918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAv8hjceHBPmivGCgM%2F7v8oQHPTZiKFpuWmXqT%2Bs1X7XS4uOxzlZ%2BeA7dIxJ2%2BRNMi4Ch2D1Cb%2Fjjszhf2ygc%2BbrD%2Bvb6lIFuMS22R4iwSC0FeUW9yuzwx6tRPXI6xzl"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: gVfT5TGhEHSHHsRWTGK9AN2YKKCNBC_eLk3sPxj7dQkzVXjUEjp-Bw==
date: Wed, 15 Jan 2025 20:20:52 GMT
content-type: text/javascript
last-modified: Wed, 15 Jan 2025 09:06:47 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 43e5fc8af777bb75886a9fb119160f30.cloudfront.net (CloudFront)
cf-ray: 902891a6cd1e5c09-SYD
accept-ranges: bytes
content-length: 377806
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 kk-bg-menu.jpg
ozowin.online/other/ 3 KB
4 KB 104ms
103ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/other/kk-bg-menu.jpg
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0efb293e15cd30d46cfc5c2acda98f4f34fd83ce06194fbfc3aea69d17046652

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "c72f26aa42a64ea3c1adb956bce40552"
age: 793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvGSHFRgN4KDCwmUHpFsmDzNcZS1XgsCwZ3YLbxAPb559WBV1Bsx17910mluqH%2FJUyzYo7hYSxUfKtk%2FQZK49I0bfNvC%2FkyQJLg7FzvynhDlRXryEArorleddf3Atk5Y"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Z6JsqvV95u1Rtx-WsG_b5766b0tpWuvR2hPl9QKkbIn62-Rq6xEdlA==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/jpeg
last-modified: Tue, 01 Dec 2020 01:36:00 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 b2c5094272cffc150b97bc982427694c.cloudfront.net (CloudFront)
cf-ray: 902891a8ed215c09-SYD
accept-ranges: bytes
content-length: 2993
x-amz-cf-pop: SIN2-P7
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 240 KB
61 KB 321ms
95ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: portalsfailover.winzip.fr
URL: https://portalsfailover.winzip.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

a02acce44f2c6df068972d20e54f5b2632f994db79a2ed7f907fd378033411ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-ojmvMKLl' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-ojmvMKLl' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=93, rtx=0, c=23, mss=1232, tbw=4510, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 03S+Em4ohpLurvlujcVu8TWwchIGz6VVdXg6Dhur2/CD6UfP7qpSEKRiTCU2byVOCqVPNdlrCiAyswCG32E8Fw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62391
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 d3c28285929666a91503a.png
ozowin.online/media/ 12 KB
12 KB 498ms
497ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/d3c28285929666a91503a.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae6ec47a1a1c80625cbcc64e3395fcb8ff21a3eebbd1b3a350cdb12531e2be3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: REVALIDATED
etag: "82f8a122f480e10c00aea8a8dcf985d1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPawH%2FRN0SO8YoDFxhnQ22DqLc0bhrVhsyL58Sn2GSaLTwy0dUjiVO2G%2FO4F5eGQM05itAtGlmy85GC1c89rZ9d8ZdDxMpFeXL3tmZDjh9FIGIm911NAzLsn%2FjbapG%2B8"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 5_N7rdcKN-xPBsbv9mAGqdYNrKNA_f6FnWyheK8qXqic0q8ghj-R7w==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Sat, 13 Jul 2024 14:56:03 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 4f553933ab4f883fedf34b4826b0ea0a.cloudfront.net (CloudFront)
cf-ray: 902891a8ed225c09-SYD
accept-ranges: bytes
content-length: 12084
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 09eaca31d25763a89ec41.png
ozowin.online/media/ 157 B
795 B 106ms
102ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/09eaca31d25763a89ec41.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2c1e9477e4eafcd124930f7623c5bfdd6df4c9e35678495186097bf2248b1d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "40fbf45f98a434c35876c61e2c10102e"
age: 451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bhf%2BUyAz2e7A9%2FH9SP8x4wthTOqYyGgk8PG2gOnWVdoxTanBTRLmVzErRSqeFspkSZshm2sMUPMNT%2BwCBHez60pHi42avf6NKHGNMhM1hfJCTM5HGoZSBvLFUMG3uNNL"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: wwpzXQIuQeuEe-6XOdLZ6-6DzCOe33zQRHAugEnMm2KWs7WqlYwUTQ==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Fri, 06 Dec 2024 10:26:03 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 894f321aaec7e16111835f5b53fa21a4.cloudfront.net (CloudFront)
cf-ray: 902891a8ed235c09-SYD
accept-ranges: bytes
content-length: 157
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 5cab671da6576bf587a31.jpg
ozowin.online/media/ 15 KB
16 KB 202ms
198ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/5cab671da6576bf587a31.jpg
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a77665e948cecc3c43f32ea84216db8be9b1bb09c9190f2c428fbcaf9f2fa2ce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "99712c94c6da7603a21e7e6ec2983397"
age: 793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chijbDF6Dv6k7JISoTMD%2B%2FF%2BOHaDqdyz%2BRCycgku7k3DmNjfw0fMFfPzoVu35hqforD4QfTTboKWh0xec3hr1eU0nmZQBbiuwBnwaw0FyoBHO0pAcfy%2BqPmA1GIOeB57"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 2wg-wDJulWjukzPRdQPTcl0gmpIBsIhMh2bB_od4HdEaAE4wudug-A==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/jpeg
last-modified: Mon, 09 Dec 2024 08:40:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 43a0285bd1ad0c838ae7aa5d803dd80e.cloudfront.net (CloudFront)
cf-ray: 902891a8ed245c09-SYD
accept-ranges: bytes
content-length: 15271
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 805a80e7d25761d417d29.png
ozowin.online/media/ 2 KB
2 KB 201ms
197ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/805a80e7d25761d417d29.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8fcab4151c1d4d045b9a7ce22e4177b193569d0ee04ce848a1199cdb21de39f

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "3fd0ecb1c3cec34ff3dcbf0e63a669c0"
age: 793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtOshcKKeZzIEmonYMr0egWLn0hH1rV9BUL7zYpiA4tvKNrTPL19G4fstlz%2BBbFIajIR4%2Fk8pUYoitUl3%2B8lvIhUcUNeLuR5iFW4qmywmj3nDPyjFnX%2Bff7zkUgeAjKp"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: KK6kQKaOku3bBouW4SfyFT7zetzuxcReXY3LBQJ1gOPDALN09E_Dsg==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Fri, 06 Dec 2024 10:54:25 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 43a0285bd1ad0c838ae7aa5d803dd80e.cloudfront.net (CloudFront)
cf-ray: 902891a8ed255c09-SYD
accept-ranges: bytes
content-length: 1892
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 0b86774476576f44d3db6.png
ozowin.online/media/ 6 KB
6 KB 109ms
105ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/0b86774476576f44d3db6.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ddfdf5381204e9e95166be6d3e979f21ca14186ff85ecb40ffa5ff5fe6abbc

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "7603e00fd31cac0eb12d3ae71c9dbbe1"
age: 2918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXzOCRLzSornoXOiM0PkKUfBLD5PzSGUi2knxJ6sCkDA381%2BPF4edbnPdIMVmeXuE2%2BaTzVoBqwWmZ0YZx3a%2FVmTHgnuu0hQHvrkhLJGuY1PX4%2BwPccPsgskwF%2FVwtac"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Xt_l7xEnPN_JgoeLBF0OFaHSWIrqrEnNgby99nBYAW-qWPWCksQG7Q==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Mon, 09 Dec 2024 04:38:32 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 d58ad928ddaa7cb5d5fa752e245330d2.cloudfront.net (CloudFront)
cf-ray: 902891a8ed275c09-SYD
accept-ranges: bytes
content-length: 5817
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 02bfeae4765761a8214f7.png
ozowin.online/media/ 4 KB
4 KB 107ms
103ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/02bfeae4765761a8214f7.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b7b7d8eca24fb27201fa774466ce80b99259aa75667cfe4501179c67c5d56e

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "515d19fbc75479f3265e834ef28734e6"
age: 793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9sc2o%2F5dD2bwawGg4HxhC7efCoL3f9RdcJswsegB2sAgDnFnxQjZ%2BByIBDdtfNOXFLZHAezFkqerc24%2FyPypH0sTCPc5zjKZzIb0loiGh%2Bo8Bp6mkBjoDec3XFiBowOM"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: fof_0HpGl9hSPR8XJQO49NIJkeP-33E5wBzl9rixg186c3KWcAfjRA==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Mon, 09 Dec 2024 04:41:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 8f2a5dcba4af73563588816a8f361736.cloudfront.net (CloudFront)
cf-ray: 902891a8ed265c09-SYD
accept-ranges: bytes
content-length: 3873
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 4fbf07f476576a3be17e0.png
ozowin.online/media/ 7 KB
7 KB 113ms
109ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/4fbf07f476576a3be17e0.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70c11ff6a95e35a91e33456b937694b393104f9b9a8e7f04009e5357a8bf57bc

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "b087713761627139b1f158bdc3e42c7a"
age: 570
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGK%2FUPSuY6B549iKyPGKMeN5AgEB9Zcm%2FCz1vYb6itOpiDAf%2FssOjQdJaSbQEZuuC61cw9wmKUhlbyXnfzE47qRWG15RV2xrAMIJau59aQywbf80lZv0vR%2F2iQy8LsG5"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ZddfYBQrSA_yvNcjWoeVA00Rwn231XaRRwDwFejADE4wNQjWxKhWfw==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Mon, 09 Dec 2024 04:41:28 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 bd549265b50500a9fe6f638d6f06192a.cloudfront.net (CloudFront)
cf-ray: 902891a8ed285c09-SYD
accept-ranges: bytes
content-length: 6937
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 cbf1d2057657692073d93.png
ozowin.online/media/ 4 KB
4 KB 202ms
198ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/cbf1d2057657692073d93.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c7df84fd5a72b6723c6490c258c2a7ae1654a766710edd2dbd478ae68d1ac88

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "f7f0c66b50ceb254c5c7b01fdc251bec"
age: 793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6Km23AHkG6EGf1YDAIfKQj5uFjTembVy2RF17%2FdcQ2RuXbk568aMBrs2ejh0IChUIyNzK9%2BL2Eamj2Pn2%2Fxffzy0VgUXG98NmUqNvbpLx7uCeyGxTH4sJVeTGUBdIuB"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: fZ6dN0NnkCX8tqo_Dws9qvUp7KuJltDTXtz13Cu1GOBkAQxxBnYVMA==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Mon, 09 Dec 2024 04:41:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 988077a6e33a5a323c517695956ab4d6.cloudfront.net (CloudFront)
cf-ray: 902891a8ed295c09-SYD
accept-ranges: bytes
content-length: 3663
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 61e8bb05765769348c1cc.png
ozowin.online/media/ 6 KB
7 KB 115ms
111ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/61e8bb05765769348c1cc.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e48f63bfa6ebbefccd463e12aec4db5e096892331ababae7318f64e990eea46f

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "ab225169b936a75092995300f79440ea"
age: 793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wveAX0MJNxY5vGEHYaCeROK7jBDaLrX7uqiSWinODq0aoHfom9EzCuEepGRenqUqpcwSF5MMdOVQtBu31w%2BSb3xOm0O7URziR5qnowUjOUu0OoTun%2FeB4yHoW8lm07p%2F"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: xHLnfPTmLhBaiqT9olnm-TWiUgOoUUn9ZAGKs5UqWE08VQFrr_dxSw==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Mon, 09 Dec 2024 04:41:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 3b9e83f086ccaf555831389882e5f732.cloudfront.net (CloudFront)
cf-ray: 902891a8ed2a5c09-SYD
accept-ranges: bytes
content-length: 6450
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v143/ 126 KB
126 KB 397ms
97ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v143/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://ozowin.online
Referer: https://fonts.googleapis.com/

Response headers

age: 198501
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 13 Jan 2026 13:12:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 13 Jan 2025 13:12:32 GMT
last-modified: Wed, 08 Jan 2025 18:24:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128616
x-xss-protection: 0
server: sffe

POST
H3 200 index.php Show response
ozowin.online/api/v1/ 221 KB
9 KB 292ms
289ms XHR
application/json 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ozowin.online/api/v1/index.php
Requested by: Host: ozowin.online
URL: https://ozowin.online/mobile/app.js?v=5257
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08838c53cb5356f6bff8aac4144c2c0cc40a3b69f56e09e75849c99a7b77a1a2

Request headers

Referer: https://ozowin.online/RFSZ005
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ldzey%2BSkrMOSBVR%2F7g2Qlk34Q6OAmW4%2B5zLirAPVI3ioL4G%2FIKGoRTDNB9ay2Qwp7PyQefQqEr19F5NdAVAfOZjVxDuks4af27tdSoX%2BQ85vPn6Q2tZhwTnan2WfKkQX"}],"group":"cf-nel","max_age":604800}
cf-ray: 902891a8ed2b5c09-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 96a971eec257689a1123c.png
ozowin.online/media/ 4 KB
4 KB 198ms
195ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/96a971eec257689a1123c.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64429d2a6fa183bab8b0d6d737f4f2965acf02d902925266fe38bf7b3fac8d99

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "5191823ecc484b70e23350dcf5d177cf"
age: 451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FqrjR%2FrPqsMU%2BQZmCDqtvWiGfKQbaIYbvZFs2CsQGdPhYOhV37vCybn71CN6lwv0oNLmHTAa4VaP1ZvE3SxsLLbuwUJXBpgRRdCaMUThKnRyhQhas5ClZML%2B4zTRrds"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: -RyFHSYn3LvXrYUEJ_jjWQ-405-4oggyjWJRz87wb0dixEYCxe8Tsg==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Fri, 06 Dec 2024 10:16:02 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a9fb1933765b2e0a17ee7cee382c4058.cloudfront.net (CloudFront)
cf-ray: 902891a8ed2e5c09-SYD
accept-ranges: bytes
content-length: 3904
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 loading.jpg
ozowin.online/other/ 6 KB
6 KB 199ms
196ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/other/loading.jpg
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77f4ea2f62778973346617ec829bae202eeee124d44a4d5e0b1f9a5d184291a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "f610622904b8a5a177f994328edc9167"
age: 793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BMUY7cBMTvMdRxeEXQpNdzM6j9l6rBSdPSgQO2aenvM8Vz8SOCp8H8qc8sg3WbR6oUpAfCZAcTK%2Frb2m3IgCZtTKXa1VCI4uXCEnbsaXjCaRyAeyMjp5NAtu%2BXMRXMU"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: G0VbZrqscYcfzQHtjaWzbdNnlPqHaWmHTC4vXi_rhNdFCGDIavaQyA==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/jpeg
last-modified: Mon, 28 Dec 2020 06:15:34 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 aa20aecedaf45504122399ad5b5c1de8.cloudfront.net (CloudFront)
cf-ray: 902891a8ed2f5c09-SYD
accept-ranges: bytes
content-length: 5752
x-amz-cf-pop: SIN2-P7
server: cloudflare

GET
H3 200 7f3b10036e676e2ed6f55.png
ozowin.online/media/ 17 KB
18 KB 106ms
104ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/7f3b10036e676e2ed6f55.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3714f591f255a7f3ed5231cfc9adbd4995b4717a835753a6be9b6ec8538e012d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "7db4d11cd2dc37fc3963e1b0d8052b97"
age: 4118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IiIFmwZ2VqAjFjJc4nM3bJOgVoUvTdPDySH9Wup3RoorezvMcYEDkPe2VE%2BNKFq2M2YYc%2BnKqXHRRoeSo%2BzDg4T2lraFmPxs%2F7l7aA7H1K49ucNdqXfc8056T1H3x3YC"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: U_1F16LJVmLAWCNtPMB7DXdUvbjgaw_wq1eGVPDyt-cVK4G1DOgQug==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Fri, 27 Dec 2024 08:19:13 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 4e7ab7d3a1019b0c033068318d72e5ee.cloudfront.net (CloudFront)
cf-ray: 902891a8ed2c5c09-SYD
accept-ranges: bytes
content-length: 17697
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 dc1ba0c2595761f566244.gif
ozowin.online/media/ 893 KB
893 KB 109ms
107ms Image
image/gif 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/dc1ba0c2595761f566244.gif
Requested by: Host: ozowin.online
URL: https://ozowin.online/RFSZ005
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32fb809801117a1e40e95a66afa7ee4b2a26a0f274b78148686868834d93ba87

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

cf-cache-status: HIT
etag: "0e9a1d2fd96770e72798cecf45f6c3c2"
age: 450
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a5VO7IMUzYLcGv%2FYtV9iU2k17rDHjDQo2pefKwQ69mvlYVXKDEGhq7f4oMeJLuMV5iWJkWQ0nv7S0jliyMbG7CKtIUHQNeUUItqD4nKlQZyKNSYHzROORWK5oFL1zO75"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 9acNxklDI_fLJJIfqojv0cO8xPXKh5lrA3Gp5KtPiRkIKHQGcpKF-w==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/gif
last-modified: Wed, 11 Dec 2024 08:52:17 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 27f668bcd09435386d2434e95a56f7d6.cloudfront.net (CloudFront)
cf-ray: 902891a8ed2d5c09-SYD
accept-ranges: bytes
content-length: 913977
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 styles.css
ozowin.online/ 426 KB
96 KB 106ms
105ms Stylesheet
text/html 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ozowin.online/styles.css

Requested by

Host: ozowin.online
URL: https://ozowin.online/mobile/app.js?v=5257

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3610fe232ca00af20d8b84ce6d65b0fb8ce1c07143a1f70607ba6cbacb4862

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/RFSZ005

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: zstd
cf-cache-status: HIT
age: 5563
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BI4A%2B77YZjh19e%2Bu7%2FuHk%2BReUzPsNZggMhVVZ1kPvtV5EZF7iSJ%2B4W7UHlrprdjy57Te1th9I%2BzDbZgNebmLMcHx%2FAOIza0LwlN33OwHNrM3trYO7UxAkatkVnTuxLOH"}],"group":"cf-nel","max_age":604800}
cf-ray: 902891aacd345c09-SYD
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 15 Jan 2025 18:48:10 GMT
x-frame-options: DENY

GET
DATA 200
OK truncated
/ 162 KB
162 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://ozowin.online
Referer

Response headers

Content-Type: application/x-font-ttf

GET
H3 200 41da1eb81c57603881f69.png
ozowin.online/media/ 1 KB
2 KB 105ms
104ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/41da1eb81c57603881f69.png
Requested by: Host: ozowin.online
URL: https://ozowin.online/register
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8a6ffbfb9a5d787b5bb27576b9db3870926730abcd12c9519ab3161e8d62b78

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/register

Response headers

cf-cache-status: HIT
etag: "a38342aa78b3922b79e56a032c1bad15"
age: 5563
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=et6FGqfCCGfksaAr8IAua%2Bk0Hk9VdlFBxc7CicNvF%2BXrkKcGbATKHChyZVVt%2BwRXBK5QjZSyr461GD1bUIEs3CiINcSwe8paRCuUVmFf4CJihDTLTFDyELxj7ioVeRVu"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 1Cv4lE0TEn4O1Lq0bhuetkO2pIfs-VXEeAvUKIH9ZNGwaw-HQgQErA==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/png
last-modified: Fri, 13 Dec 2024 11:21:35 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 27f668bcd09435386d2434e95a56f7d6.cloudfront.net (CloudFront)
cf-ray: 902891aadd355c09-SYD
accept-ranges: bytes
content-length: 1448
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 3968005f965764ffb672a.jpg
ozowin.online/media/ 78 KB
79 KB 103ms
102ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ozowin.online/media/3968005f965764ffb672a.jpg
Requested by: Host: ozowin.online
URL: https://ozowin.online/register
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4a3f3d9fe10e2be3e2301812e3df1e01f0f1680d136fc72d17e2e1330b5f17b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/register

Response headers

cf-cache-status: HIT
etag: "8a20723047ecac79ee9b21c2e33037ef"
age: 792
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hA817vbneewKAPaJw%2BOETft6qpRSUm21aOpB8cDbXHlcSPBGKaFooeGPGnudz71Mzd3AwcGeiMaBmx9VRVcF2FhoSs2eRuPJSIVDY3%2F4BK3JXqHkEoeL82LSF3qOH%2BGX"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: U0TsWkuDHCDh2dPG0_ZpIkizm-jmQkTggXMP0m-Le1Krq-UsNDuoLw==
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: image/jpeg
last-modified: Mon, 09 Dec 2024 07:42:09 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 111a6fc31e27faf8cf805a928b2c5d9c.cloudfront.net (CloudFront)
cf-ray: 902891aadd365c09-SYD
accept-ranges: bytes
content-length: 80074
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
109 KB 241ms
241ms Script
application/javascript 142.250.204.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8EL4187HBP&l=dataLayer&cx=c&gtm=45He51e0v9202301260za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8XGL5VR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

83b1344ae583e858ade2aab13fd10252150c153428483211e6215e9389fbe6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 15 Jan 2025 20:20:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111761
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 2933719826787087 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 95ms
95ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2933719826787087?v=2.9.180&r=stable&domain=ozowin.online&hme=1b2b48fb279bc2e2881583cc2153b57f55e340ed882b2c5394167c8bc992d930&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C174%2C177%2C189%2C185%2C186%2C188%2C29%2C101%2C53%2C77%2C187%2C169%2C172%2C182%2C183%2C190%2C132%2C41%2C192%2C193%2C34%2C144%2C15%2C50%2C198%2C197%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C170%2C173%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

fd0705f9d858430e4a9236c6c19b170ff578c98a539e113b5a6e04e6ecfd0560

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-EFmvrY02' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-EFmvrY02' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=70, mss=1232, tbw=70622, tp=65, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: MvUVL++OxFEe43INptwYyWHfunR+MKC578hYZVEn5qMUSVFdYvz1yEOEcVcMmaYTRtzibBjHVfq+3X5g5SdSiw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 14125
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 1309549870163580 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 96ms
95ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1309549870163580?v=2.9.180&r=stable&domain=ozowin.online&hme=1b2b48fb279bc2e2881583cc2153b57f55e340ed882b2c5394167c8bc992d930&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C174%2C177%2C189%2C185%2C186%2C188%2C29%2C101%2C53%2C77%2C187%2C169%2C172%2C182%2C183%2C190%2C132%2C41%2C192%2C193%2C34%2C144%2C15%2C50%2C198%2C197%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C170%2C173%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C204%2C203%2C205%2C210%2C211%2C212%2C208%2C200%2C133%2C165%2C199%2C201%2C123%2C158%2C146%2C152%2C130%2C237%2C117%2C128%2C238%2C167%2C120%2C240%2C168%2C137%2C124%2C155%2C149%2C196%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

32a1813e5516e3ab7b5d5dcc24e119d34e91805674199a5186daaf6013d0718c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-1kb0BoOF' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-1kb0BoOF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=93, rtx=0, c=82, mss=1232, tbw=85838, tp=80, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: tU7HpzYWelnH9KY+LQLYa015yGAffXwE7enOIyrcC7u1Lya6Jt41Av+F92UtWbQ4NTPbOqwIthWTMq7reqspIA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 3147
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 220ms
95ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2933719826787087&ev=CompleteRegistration&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972453794&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=GET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=5066, tp=16, tpl=0, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
200 B 453ms
329ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2933719826787087&ev=CompleteRegistration&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972453794&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=FGET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x056ddbd59bb75a03","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["9440703735997198"]},"debug_reporting":true,"debug_key":"1074079948603671235"}
date: Wed, 15 Jan 2025 20:20:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: aRbooFI8w4Mha/euyj7OvuwvtAClHpfi5ZIzQVz8x3emayDU3pDhQGHUQjHTMxtojxAJmkM4wYLBMfnoASBk9g==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=24, mss=1232, tbw=5978, tp=29, tpl=0, uplat=235, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 220ms
95ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2933719826787087&ev=Purchase&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972453799&cd[value]=10&cd[currency]=AUD&sw=1600&sh=1200&v=2.9.180&r=stable&ec=1&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=GET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=5226, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 473ms
349ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2933719826787087&ev=Purchase&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972453799&cd[value]=10&cd[currency]=AUD&sw=1600&sh=1200&v=2.9.180&r=stable&ec=1&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=FGET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3ab1878302a0f5a8","source_keys":["1"]},{"key_piece":"0x70f12437e92b1f47","source_keys":["2"]}],"aggregatable_values":{"1":10922,"2":6826},"aggregatable_source_registration_time":"exclude","filters":{"3":["28583498444598787"]},"debug_reporting":true,"debug_key":"786968977415716543"}
date: Wed, 15 Jan 2025 20:20:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: BvWxNp2BJYlfT21xFzVycjhhh4tk+UKFoOu3NxcG6dXXX+bFVoiNVQM8XjG1cd0Q26aeWdbJNGwb4qVjJ5HX/Q==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=24, mss=1232, tbw=11802, tp=35, tpl=0, uplat=255, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 1637100607055921 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 96ms
95ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1637100607055921?v=2.9.180&r=stable&domain=ozowin.online&hme=1b2b48fb279bc2e2881583cc2153b57f55e340ed882b2c5394167c8bc992d930&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C174%2C177%2C189%2C185%2C186%2C188%2C29%2C101%2C53%2C77%2C187%2C169%2C172%2C182%2C183%2C190%2C132%2C41%2C192%2C193%2C34%2C144%2C15%2C50%2C198%2C197%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C170%2C173%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C204%2C203%2C205%2C210%2C211%2C212%2C208%2C200%2C133%2C165%2C199%2C201%2C123%2C158%2C146%2C152%2C130%2C237%2C117%2C128%2C238%2C167%2C120%2C240%2C168%2C137%2C124%2C155%2C149%2C196%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

10792106f3f6be8182b8d14fc49706bb80ecf974702b428aa7764f84344309d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-juCCIiFW' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-juCCIiFW' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=85, mss=1232, tbw=89822, tp=85, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: /UGMqrXOJFMrFtzUM3mnSnal1Akg122siu5cSu0NVb6LMwxjVJ7cn0EdmQgeQN+W79zE4SyTTZGCSfEEzXO6KA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 3148
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 110ms
94ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2933719826787087&ev=PageView&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972453906&sw=1600&sh=1200&v=2.9.180&r=stable&ec=2&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=GET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=4746, tp=14, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 15 Jan 2025 20:20:53 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 363ms
347ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2933719826787087&ev=PageView&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972453906&sw=1600&sh=1200&v=2.9.180&r=stable&ec=2&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=FGET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' connect.facebook.net 'nonce-AT41nnwh' 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Jan 2025 20:20:54 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' connect.facebook.net 'nonce-AT41nnwh' 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: 6jSXki75IIsCuMkNATjbM9XZrG4GJ0Rt30ch/Y9VpqF/tmTJq40tOfY145Fq2oJsbplIG1HgurN0cWUknf39hg==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=24, mss=1232, tbw=9434, tp=33, tpl=0, uplat=252, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 94ms
94ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1309549870163580&ev=PageView&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972453907&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=GET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=24, mss=1232, tbw=5578, tp=24, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 15 Jan 2025 20:20:54 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 285ms
284ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1309549870163580&ev=PageView&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972453907&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=FGET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' connect.facebook.net 'nonce-8xDA3Exg' 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Jan 2025 20:20:54 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' connect.facebook.net 'nonce-8xDA3Exg' 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: L6V+Rdd/4+mBxRUJO/Bym1KRev4tbqFcA8dT4eTkx+/X2QCkMp891K1H54IGmV4JhS2Aaznf/u3rFLArekFK5g==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=24, mss=1232, tbw=12426, tp=36, tpl=0, uplat=190, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 96ms
96ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1637100607055921&ev=PageView&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972454009&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=GET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=24, mss=1232, tbw=5770, tp=26, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 15 Jan 2025 20:20:54 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 287ms
287ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1637100607055921&ev=PageView&dl=https%3A%2F%2Fozowin.online%2Fregister&rl=https%3A%2F%2Fernus-dop.com%2F&if=false&ts=1736972454009&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=4126&fbp=fb.1.1736972453792.884745727763286132&ler=other&cdl=API_unavailable&it=1736972453673&coo=false&rqm=FGET

Requested by

Host: ozowin.online
URL: https://ozowin.online/register

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Jan 2025 20:20:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ItrKw1Ru+N5luGE1VEIfqPX6Xp2WY8RCHWzRNXHaR6rDtSbV2fJvBYu21im+4ZjrLYXm//+WUNi5mC24FCZR4g==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=24, mss=1232, tbw=14074, tp=39, tpl=0, uplat=192, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 575ms
242ms Fetch
text/plain 142.250.66.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8EL4187HBP&gtm=45je51e0v9202529289z89202301260za200zb9202301260&_p=1736972452249&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&cid=1876853437.1736972454&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736972454&sct=1&seg=0&dl=https%3A%2F%2Fozowin.online%2Fregister&dr=https%3A%2F%2Fernus-dop.com%2F&dt=OZOWIN%20-%20OZ%20Best%20Online%20Casino%2C%20Better%20Odds%2C%20Bigger%20Win!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3106
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8EL4187HBP&l=dataLayer&cx=c&gtm=45He51e0v9202301260za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s15-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ozowin.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 15 Jan 2025 20:20:54 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 e54c7f32b3676b7b0422b.jpg
ozowin.online/media/ 57 KB
57 KB 104ms
103ms Other
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ozowin.online/media/e54c7f32b3676b7b0422b.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6e3ddebb76647b19b99c88f33e5d92855d2b159f3de2356f17299605c2765c

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/register

Response headers

cf-cache-status: HIT
etag: "d8e2d0528dc4938501253157c768f4e0"
age: 2918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ErPIL8LeSgh3pMXe8Q1eIKh6UTEO0EqHgRI6rPJPQf3RigHCoN3wxUMZWZU2ugvvM4%2BYJ3NG8%2FMWpD8K6%2BLtjK0sRVKvlG1HmTeNPHgOOZrPXGG95T5yQJdCYkSQrOy"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: UnYci_nNRwVIQQ4Z0_HImff8rESzweM8S_6Ah-h8N80DKO3XaSoX0A==
date: Wed, 15 Jan 2025 20:20:54 GMT
content-type: image/jpeg
last-modified: Thu, 19 Dec 2024 05:42:24 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 9a4e915f3a0228d45d0c5671557c0de8.cloudfront.net (CloudFront)
cf-ray: 902891afdd445c09-SYD
accept-ranges: bytes
content-length: 58210
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 194ms
194ms Fetch
text/plain 142.250.66.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8EL4187HBP&gtm=45je51e0v9202529289za200zb9202301260&_p=1736972452249&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&cid=1876853437.1736972454&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1736972454&sct=1&seg=0&dl=https%3A%2F%2Fozowin.online%2Fregister&dr=https%3A%2F%2Fernus-dop.com%2F&dt=OZOWIN%20-%20OZ%20Best%20Online%20Casino%2C%20Better%20Odds%2C%20Bigger%20Win!&en=scroll&epn.percent_scrolled=90&_et=6&tfd=8121
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8EL4187HBP&l=dataLayer&cx=c&gtm=45He51e0v9202301260za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s15-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ozowin.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ozowin.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 15 Jan 2025 20:20:59 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ozowin.online/	1970-01-21 04:39:08	Name: _fbp Value: fb.1.1736972453792.884745727763286132
.ozowin.online/	1970-01-21 12:05:32	Name: _ga Value: GA1.1.1876853437.1736972454
.ozowin.online/	1970-01-21 12:05:32	Name: _ga_8EL4187HBP Value: GS1.1.1736972454.1.0.1736972454.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ernus-dop.com/zclkvisitor/34f69513-d37e-11ef-9f8c-0affdcd764f1/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f20c19f0-c428-11ef-9507-12832fc4c381 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D00A43D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
deprecation	error	URL: https://ozowin.online/mobile/app.js?v=5257(Line 5) Message: Listener added for a 'DOMSubtreeModified' mutation event. Support for this event type has been removed, and this event will no longer be fired. See https://chromestatus.com/feature/5083947249172480 for more information.
recommendation	verbose	URL: https://ozowin.online/register Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d38psrni17bvxu.cloudfront.net
ernus-dop.com
fonts.googleapis.com
fonts.gstatic.com
o.alicdn.com
ozowin.online
portalsfailover.winzip.fr
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.21.112.1
108.158.29.87
142.250.204.8
142.250.66.227
142.250.66.238
142.250.71.74
157.240.8.23
157.240.8.35
185.53.177.72
35.171.240.102
47.246.42.231
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
04ddfdf5381204e9e95166be6d3e979f21ca14186ff85ecb40ffa5ff5fe6abbc
085c5dd455083c13d1f1bed4cff707a0eb548ba6932816e84dbcc2521fb671ca
08838c53cb5356f6bff8aac4144c2c0cc40a3b69f56e09e75849c99a7b77a1a2
0e2c1e9477e4eafcd124930f7623c5bfdd6df4c9e35678495186097bf2248b1d
0efb293e15cd30d46cfc5c2acda98f4f34fd83ce06194fbfc3aea69d17046652
10792106f3f6be8182b8d14fc49706bb80ecf974702b428aa7764f84344309d6
10b7b7d8eca24fb27201fa774466ce80b99259aa75667cfe4501179c67c5d56e
32a1813e5516e3ab7b5d5dcc24e119d34e91805674199a5186daaf6013d0718c
32fb809801117a1e40e95a66afa7ee4b2a26a0f274b78148686868834d93ba87
3714f591f255a7f3ed5231cfc9adbd4995b4717a835753a6be9b6ec8538e012d
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
54536ef1791134c345fd1d7b264c675bb30dee22d74102dd84eea00fcefc0e5d
64429d2a6fa183bab8b0d6d737f4f2965acf02d902925266fe38bf7b3fac8d99
660b12437b1d747e3e68b8be0685c08cb728140110ad213f167b14b66f8b1d8e
6c3610fe232ca00af20d8b84ce6d65b0fb8ce1c07143a1f70607ba6cbacb4862
6f6e3ddebb76647b19b99c88f33e5d92855d2b159f3de2356f17299605c2765c
70c11ff6a95e35a91e33456b937694b393104f9b9a8e7f04009e5357a8bf57bc
7dcb250da41117750f8caff06446cefcf428f2840b70c0361e9af3c0f569001b
83b1344ae583e858ade2aab13fd10252150c153428483211e6215e9389fbe6c8
8903561af70a865979d1886a9fde66db54207e3d00f59c58fab690eb1daf6f1d
9c7df84fd5a72b6723c6490c258c2a7ae1654a766710edd2dbd478ae68d1ac88
a02acce44f2c6df068972d20e54f5b2632f994db79a2ed7f907fd378033411ef
a0493b4dab9736db6e839bd56f88c8a04c105e04f8ec14f6056c4e60f1608c87
a4a3f3d9fe10e2be3e2301812e3df1e01f0f1680d136fc72d17e2e1330b5f17b
a77665e948cecc3c43f32ea84216db8be9b1bb09c9190f2c428fbcaf9f2fa2ce
a8e29918d098b2b06e1012bdaeffb4aec0445c5d5654709023e0bd1f442a80e8
a95de22f3c6203996be537135f9af005560c4f90210df2e75a73cfa87e65fbd4
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c77f4ea2f62778973346617ec829bae202eeee124d44a4d5e0b1f9a5d184291a
cae6ec47a1a1c80625cbcc64e3395fcb8ff21a3eebbd1b3a350cdb12531e2be3
d8fcab4151c1d4d045b9a7ce22e4177b193569d0ee04ce848a1199cdb21de39f
da19821a9bb3fb06dab3ca76aa72dc4447da632b431cd50d5e1b0d1991c01155
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48f63bfa6ebbefccd463e12aec4db5e096892331ababae7318f64e990eea46f
f8a6ffbfb9a5d787b5bb27576b9db3870926730abcd12c9519ab3161e8d62b78
fd0705f9d858430e4a9236c6c19b170ff578c98a539e113b5a6e04e6ecfd0560

ozowin.online Open in urlscan Pro 104.21.112.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

0 %IPv6

11 Domains

11 Subdomains

12 IPs

4 Countries

2451 kBTransfer

5410 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ozowin.online Open in urlscan Pro
104.21.112.1 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

12
IPs

4
Countries

2451 kB
Transfer

5410 kB
Size

3
Cookies

51 HTTP transactions
1 data transactions