urlscan.io logo urlscan.io
SecurityTrails logo

ivifalahiv.rostfoods.sbs Open in urlscan Pro
172.67.184.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534
Effective URL: https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
Submission: On August 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 172.67.184.146, located in United States and belongs to CLOUDFLARENET, US. The main domain is ivifalahiv.rostfoods.sbs.
TLS certificate: Issued by WE1 on July 16th 2024. Valid for: 3 months.
This is the only time ivifalahiv.rostfoods.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 155.254.194.249 398343 (BAXET-GROUP)
1 1 172.67.139.192 13335 (CLOUDFLAR...)
7 172.67.184.146 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 172.67.150.30 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
15 5
1    155.254.194.249 (Baku, Azerbaijan)

ASN398343 (BAXET-GROUP, US)
vaultdores.com
1    172.67.139.192 (United States)

ASN13335 (CLOUDFLARENET, US)
clevernote.store
7    172.67.184.146 (United States)

ASN13335 (CLOUDFLARENET, US)
ivifalahiv.rostfoods.sbs
1    2607:f8b0:4004:c1f::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    172.67.150.30 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-elevostra.com
event.trk-elevostra.com
2    2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 rostfoods.sbs
ivifalahiv.rostfoods.sbs
44 KB
4 trk-elevostra.com
trk-elevostra.com — Cisco Umbrella Rank: 357103
event.trk-elevostra.com — Cisco Umbrella Rank: 369321
3 KB
2 gstatic.com
fonts.gstatic.com
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 clevernote.store
clevernote.store
628 B
1 vaultdores.com
vaultdores.com
581 B
15 6
Domain Requested by
7 ivifalahiv.rostfoods.sbs vaultdores.com
ivifalahiv.rostfoods.sbs
3 event.trk-elevostra.com trk-elevostra.com
2 fonts.gstatic.com fonts.googleapis.com
1 trk-elevostra.com ivifalahiv.rostfoods.sbs
1 fonts.googleapis.com ivifalahiv.rostfoods.sbs
1 clevernote.store 1 redirects
1 vaultdores.com
15 7

This site contains no links.

Subject Issuer Validity Valid
vaultdores.com
R11		 2024-06-14 -
2024-09-12		 3 months crt.sh
rostfoods.sbs
WE1		 2024-07-16 -
2024-10-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
trk-elevostra.com
WE1		 2024-06-13 -
2024-09-11		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
Frame ID: 5B63354D3F8EB901892590733A9127CA
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your membership has expired!

Page URL History Show full URLs

  1. http://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534 HTTP 307
    https://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534 Page URL
  2. https://clevernote.store/?id=209&s1=351518&s2=1211658495&s3=6551&p=us5mbshpcos7b HTTP 302
    https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

15
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

79 kB
Transfer

166 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534 HTTP 307
    https://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534 Page URL
  2. https://clevernote.store/?id=209&s1=351518&s2=1211658495&s3=6551&p=us5mbshpcos7b HTTP 302
    https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534 HTTP 307
  • https://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1265-6706-20534
vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/
Redirect Chain
  • http://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534
  • https://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534
143 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.254.194.249 Baku, Azerbaijan, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 01 Aug 2024 06:40:27 GMT
server
nginx/1.12.2
strict-transport-security
max-age=16000000; includeSubDomains; preload;
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Location
https://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
ivifalahiv.rostfoods.sbs/
Redirect Chain
  • https://clevernote.store/?id=209&s1=351518&s2=1211658495&s3=6551&p=us5mbshpcos7b
  • https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
Requested by
Host: vaultdores.com
URL: https://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21263b359c2c654a808001f7639a04d6261fa95e4c70fa5788a22edb898fe85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vaultdores.com/0/0/0/53019398480a5e4946fec7c5335e1952/9/255-15170/1265-6706-20534
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ac3d642cd487baf-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 01 Aug 2024 06:40:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6qwZ8I6%2FwM37ck1tFms8ipIJgS0qIq%2BirgzxhnEYq8VPOBRl%2FFSDl7yL6nVq%2BPjQbgNF78LZUjLP3Qj4OZlSbIzC%2F6qGR%2BKu7EhMLcyPzrfR6xV0BON8viXS3MlBWOL3%2BrxnIFvLuDtwe0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8ac3d6402d682b57-LAX
content-type
text/html; charset=UTF-8
date
Thu, 01 Aug 2024 06:40:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1i%2BPDtHpw7NlZghkN7C1c%2BPzr2Nu2LBXzai2JpFrhrJa59ZS3ZpH3LM4fCQkZvgo0RDoGcc1f%2Fqvt8IxPtCy5AambgLLf6soUxRQNRunl%2BQlH1Iu1GuTmNz1AuocWfSlBCf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
styles.css
ivifalahiv.rostfoods.sbs/master/us185/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ivifalahiv.rostfoods.sbs/master/us185/styles.css
Requested by
Host: ivifalahiv.rostfoods.sbs
URL: https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bf2e6fa3deee7878fa903277b064dadd5cb0a898e8dd4cc7e280526f6d646df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 06:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47346
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 May 2024 20:32:25 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BlZ4BvXaV955eNO%2Baw8DdmYZ%2FUnwCELg3BwaE9u5o2FzCe3%2BllYqyI603bzAm2J7%2BCmAVZt4Ywj2oCMA5QmNzD7QcINJBIwpIcK2YLKcVWWC8Yo4vFybb4SLW8tJwfEUKBlpLTcBA7Yl10%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8ac3d644af0e7baf-LAX
expires
Wed, 07 Aug 2024 17:31:22 GMT
animate.min.css
ivifalahiv.rostfoods.sbs/master/us185/ 		57 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ivifalahiv.rostfoods.sbs/master/us185/animate.min.css
Requested by
Host: ivifalahiv.rostfoods.sbs
URL: https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 06:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47346
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 May 2024 20:32:24 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dO3HqWPH2UaPvN0xVJ2GxnfbHuUGFjBhuvj4kdWaAmgE96r8jehcGtDyQFn3vSF7yBg5hIepzm8FrWgq9CDZnv8LZ7C3LpvQemdnnfXp%2BOrgabWhK3yKvdatUvTRsTqWc%2B5i4wqGq9MJ9zE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8ac3d644af0f7baf-LAX
expires
Wed, 07 Aug 2024 17:31:22 GMT
msg.js
ivifalahiv.rostfoods.sbs/inc/ 		943 B
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ivifalahiv.rostfoods.sbs/inc/msg.js?ebb4e794fc7799d08cafeb46cadc03d0
Requested by
Host: ivifalahiv.rostfoods.sbs
URL: https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f7dd15af70121da291e6df75452886b47a5d0e074f2ed422be30e8ec5d9671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 06:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jun 2024 16:01:34 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2XydnXYKyplhjQ7yGpz5l5NmK%2BPkY8GkJxnQemDVLG1aot2ou7ITpjTxLu33LRmbnIH6HTJRemDLDdlUbxOjYGCJcQUX3kusywtXWfhk6Xyq79YUUVDrHgZaX3jtZPBu4EpWJ2WgbSUhfjI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8ac3d644af107baf-LAX
expires
Thu, 08 Aug 2024 06:40:29 GMT
cwww.png
ivifalahiv.rostfoods.sbs/master/us185/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivifalahiv.rostfoods.sbs/master/us185/cwww.png
Requested by
Host: ivifalahiv.rostfoods.sbs
URL: https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f0dd4cb264b245704cfc1d5f8a0ca528f4df785d91fbbfc3985fa8ad6e7136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 06:40:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47346
alt-svc
h3=":443"; ma=86400
content-length
5802
x-xss-protection
1; mode=block
last-modified
Fri, 24 May 2024 21:50:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cf1Nx2hDzphQfdgsI7EvPwVZixLFfT9plqlhqTunP9xgodeWvqe3OtFS50S6uFnrOnGL4INEobbPl1ItLpwn5UtxUqYRSyleUuiumeniaEwoXzEdBxIVVkTPgq7PX7WD9wOfI3pqmPpuCog%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8ac3d644af127baf-LAX
expires
Wed, 07 Aug 2024 17:31:22 GMT
cww.png
ivifalahiv.rostfoods.sbs/master/us185/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivifalahiv.rostfoods.sbs/master/us185/cww.png
Requested by
Host: ivifalahiv.rostfoods.sbs
URL: https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7ced9feeae8c4156d6139462581800c2788fbdb54f6d657f689d9ccb68bf5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 06:40:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47345
alt-svc
h3=":443"; ma=86400
content-length
27424
x-xss-protection
1; mode=block
last-modified
Fri, 24 May 2024 21:43:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6Q0HyMzVgvKKZaSydKrAc2xlH4GJ6IVkpDU5n%2BFVAh9TF1DnGTU%2F0vWEo9ZjcphtAkgkfbfKy8%2BWOJY4rguI1KHQ%2Bm68ThCc74DeyF1x4SeUSjOR6s%2F3E1hnONYhcK6%2FHi0j1mLqT55aSo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8ac3d644af157baf-LAX
expires
Wed, 07 Aug 2024 17:31:23 GMT
css2
fonts.googleapis.com/ 		30 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap
Requested by
Host: ivifalahiv.rostfoods.sbs
URL: https://ivifalahiv.rostfoods.sbs/master/us185/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c7510cd1ecdcdbaf8d47f7e32f1ef6d2606f379c10cc95581e302cb148d95a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Aug 2024 06:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 05:41:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Aug 2024 06:40:29 GMT
v9e118mez8
trk-elevostra.com/scripts/push/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-elevostra.com/scripts/push/v9e118mez8
Requested by
Host: ivifalahiv.rostfoods.sbs
URL: https://ivifalahiv.rostfoods.sbs/inc/msg.js?ebb4e794fc7799d08cafeb46cadc03d0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 06:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5094
alt-svc
h3=":443"; ma=86400
content-length
2519
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Aug 2024 05:15:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvuAekndcCFra6%2Bn%2FEH%2FjLlWRCVLB9DnfgU3chODN1Pi8LepuXAU%2F%2BvKZ0cz%2FtZKt1wRfgx3XGLE0cdhCBSO8ru06edxJ9v6ubj0EyXyRVQvmC9bI%2BOg8CzPkxLLHQcqHiLNAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
cf-ray
8ac3d648dd537bf7-LAX
expires
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivifalahiv.rostfoods.sbs
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 00:24:09 GMT
x-content-type-options
nosniff
age
22580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 00:24:09 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivifalahiv.rostfoods.sbs
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 10:39:47 GMT
x-content-type-options
nosniff
age
590442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Jul 2025 10:39:47 GMT
favicon.ico
ivifalahiv.rostfoods.sbs/ 		0
509 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ivifalahiv.rostfoods.sbs/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 06:40:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57375
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
last-modified
Tue, 11 Jun 2024 20:46:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrU9pYc8yDcABMj1o6SHK%2BNjY5SeaOKpqCNDQIEGzYSGIok3ulUDULhzrYChzv2knfqY%2BHStvgCeVHNxbZzBipRUC4y8t2dQPEaw1ZT1mmVaEgXKVukDb1WLzXRIw9SoNnxIVkLOMVGEZsI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8ac3d64b6c7e7baf-LAX
expires
Wed, 07 Aug 2024 14:44:14 GMT
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Thu, 01 Aug 2024 06:40:30 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60euHCarwYEW7kr2JfxHj16TTYkCdZCe41fIPni%2BhRx4HdvbJbQjguJzT5Kws6UnqWKWjIEQhucGUfpNZU52nmbJyNq2HvsN371cDYHCLB9jloO0cq%2BubMUPH%2BoM7iA8I2%2B2uILMHEIuXA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8ac3d64f0afa3104-LAX
expires
0
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ivifalahiv.rostfoods.sbs
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ac3d64cd9a53104-LAX
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Thu, 01 Aug 2024 06:40:30 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzAUC7DizKSjr5GF3aYn7rxsJ6wXrotyPGu%2BpMl6wzzsvAOa178yRQbNwjEu3R7%2FJcsIzaMaMKfhKj250cEyybXqd6Kqds2EaJ%2Bkth5M5K1LgmtMucVydHtKz5epbgV8A%2Bcbe0SZMhxhmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivifalahiv.rostfoods.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Thu, 01 Aug 2024 06:40:31 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tn%2Fy1kZFUwYqrLzWUAVUsrPP0qDFOyOdTV7IhXIL%2F0mwt6V3%2FbJEkyEQSHEM3ND64nIU3vfVyXufjatyAfFtLBNpE%2BKFL6NPBH0iPYNd6wc2NB3AwNWLvqHkthRU161%2F315rfbhrRsDX7A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8ac3d656c87e3104-LAX
expires
0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| r string| pr_name string| br_name function| change object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes

3 Cookies

Domain/Path Name / Value
vaultdores.com/ Name: uid6551
Value: 1211658495-20240801024027-f32cc09d51b0bc37ba7131b8ce3b58a3-4032
clevernote.store/ Name: PHPSESSID
Value: 7be5b7915a73662fef3a6a5e0c6267d9
ivifalahiv.rostfoods.sbs/ Name: PHPSESSID
Value: 123c119591b19c22f5d875b7e74ed8db

1 Console Messages

Source Level URL
Text
other error URL: https://ivifalahiv.rostfoods.sbs/?c903a99f7bd6f6b6eaf452fe593839f0
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;