i7265706f727473o6f6673746564o676f76o756bz.oszar.com Open in urlscan Pro
104.21.53.240 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/
Submission: On November 22 via api (November 22nd 2024, 6:03:25 am UTC) from US — Scanned from US

Summary HTTP 20 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 20 HTTP transactions. The main IP is 104.21.53.240, located in and belongs to CLOUDFLARENET, US. The main domain is i7265706f727473o6f6673746564o676f76o756bz.oszar.com.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.

This is the only time i7265706f727473o6f6673746564o676f76o756bz.oszar.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

	IP Address		AS Autonomous System
1 17	104.21.53.240 104.21.53.240		13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2

17 104.21.53.240 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

i7265706f727473o6f6673746564o676f76o756bz.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	oszar.com 1 redirects i7265706f727473o6f6673746564o676f76o756bz.oszar.com i6d617073o676f6f676c6561706973o636f6dz.oszar.com Failed	85 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
20	3

	Domain	Requested by
17	i7265706f727473o6f6673746564o676f76o756bz.oszar.com	1 redirects i7265706f727473o6f6673746564o676f76o756bz.oszar.com
0	i6d617073o676f6f676c6561706973o636f6dz.oszar.com Failed	i7265706f727473o6f6673746564o676f76o756bz.oszar.com
0	www.googletagmanager.com Failed	i7265706f727473o6f6673746564o676f76o756bz.oszar.com
0	static.cloudflareinsights.com Failed	i7265706f727473o6f6673746564o676f76o756bz.oszar.com
20	4

This site contains links to these domains. Also see Links.

Domain
i777777o676f76o756bz.oszar.com
i777777o636f6d706172652d7363686f6f6c2d706572666f726d616e6365o73657276696365o676f76o756bz.oszar.com
i636f6e74616374o6f6673746564o676f76o756bz.oszar.com
i777777o6e6174696f6e616c6172636869766573o676f76o756bz.oszar.com
www.oszar.com

Subject Issuer	Validity	Valid
oszar.com WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/
Frame ID: 5745F64A013614D77B27061C439B77CD
Requests: 18 HTTP requests in this frame

Frame: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: E36F4F757A02367970325B7FBA17BFD7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Find an Ofsted inspection report

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

85 kB
Transfer

230 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://i777777o676f76o756bz.oszar.com/government/organisations/ofsted
Title: Inspection guidance and news

Search URL Search Domain Scan URL

URL: https://i777777o676f76o756bz.oszar.com/government/organisations/ofsted/about/statistics
Title: Find Ofsted data and statistics

Search URL Search Domain Scan URL

URL: https://i777777o636f6d706172652d7363686f6f6c2d706572666f726d616e6365o73657276696365o676f76o756bz.oszar.com/
Title: Compare schools and colleges

Search URL Search Domain Scan URL

URL: https://i777777o676f76o756bz.oszar.com/get-childcare
Title: Get childcare: step by step

Search URL Search Domain Scan URL

URL: https://i777777o676f76o756bz.oszar.com/government/publications/ofsted-privacy-notices
Title: Ofsted's privacy notices

Search URL Search Domain Scan URL

URL: https://i636f6e74616374o6f6673746564o676f76o756bz.oszar.com/contact-form
Title: Contact us

Search URL Search Domain Scan URL

URL: https://i777777o6e6174696f6e616c6172636869766573o676f76o756bz.oszar.com/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/
Title: © Crown copyright

Search URL Search Domain Scan URL

URL: https://www.oszar.com/
Title: OSZAR »

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/ 20 KB
7 KB 25916ms
25750ms Document
text/html 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

a82072b22a088a91bcd133b6906d99a1c74eef88cd19736b3b5cc290b5a2372d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 284
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8e66b69fa81c2c8e-DFW
content-encoding: zstd
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
content-type: text/html; charset=UTF-8
date: Fri, 22 Nov 2024 06:03:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6g36hNjismkdOosAcJ23ruNA9sweEHmVfk18Kf1Lf5VFS9ifsoVndgieYK7ZOC8rUFzlMqIfynOWDkCoU8B3feAvoTlOYTGz7gKMiUPbUQAsbtrEujQfgcT84vGHr4X8USTnFYSVg9MzlImM4qiTvIWBZP1tRTGEruHZDk5gMVH1gNl6VM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=14172&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4001&recv_bytes=2411&delivery_rate=306714&cwnd=236&unsent_bytes=0&cid=e97e0ad74061418f&ts=25758&x=0"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Cookie,Accept-Encoding
via: 1.1 i3065663062343736393464666363626664396462373639346132643661306665o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
x-amz-cf-id: -n0u_qoOoXa7Ll4yMAfdknR9faVAmu_jmsDyQHMWbsyx90v0yl8CKA==
x-amz-cf-pop: IST50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.2.18
x-xss-protection: 0

GET
H2 200 style.css
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/css/ 57 KB
11 KB 239ms
236ms Stylesheet
text/css 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/css/style.css

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

d3b98b31d0ea5ad101f649362e5ab0ce887914a696c2d23205f3af210f55034d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633b0-e55b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Nq2u0q9sUkVcKwq8%2FzmKaMqt%2BqBAX4z2rmZscUROOBBSLmxKCS44jMmM%2F61YRqhuOw3rJPgjWPAdGGyQytPyG9PAqvPrQZDpBhRkcGuw0lTyTXRHS3c99ssu%2FsHAppHc%2Fd9miO4E5UnN%2FhodQS4Jf2DL3kOQWwhhCYQZrdvle1I9jdA3Ts%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 18:54:06 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: zQOl5bWSw76Mz018P-N3IkoCwVWmgwWm5ni3nAE8lIlRyPHDKDHn4g==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: text/css; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14158&sent=60&recv=34&lost=0&retrans=0&sent_bytes=47350&recv_bytes=3675&delivery_rate=678447&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26023&x=0"
via: 1.1 i6430393138326364383939313432313766356131336533323134633934303736o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b740fd6f2c8e-DFW
accept-ranges: bytes
content-length: 11022
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 accessible-autocomplete.min.css
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/css/ 2 KB
1 KB 198ms
196ms Stylesheet
text/css 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/css/accessible-autocomplete.min.css

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

87dcf8755841a065483c282796219a2568d745d482b54d7743c9768d29f4b619

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633c3-789"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkjZQiUWLKHDsQ2olmHYptjD71ehRjJDzKkees8NkarBUMC6PWMhOJaulQgIlc4WF4lPKhmGusDr8YdGkp7lgWXOvrB%2FAr9sKANAsGpVTkEeqyDB7Wej5KVxDB6G5ED1864RKlv7uk%2Fkn78SQxfrYxnxOkwoLizyTN94Aki2O5pSdy3lAIw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 23:10:21 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: MXA8fNN3Zc-zGq8Cou5RofdRGG9QtKhdCMvw4c_htN8bIsEqsg3RuA==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: text/css; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14159&sent=32&recv=30&lost=0&retrans=0&sent_bytes=13298&recv_bytes=3675&delivery_rate=678447&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26013&x=0"
via: 1.1 i3330306235363862646435623434616166633033663866663462393437343636o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b740fd742c8e-DFW
accept-ranges: bytes
content-length: 684
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 logo.svg
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/images/ 3 KB
2 KB 192ms
191ms Image
image/svg+xml 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/images/logo.svg

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

8f1d68fd9c18c7bbb9b00f573daac9f7b3c7bad976f17072271345448ecb47ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633b0-d0a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FFwQdFPQAy3YVg6ok33io18NB%2BZxABOy2rYcufvsbh6bpyFuqJFXj4VJf6obqz8ZQsjbJW4v2ypRpaVe1%2Bjq6lzp%2B2aN9RtTPUqNmGdq2PNVU3en05O35dYHa04V04JpeMrzxxQ%2Fv5Cb3BNlFHnxtJ%2FeQRcEna4%2FYQSb7X67n3Dd0saoykE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 18:54:07 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: uR6fhxUaqKLRyQUPdjiEVU9k5HnVkRbabFlBFXqwGIAga-Nano6pQQ==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: image/svg+xml
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14159&sent=28&recv=30&lost=0&retrans=0&sent_bytes=10905&recv_bytes=3675&delivery_rate=678447&cwnd=4&unsent_bytes=0&cid=e97e0ad74061418f&ts=26007&x=0"
via: 1.1 i3039336532303562303164626434656261383266316438396161376536376563o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b740fd762c8e-DFW
accept-ranges: bytes
content-length: 1586
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 jquery-3.6.3.min.js Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ 88 KB
31 KB 198ms
197ms Script
application/javascript 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/jquery-3.6.3.min.js

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

448ef0632211ba18d7c1557a6d22250820ac3b4465ba2e73b7137f4dc4a31a12

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633c3-15f5b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=STsSljO3MD7WbX5kb8PU0YcZGjddMnNr4Fq9yUtbzBV%2Bnz%2FjyZJZknDdPQOVJC8AkQPZfY8%2F2nNMVCar7A2DHZMeux1W7TMmpR2mjEcMM3%2Fn8QxJeskDUzfg7tZEQxy4vmwi21Zbr2oo7D41%2BK3wNyER4OeJERG%2Bz%2FNto2jChNuazfw3V1c%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 23:10:21 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: SsUisBTtbqBQLDM8rHnTi-klNz9svnwQnZUIsi8bbUeD6S9q_qGjdA==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: application/javascript; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14159&sent=35&recv=30&lost=0&retrans=0&sent_bytes=14698&recv_bytes=3675&delivery_rate=678447&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26014&x=0"
via: 1.1 i3065663062343736393464666363626664396462373639346132643661306665o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b740fd772c8e-DFW
accept-ranges: bytes
content-length: 31118
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 ofsted.core.js Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ 899 B
1 KB 232ms
229ms Script
application/javascript 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ofsted.core.js

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

8903956e979a5d13369001ca22034e6fc34283f9023cef8631e514c6cfcff06a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "673633c7-384"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OeuNYjEXS1WcrUJINWdFYXKwbyQV%2FCMWUtOtY0PzFwdkvd9tOhbiV6h8R5CrXllaaQMyFRGcD0og5CTL3e2iqH44WBbVqRltOA1buwrTA5inhCIEymUlto1KW9PD21m4sJuf%2BcEnksVoLTo2a47x%2FrGZkGLckN7p1UZbZ3eEk3vF3Dc2NRw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 23:10:21 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NRrQNyjUrjESutoGzerScXPLv6cSt8wZcx360-PY3g_xSR60Ob8EQA==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: application/javascript; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14168&sent=82&recv=54&lost=0&retrans=0&sent_bytes=67245&recv_bytes=3675&delivery_rate=3438140&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26044&x=0"
via: 1.1 i3939643765373165303434646230376438353534346536346561376133666336o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b7411da02c8e-DFW
accept-ranges: bytes
content-length: 480
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 ofsted.utils.js Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ 12 KB
4 KB 237ms
234ms Script
application/javascript 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ofsted.utils.js

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

30c5089c3494bc5f5f5fbdb69a74403c848fc64f1f710723a29a82766528178d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633c7-2ee2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X5K%2BJtKILWKPr78drWY5xSde0pc56i%2BfIEe0cGEqZSAsHbmMJAfISmmHA9hgF91TpzlbWTNv6s1BQh4otkD4u6TNI8FG%2FJzMwiYpQIR98%2FpazMoxNWF9QXf0w8nzORkzVTmywgOVg5SzS9%2Fye%2BQ5hU7cR0D2gQLlaSGyYJBVEWeJSWDSSqg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 23:10:20 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: gKjQod7qrws01QXKdJdmUY_CIRescyfQTHh52Y6C9Kw3NzjR28NmUA==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: application/javascript; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14165&sent=89&recv=65&lost=0&retrans=0&sent_bytes=72227&recv_bytes=3675&delivery_rate=3438140&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26060&x=0"
via: 1.1 i6561303638646335353936626634353337656365356534393361383532373032o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b7411da32c8e-DFW
accept-ranges: bytes
content-length: 3827
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 ofsted.showhide.js Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ 5 KB
2 KB 226ms
223ms Script
application/javascript 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ofsted.showhide.js

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

8fcc0f1c8dd1c05f3b8e94edf005a36ee503cede5586cb1f61c71bb4b2e8c748

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633c7-1434"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnCTD%2BxBkG9uQB8if5E%2F7bc4BZnk2vZp6CQJJfG8nIt9no3SiBDJmC3yg6dFkdMuTaUpn%2BiwSOQ4%2FFDlNiF62obh%2B4wSNtTJ7km7%2BrtYpw9JP2E4hMDMW7KDxpl7LGPpDNBqFbmuGQ7uAnUYFM8lUs24glMKf2GW4oC2Sof6bx1eq56qRr8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 23:10:21 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: I3PMTzFqAFansbX9xb1napWbtKlNwcPToeA6FQjweJfSl5v4DqAxrg==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: application/javascript; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14166&sent=70&recv=50&lost=0&retrans=0&sent_bytes=59211&recv_bytes=3675&delivery_rate=2185763&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26034&x=0"
via: 1.1 i3065663062343736393464666363626664396462373639346132643661306665o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b7411da52c8e-DFW
accept-ranges: bytes
content-length: 1454
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 ofsted.option-select.js Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ 9 KB
4 KB 232ms
230ms Script
application/javascript 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ofsted.option-select.js

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

db84979ef4fa04764fcea0d4392578838b97edc8e115a5a0398d6debca0a69a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633ca-2596"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GcDTOaNgZ63Np0GaSMHD18GEijjXy9j69mEFmDEJ%2BOq6QZNomdoWezlctW5FEn2U1zKLBFsS7Uk7vHpn46VffvYRMzAx6nX4pwkV%2B%2FizsGpNu0QCzIupJtH5vR0tt6VNpRMtI8B9BXSk4bqiRAtvDm1eLRpt2GIjNN1xv7Vz2dFmaop%2FKyQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 23:10:21 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: tvTMeU4ImSPgukNNOaZ_9_kPndcC0nuy4fBG5qaJUUO5SnK1ApCGFg==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: application/javascript; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14160&sent=84&recv=60&lost=0&retrans=0&sent_bytes=68424&recv_bytes=3675&delivery_rate=3438140&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26049&x=0"
via: 1.1 i6534353631383536633637386332656661383534396264346332346231303734o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b7411da72c8e-DFW
accept-ranges: bytes
content-length: 2877
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 ofsted.autocomplete.js Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ 10 KB
4 KB 228ms
226ms Script
application/javascript 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ofsted.autocomplete.js

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

600bb64510e5dc048042eeabb8346e552c9759b5b72f2f088b16f9c02e98b676

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633c7-26b9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hSDjPBwAa5KCJgXVtlfO4lfTj1zDT8DHZnMdOazW12dNIUevjlsU3zQHT%2Fd4g%2FkYG6bD8vmnzJL5gDLEp6Ck1LA9vV020tb6UjMej1X4quOo%2BhetwMxb180zW1RLWBax6zqEZkWcmQZTNlvmiHW6q5k5PByWHkIMuk8mEkEM6%2FBRyGMloOk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 23:10:20 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: eMxOK-cUpKiK6FeY_DvgBkiwqwzVH3fR0QIp9rS7pe42gqhvWlck9A==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: application/javascript; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14168&sent=77&recv=54&lost=0&retrans=0&sent_bytes=63391&recv_bytes=3675&delivery_rate=3438140&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26042&x=0"
via: 1.1 i6534353631383536633637386332656661383534396264346332346231303734o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b7411da82c8e-DFW
accept-ranges: bytes
content-length: 3069
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 ofsted.cookies.js Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ 3 KB
2 KB 227ms
226ms Script
application/javascript 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ofsted.cookies.js

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

bc388d2535ac56e600bb10780ec9223925103775a13a7c81167f4aac0350bd9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633c3-a8c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CWGbXTjmHEh7ESMP5sYHzyKYFvrDtBj1iTOnMh0Z8Kg%2BqPt6bQEyKEm9BOaVUwK3hKI9aWU25jOjMSa%2BJwAWLfiOVn52LinETSKqWtPqOpiPJAYvZu%2BEWY1lxc%2FpTSvWeFFE2HqUN%2Fif%2FDWGwOvxHxDVd9WI8msXtEH36o8ErFV2N5E9Uxk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 23:10:21 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: uMM6VEEASFpC5VLz8zWM15Qdbum-PrI4lDC3XOzPNkpIzSvVxLBoQg==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: application/javascript; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14166&sent=74&recv=50&lost=0&retrans=0&sent_bytes=61280&recv_bytes=3675&delivery_rate=2185763&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26034&x=0"
via: 1.1 i3065663062343736393464666363626664396462373639346132643661306665o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b7411dab2c8e-DFW
accept-ranges: bytes
content-length: 1088
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 details.polyfill.js Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ 9 KB
3 KB 236ms
235ms Script
application/javascript 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/details.polyfill.js

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

9bfc1b11210ca84e494335a1fe35ef11dc9e9779669090c63162d0d96ff11d66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673633c7-23e4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVu61jo0aItal6Aw%2F%2F%2FFhO7ZM5Wj%2BsUku8JGGIrIHuQq8E52I2LjY4ivoUFgNPRvD%2FPdVeoiuthqp3kFKNNAmstyxprykF8KtEpO5FCHr2G55hHk2CCpauZh55BV1ggUDuTyeMkIuyN2X%2FlK8V4drbwe6T%2FmYM3gvypHO5GyMDrJ4BDUPiY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 23:10:21 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: UNuih3OGB4cao0_djj2TR1FRbMhzuxuTeuMQbc9nDpL-J8aDH2DkKQ==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: application/javascript; charset=utf-8
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=14163&sent=94&recv=68&lost=0&retrans=0&sent_bytes=76841&recv_bytes=3675&delivery_rate=3438140&cwnd=237&unsent_bytes=0&cid=e97e0ad74061418f&ts=26063&x=0"
via: 1.1 i3664613964343430383765616162306262303537653039653630626464303361o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b7413db92c8e-DFW
accept-ranges: bytes
content-length: 2902
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H3 200 govuk-crest.png
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/images/ 4 KB
4 KB 189ms
188ms Image
image/png 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/images/govuk-crest.png

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/css/style.css

Response headers

cf-cache-status: HIT
etag: "673633c7-e00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTEvEmF2oZQCTxBLArFq4SqaX2pF3JGkXXx%2FpxRwikIJCLrpqtFCqZttulenDFnVuwDpegWAMl5EZMI%2Bpxmuq9O5uB3WlDPGvo5AgBk1ZbJp9nBRf%2BqivIYLIw4KdjeLROx%2BLVbLbsA5vR4VLzC6kg0e3duJFvC%2F7IcaWSIKsuTvUPmKKGk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 18:54:15 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: exRwsVGqn8hbn_5tdHhaDyNj9vSoayYvlWsJQT6XxjJ6Y92T2jfzjg==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: image/png
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=56339&sent=21&recv=13&lost=0&retrans=0&sent_bytes=10956&recv_bytes=6414&delivery_rate=9435&cwnd=12000&unsent_bytes=0&cid=11d89158ee5e05df&ts=421&x=1", cfHdrFlush;dur=0
via: 1.1 i3837666437633635323866343861313230303336326365666439646235663830o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b742bd4de722-DFW
accept-ranges: bytes
content-length: 3584
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H3 200 arrows.svg
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/images/icons/ 280 B
1 KB 185ms
185ms Image
image/svg+xml 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/images/icons/arrows.svg

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

d92ef35ad2515769b1ed43ed2460381b4cda4f915684a363c9cac2f0e12691b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/css/style.css

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "673633c3-119"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4J%2FElJDZADRdxxsMk3P3qFv6OVhAj%2F9CnbtFnVufmL6LIB6N1pUHYmZf1u4mX0hlATH0fuTyGGIsZ7BFxzxetCpmGCxw3%2FNdhGky9dHl8AjVJsqQ7rKdKKTa2UAPR259UihcDXUaxB0pR4Fw4KIsyL5tjD2vmUPOfPaCaPWgUxi4oOb%2Bf3A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 18:54:15 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 2sjY5i3AyszR-D8pioY3cHda5Qatbm8XUyg8wMWiFTpfpOT8N2zZ3A==
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: image/svg+xml
vary: Cookie,Accept-Encoding
last-modified: Thu, 14 Nov 2024 17
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' https
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=56339&sent=19&recv=13&lost=0&retrans=0&sent_bytes=9697&recv_bytes=6414&delivery_rate=9435&cwnd=12000&unsent_bytes=0&cid=11d89158ee5e05df&ts=418&x=1", cfHdrFlush;dur=0
via: 1.1 i3235376466383631656563363637393865386631616436313533306663393830o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e66b742bd4ee722-DFW
accept-ranges: bytes
content-length: 204
x-xss-protection: 0
x-amz-cf-pop: IST50-P2
x-powered-by: PHP/8.2.18
server: cloudflare

GET vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H3

200

main.js Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame E36F
Redirect Chain

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

8 KB
4 KB

62ms
61ms

Script
application/javascript

104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

Requested by

Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/

Protocol

Server

104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82ccfff39f0736eb0a10f2bdc03cf7c3119bd5e34132bb22588bed7428a4b041

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9GtGXp0DbPeIj1JkmMY4ieuyWc5673NROs8DjnequNMnYr6o%2BtINEkLCU1Y0TdarLS6boDSg4qn3faf1yFcwBg1%2BJSX%2BZ9mviBqz%2Fkz0dYeoSsAgPXDLZNrlL3QJat8zvoAhnLk0dylPKzm8s0hTs%2BixExDCtryWeMjnDm6oIVaWC0nu9xM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e66b7433dcbe722-DFW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=56339&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5026&recv_bytes=6414&delivery_rate=9435&cwnd=12000&unsent_bytes=0&cid=11d89158ee5e05df&ts=374&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTWX9czfAsHj%2BdR27JDl9CDg%2FJspx8eNXF%2F363JRO8jWS6IFbTQHj3WIDx2MVthL0M1gyuhNusYa80Z%2FGfRPyG4J6j0xNHjAjx9ke7CkkWQFP71nlMp5hZkgB8e5Sgdc2lBgauxhNkys%2Bu4Rw7zse2Bx4P1CJ2tcOPmY3F66qNJj%2BJqMID8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e66b742dd5ce722-DFW
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=53492&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4259&recv_bytes=6100&delivery_rate=354&cwnd=12000&unsent_bytes=0&cid=11d89158ee5e05df&ts=312&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 06:03:21 GMT
vary: Accept-Encoding
server: cloudflare

GET js
i6d617073o676f6f676c6561706973o636f6dz.oszar.com/maps/api/ 0
0

POST
H3 200 8e66b69fa81c2c8e Show response
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E36F 0
1 KB 73ms
66ms XHR
text/plain 104.21.53.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/h/g/jsd/r/8e66b69fa81c2c8e
Requested by: Host: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.53.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0rvyrqL5vnRPb%2FlvLSQmBDCEQXRUwV31RFdx2w3j0mG0q7DDf6r1LuXuDEisfFu0cQykrmP0Gw9ooiGY%2B3dNNaNe%2BqV5%2BK4nPjhemTVJJQP0RWu8JBuk8Kc0N0wZB2lS%2BrmRZT7wiwKAemzihgu7fxBVEiXwlUYq0zSYSSexr8m6c1l5p4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e66b7443e92e722-DFW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=56616&sent=33&recv=33&lost=0&retrans=0&sent_bytes=15817&recv_bytes=24340&delivery_rate=177863&cwnd=12000&unsent_bytes=0&cid=11d89158ee5e05df&ts=544&x=1", cfHdrFlush;dur=0
content-length: 0
date: Fri, 22 Nov 2024 06:03:21 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET favicon.ico
i7265706f727473o6f6673746564o676f76o756bz.oszar.com/images/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ

Domain: i6d617073o676f6f676c6561706973o636f6dz.oszar.com
URL: https://i6d617073o676f6f676c6561706973o636f6dz.oszar.com/maps/api/js?key=AIzaSyACtvaUVzIMIyw0NzZg44xP3tFCPvAH-fY&callback=initMap&libraries=places

Domain: i7265706f727473o6f6673746564o676f76o756bz.oszar.com
URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/images/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.oszar.com/	1970-01-21 09:56:31	Name: cf_clearance Value: QEoVHa4.j1xRzpZDmvPyBCWfwnC2wQ8hYchLtIObyBU-1732255401-1.2.1.1-7zCKSUBMDCn_1bLKNxLL3JVbRQ_bUI969D9fxL.4HR2XSS5QC19qRWc4M5gH5WO0Nko4BNgTPYRs5tay4g4kccA_TpuGT7XvEoj.YGx2KeEMNAVjSV2hoB79.8XDNTHVKfHJ64.rZvP1SjlKUGzZ9hFxOQ.eexPFeBp5wFlZS86p0MCFs7gN8kCeImjzQSV4VJp97CMhueRa3mRwo2PDlgERrea9HxORAn3bammtNixis6lKzyRk1ql9gEftygwkeeP3KiKaSCNJSL.0gWM5zzuGrPE07DwYQ3rp..A4Pg_e7Wwf0us5My0SVIKFVoXkVgHJTtr3HTcGGBSmpSIYPRipEHDW8pAcsfRdzQ3OD6RfnMNc9zyNvgr.1t.oUAFm

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/(Line 306) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-cmWvdnfZDc7pVGqIukPb5D5pWBZpOfvprWtilcZEbJg='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/(Line 307) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-7laNXX9JWIM+aA2p2u03EC5b+4RtNA837riuWnY1zX4='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/(Line 309) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-CAtmRoBp7soYCsH2f9nffdkV32WMW/8eJ8InhaXW71A='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/(Line 316) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-6UhI6rAMReCDzwzckLYpSbldoLtMfALj8Vkv39HMIyY='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/(Line 318) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Hwqwb1MLFNHi2cyLUAOJwwIQ0A9Y/I8ORwCnq11//3o='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/ Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/ Message: Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://i7265706f727473o6f6673746564o676f76o756bz.oszar.com/js/ofsted.utils.js(Line 36) Message: Refused to load the script 'https://i6d617073o676f6f676c6561706973o636f6dz.oszar.com/maps/api/js?key=AIzaSyACtvaUVzIMIyw0NzZg44xP3tFCPvAH-fY&callback=initMap&libraries=places' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-inline' https
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i6d617073o676f6f676c6561706973o636f6dz.oszar.com
i7265706f727473o6f6673746564o676f76o756bz.oszar.com
static.cloudflareinsights.com
www.googletagmanager.com
i6d617073o676f6f676c6561706973o636f6dz.oszar.com
i7265706f727473o6f6673746564o676f76o756bz.oszar.com
static.cloudflareinsights.com
www.googletagmanager.com
104.21.53.240
30c5089c3494bc5f5f5fbdb69a74403c848fc64f1f710723a29a82766528178d
448ef0632211ba18d7c1557a6d22250820ac3b4465ba2e73b7137f4dc4a31a12
600bb64510e5dc048042eeabb8346e552c9759b5b72f2f088b16f9c02e98b676
82ccfff39f0736eb0a10f2bdc03cf7c3119bd5e34132bb22588bed7428a4b041
87dcf8755841a065483c282796219a2568d745d482b54d7743c9768d29f4b619
8903956e979a5d13369001ca22034e6fc34283f9023cef8631e514c6cfcff06a
8f1d68fd9c18c7bbb9b00f573daac9f7b3c7bad976f17072271345448ecb47ae
8fcc0f1c8dd1c05f3b8e94edf005a36ee503cede5586cb1f61c71bb4b2e8c748
9bfc1b11210ca84e494335a1fe35ef11dc9e9779669090c63162d0d96ff11d66
a82072b22a088a91bcd133b6906d99a1c74eef88cd19736b3b5cc290b5a2372d
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
bc388d2535ac56e600bb10780ec9223925103775a13a7c81167f4aac0350bd9d
d3b98b31d0ea5ad101f649362e5ab0ce887914a696c2d23205f3af210f55034d
d92ef35ad2515769b1ed43ed2460381b4cda4f915684a363c9cac2f0e12691b2
db84979ef4fa04764fcea0d4392578838b97edc8e115a5a0398d6debca0a69a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

i7265706f727473o6f6673746564o676f76o756bz.oszar.com Open in urlscan Pro 104.21.53.240 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

75 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

2 IPs

1 Countries

85 kBTransfer

230 kBSize

1 Cookies

8 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

8 Console Messages

Security Headers

Indicators

i7265706f727473o6f6673746564o676f76o756bz.oszar.com Open in urlscan Pro
104.21.53.240 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

85 kB
Transfer

230 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!