![](/screenshots/3fec8096-bd13-4770-bd21-c4028189e0b5.png)
tr.ansf.shop
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV43...
Submission: On April 01 via manual from DK — Scanned from DK
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 24th 2023. Valid for: a year.
This is the only time tr.ansf.shop was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 35.201.90.210 35.201.90.210 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 2606:4700:303... 2606:4700:3034::6815:3076 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 12 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
11 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 210.90.201.35.bc.googleusercontent.com
dexpredict.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
ansf.shop
3 redirects
tr.ansf.shop |
48 KB |
3 |
dexpredict.com
2 redirects
dexpredict.com — Cisco Umbrella Rank: 241582 |
4 KB |
1 |
gstatic.com
fonts.gstatic.com |
16 KB |
1 |
oxfoadv.store
1 redirects
www.oxfoadv.store — Cisco Umbrella Rank: 712805 |
898 B |
11 | 4 |
Domain | Requested by | |
---|---|---|
12 | tr.ansf.shop |
3 redirects
dexpredict.com
tr.ansf.shop |
3 | dexpredict.com | 2 redirects |
1 | fonts.gstatic.com |
tr.ansf.shop
|
1 | www.oxfoadv.store | 1 redirects |
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-24 - 2024-02-23 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Frame ID: A49DCC17EE6F85201C1CE0763BDB6638
Requests: 11 HTTP requests in this frame
Screenshot
![](/screenshots/3fec8096-bd13-4770-bd21-c4028189e0b5.png)
Page Title
File DownloadPage URL History Show full URLs
- http://dexpredict.com/jump/next.php?r=6265274 Page URL
-
https://dexpredict.com/jump/next.php?stamat=m%257C%252C0t3Fm43KqB1dwP0dEdHP3xP.0d0%252C2t5FkDDYpjxJ...
HTTP 302
https://dexpredict.com/script/i.php?t=1&stamat=m%257C%252C%252Cg2MyojZ7oGU3BP-GH0dEdHP3xP.90c%252Ca... HTTP 302
http://www.oxfoadv.store/?s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98 HTTP 302
http://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010... HTTP 301
https://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010... HTTP 302
http://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=16... HTTP 301
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=16... Page URL
Detected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://dexpredict.com/jump/next.php?r=6265274 Page URL
-
https://dexpredict.com/jump/next.php?stamat=m%257C%252C0t3Fm43KqB1dwP0dEdHP3xP.0d0%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAW3r7LrjuRWUWEvy5IV_ALN&cbpage=http://dexpredict.com/jump/next.php?r=6265274&cbur=0.447118280588499&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
HTTP 302
https://dexpredict.com/script/i.php?t=1&stamat=m%257C%252C%252Cg2MyojZ7oGU3BP-GH0dEdHP3xP.90c%252Cac-ngYFJetsfxN3od57HN08C137gViVEFDfnryyBdKpuXfK5jisyOwhI9sKojhkxjzhuclIL8_4AWfm8hHJegxje2E4b2hCY9FuLYOT_YUkn8l8I7W6c5qmRSqsBiu8xCLX5_tMajIimS_bZ36lwOQ7AxcY_heu6JZhV3ujbgN-YTGrz8NMV3r8Zsra1ODOTimStFdUmdbHBPMcmVLfkBH9JJWSZKMcjG5gpSMl5niHDGSEF46JYEGTsQgy1eUZ0xiwUjRankBVyfRKQGCSOEzo60YJS-tVMLU_94vRLC0NbaDzyGqo-arxU_V9WNQrl2CTMiKvHJi_7iMXtTWvfcek2Iqy55oNj5BMTf7W1ug40ZNSaeEi7XI1XWQmVCpGSE16jKqs18NvSpGAMYKrJmfy52daH8nIZ3gI8y5Mp-6RgqALqwfpurm13617D1bqC55Tmtz8aO_35hILgNKHWSKVKXR5Sqf7ys19l7chSwQxDfoP01if4j_2M5vVDT4iCtzWcy-Fr9f0db5G-RyM4gY86cAdYsqu_RnhC97jE9JY5kC9Ez6mpCUs26GsccfuM5rzH_C-_Z6KMqRSscojRFI94vo6zbx_OyIapRvt17SUwa35RrOOX5WJdFjQFGOzR HTTP 302
http://www.oxfoadv.store/?s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98 HTTP 302
http://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98 HTTP 301
https://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98 HTTP 302
http://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98 HTTP 301
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
next.php
dexpredict.com/jump/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
tr.ansf.shop/oxford/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js.cookie.min.js
tr.ansf.shop/templates/FileDownV2/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.min.js
tr.ansf.shop/templates/FileDownV2/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css2.css
tr.ansf.shop/templates/FileDownV2/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css.min.css
tr.ansf.shop/templates/FileDownV2/css/ |
1 KB 895 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.min.css
tr.ansf.shop/templates/FileDownV2/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
utils.js
tr.ansf.shop/templates/FileDownV2/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
arrow__up.png
tr.ansf.shop/templates/FileDownV2/img/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lp_v4.js
tr.ansf.shop/templates/FileDownV2/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless string| offer_url boolean| blnk function| Cookies object| _$_41fc function| getCookie string| refurl function| createOfferWindow function| detectDevice function| eraseCookie function| getCursorXY function| redirectPage function| modifyTop function| onOfferOpened function| loadError function| loadSuccess function| callInstall object| __offerWindow boolean| postbackInvalid11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.oxfoadv.store/ | Name: uid Value: u803718716428709fb3162212111639 |
|
.tr.ansf.shop/ | Name: vt Value: d4bf59e4a7d372d063299d4ab369913207af844cb7 |
|
.ansf.shop/ | Name: storeid Value: ngdgobnmmlnignedbmofabebpmmnnplc |
|
.ansf.shop/ | Name: refurl Value: http%3A%2F%2Ftr.ansf.shop%2Fverify.php%3Fxx%3D100241%26s%3Da0203fd8fb08f2bc24b4a82cf7489e9729b7%26cid%3D168037187010000TDKTV431193035504V98 |
|
.ansf.shop/ | Name: taskid Value: 100241 |
|
.tr.ansf.shop/ | Name: subid Value: adsn |
|
.tr.ansf.shop/ | Name: uid Value: u80371872642870a05635c645153156 |
|
.tr.ansf.shop/ | Name: ts Value: 5c5d47a00aa4da1926c663eg2q8b0efc5mag3b3m2o |
|
.tr.ansf.shop/ | Name: p Value: 100066 |
|
.ansf.shop/ | Name: rqp Value: %7B%22id%22%3A%221680371872104%22%2C%22v%22%3A%22d4bf59e4a7d372d063299d4ab369913207af844cb7%22%2C%22cid%22%3A%22168037187010000TDKTV431193035504V98%22%7D |
|
.tr.ansf.shop/ | Name: vs Value: tr.ansf.shop |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dexpredict.com
fonts.gstatic.com
tr.ansf.shop
www.oxfoadv.store
2606:4700:3034::6815:3076
2a00:1450:4001:80b::2003
2a06:98c1:3121::3
35.201.90.210
19460d606fd119668b99fc0755f899c81b551404ff26d3549fde6d1e5633013e
3138064ce6d74b3a5fa2aed4f07ea29b2039cb745e94911d829cc6e5ef7fe531
3c655756185194bb230c5d28da0779e7cd00d10611c372b400f65e01545ce549
4399fd13a2b71e3f70846fd5de33d293ecbba9d870115a1fdef53b3a142b62fb
667f0b29ff668bb5066e8f880f26c9bda92645ffa9b6410af847e12a5971c1a6
6a061965d5c113b61e23095d51d454423115fd58bd78035e4a41d70d780aa65c
d092724cabc4718ff06f75c288950da071136321fdef703a57f3a73c2a3292eb
d8c8b30ee082dde1bed0f8e76553af581ed3f2d710ca0a58a9733d65b220dd12
f11bb29130ba9acbf0ef98d75d483c99ed37cde0d082a17fd47659aff0d3ca30
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615