Submitted URL: http://dexpredict.com/jump/next.php?r=6265274
Effective URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV43...
Submission: On April 01 via manual from DK — Scanned from DK

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tr.ansf.shop.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 24th 2023. Valid for: a year.
This is the only time tr.ansf.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 35.201.90.210 396982 (GOOGLE-CL...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 12 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
11 3
Apex Domain
Subdomains
Transfer
12 ansf.shop
tr.ansf.shop
48 KB
3 dexpredict.com
dexpredict.com — Cisco Umbrella Rank: 241582
4 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 oxfoadv.store
www.oxfoadv.store — Cisco Umbrella Rank: 712805
898 B
11 4
Domain Requested by
12 tr.ansf.shop 3 redirects dexpredict.com
tr.ansf.shop
3 dexpredict.com 2 redirects
1 fonts.gstatic.com tr.ansf.shop
1 www.oxfoadv.store 1 redirects
11 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-24 -
2024-02-23
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Frame ID: A49DCC17EE6F85201C1CE0763BDB6638
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

File Download

Page URL History Show full URLs

  1. http://dexpredict.com/jump/next.php?r=6265274 Page URL
  2. https://dexpredict.com/jump/next.php?stamat=m%257C%252C0t3Fm43KqB1dwP0dEdHP3xP.0d0%252C2t5FkDDYpjxJ... HTTP 302
    https://dexpredict.com/script/i.php?t=1&stamat=m%257C%252C%252Cg2MyojZ7oGU3BP-GH0dEdHP3xP.90c%252Ca... HTTP 302
    http://www.oxfoadv.store/?s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98 HTTP 302
    http://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010... HTTP 301
    https://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010... HTTP 302
    http://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=16... HTTP 301
    https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=16... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

91 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

65 kB
Transfer

83 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dexpredict.com/jump/next.php?r=6265274 Page URL
  2. https://dexpredict.com/jump/next.php?stamat=m%257C%252C0t3Fm43KqB1dwP0dEdHP3xP.0d0%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAW3r7LrjuRWUWEvy5IV_ALN&cbpage=http://dexpredict.com/jump/next.php?r=6265274&cbur=0.447118280588499&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://dexpredict.com/script/i.php?t=1&stamat=m%257C%252C%252Cg2MyojZ7oGU3BP-GH0dEdHP3xP.90c%252Cac-ngYFJetsfxN3od57HN08C137gViVEFDfnryyBdKpuXfK5jisyOwhI9sKojhkxjzhuclIL8_4AWfm8hHJegxje2E4b2hCY9FuLYOT_YUkn8l8I7W6c5qmRSqsBiu8xCLX5_tMajIimS_bZ36lwOQ7AxcY_heu6JZhV3ujbgN-YTGrz8NMV3r8Zsra1ODOTimStFdUmdbHBPMcmVLfkBH9JJWSZKMcjG5gpSMl5niHDGSEF46JYEGTsQgy1eUZ0xiwUjRankBVyfRKQGCSOEzo60YJS-tVMLU_94vRLC0NbaDzyGqo-arxU_V9WNQrl2CTMiKvHJi_7iMXtTWvfcek2Iqy55oNj5BMTf7W1ug40ZNSaeEi7XI1XWQmVCpGSE16jKqs18NvSpGAMYKrJmfy52daH8nIZ3gI8y5Mp-6RgqALqwfpurm13617D1bqC55Tmtz8aO_35hILgNKHWSKVKXR5Sqf7ys19l7chSwQxDfoP01if4j_2M5vVDT4iCtzWcy-Fr9f0db5G-RyM4gY86cAdYsqu_RnhC97jE9JY5kC9Ez6mpCUs26GsccfuM5rzH_C-_Z6KMqRSscojRFI94vo6zbx_OyIapRvt17SUwa35RrOOX5WJdFjQFGOzR HTTP 302
    http://www.oxfoadv.store/?s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98 HTTP 302
    http://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98 HTTP 301
    https://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98 HTTP 302
    http://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98 HTTP 301
    https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
next.php
dexpredict.com/jump/
7 KB
3 KB
Document
General
Full URL
http://dexpredict.com/jump/next.php?r=6265274
Protocol
HTTP/1.1
Server
35.201.90.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
210.90.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 01 Apr 2023 17:57:50 GMT
Server
openresty
Transfer-Encoding
chunked
Via
1.1 google
Primary Request /
tr.ansf.shop/oxford/
Redirect Chain
  • https://dexpredict.com/jump/next.php?stamat=m%257C%252C0t3Fm43KqB1dwP0dEdHP3xP.0d0%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAW3r7LrjuRWUWEvy5IV_ALN&cbpage=http://dexpredict.com/jump/next.php?r=...
  • https://dexpredict.com/script/i.php?t=1&stamat=m%257C%252C%252Cg2MyojZ7oGU3BP-GH0dEdHP3xP.90c%252Cac-ngYFJetsfxN3od57HN08C137gViVEFDfnryyBdKpuXfK5jisyOwhI9sKojhkxjzhuclIL8_4AWfm8hHJegxje2E4b2hCY9Fu...
  • http://www.oxfoadv.store/?s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98
  • http://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98
  • https://tr.ansf.shop/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=168037187010000TDKTV431193035504V98
  • http://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
  • https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
5 KB
2 KB
Document
General
Full URL
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Requested by
Host: dexpredict.com
URL: http://dexpredict.com/jump/next.php?r=6265274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a061965d5c113b61e23095d51d454423115fd58bd78035e4a41d70d780aa65c

Request headers

Referer
http://dexpredict.com/jump/next.php?r=6265274
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b12b789689b902a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 01 Apr 2023 17:57:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSgQuaOLSkNCnJlSH%2FvNUOTTpDVzagoo5BZ4NI9CXnGzkiwcaSYCIqsuXcIciLk1WKlULH4ILszia9YKpts7SgAyazS2nkc0u42I23UzoZn%2FQW9mneflkIdIqJLfuxLIiEjVvP8uWC4Fngo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7b12b7892a043651-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 01 Apr 2023 17:57:52 GMT
Expires
Sat, 01 Apr 2023 18:57:52 GMT
Location
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcU7ST5nRvlRi8tHTWKY2x6NIAvtkBGc9irwL20uVmpmzFZiV9jAEzsQ%2FapkUNplNvK8G7Wmod%2Bcpnak%2FBAWp6WEMp5ekzc0SBse7hQ%2BeRgTXMLTSiuq56gT%2F3tJF36IRSNS5Vks3SWPZOk%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js.cookie.min.js
tr.ansf.shop/templates/FileDownV2/js/
2 KB
1 KB
Script
General
Full URL
https://tr.ansf.shop/templates/FileDownV2/js/js.cookie.min.js
Requested by
Host: tr.ansf.shop
URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3138064ce6d74b3a5fa2aed4f07ea29b2039cb745e94911d829cc6e5ef7fe531

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 17:57:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 02:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10573
etag
W/"6426491d-6d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UzMXpbzBaune9HuVgcHLgEF1VvbkfNoDiQgfvVSmIw6WRA%2FGfYksR3l0gz2A12qlvHo9jQTbnqDJ76I5%2BfACfb1K0GSFtCKlFIGS2Sfjay0QOnw%2FtqJEfMqqqHk5NW9Cer8XIj55vulSFY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7b12b78acf819136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 02:49:55 GMT
main.min.js
tr.ansf.shop/templates/FileDownV2/js/
3 KB
2 KB
Script
General
Full URL
https://tr.ansf.shop/templates/FileDownV2/js/main.min.js
Requested by
Host: tr.ansf.shop
URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19460d606fd119668b99fc0755f899c81b551404ff26d3549fde6d1e5633013e

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 17:57:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 02:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10573
etag
W/"6426491d-c5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLkDGzgaESnM9ALOQgYSQyh5695Kyw963dNrwWppXr%2BhCJmlad3KM4oY06ePhIl9elaM91nejlsdFjgVmvihJ3vkMox5bjL4T7Lk9%2Fec0f13h5cCSS8KE1hz1SybwOLUiNHFcfI4ijtcsAI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7b12b78acf8b9136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 02:49:54 GMT
css2.css
tr.ansf.shop/templates/FileDownV2/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://tr.ansf.shop/templates/FileDownV2/css/css2.css
Requested by
Host: tr.ansf.shop
URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c655756185194bb230c5d28da0779e7cd00d10611c372b400f65e01545ce549

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 17:57:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 02:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6276
etag
W/"6426491d-c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okj%2Bcjkvx7YWVn9D%2BSMk25ypO9Yw4AGYh4KNjj5pJGyoi5csGWcVf98Q96O%2FSOAv6Tv3iRg15sDGFnnjfhLRNvwtF6A%2FWrDOwk0D8J4T15Wj8gBh6C25Hs1F6Yyh7B9cjYOYeKpjrOERyTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7b12b78acf919136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 03:40:43 GMT
css.min.css
tr.ansf.shop/templates/FileDownV2/css/
1 KB
895 B
Stylesheet
General
Full URL
https://tr.ansf.shop/templates/FileDownV2/css/css.min.css
Requested by
Host: tr.ansf.shop
URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11bb29130ba9acbf0ef98d75d483c99ed37cde0d082a17fd47659aff0d3ca30

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 17:57:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 02:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6276
etag
W/"6426491d-4ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmHoUtvpUlT2Q78Idipuqi1KtYC51f%2F2FwaSsHUSHePnX7X2aavK7EU3FchMNqiyD39CyiweR6ZyQmUWN4p52Qca35elvVd85der1wHTwnnDsRbl%2FVBWHmKWpTgnPXYko1uBwRbisyQ6r3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7b12b78acf939136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 03:40:43 GMT
styles.min.css
tr.ansf.shop/templates/FileDownV2/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://tr.ansf.shop/templates/FileDownV2/css/styles.min.css
Requested by
Host: tr.ansf.shop
URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d092724cabc4718ff06f75c288950da071136321fdef703a57f3a73c2a3292eb

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 17:57:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 02:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6276
etag
W/"6426491d-c03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRK64WHA5DLqKQJBrbhmbkyFaQqSbKhAvz5xsoSHaU4nbQRPTFNvwosk%2BDyMCGg5evEmTeBSDn0a2v7UtmHDEhCEBjj%2B5sNnIlRYLbihKcyH2RQoRo8wHf1GGRhK3HDvL15rbd6Sxf3bcu4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7b12b78acf969136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 03:40:43 GMT
utils.js
tr.ansf.shop/templates/FileDownV2/js/
8 KB
3 KB
Script
General
Full URL
https://tr.ansf.shop/templates/FileDownV2/js/utils.js
Requested by
Host: tr.ansf.shop
URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667f0b29ff668bb5066e8f880f26c9bda92645ffa9b6410af847e12a5971c1a6

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 17:57:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 02:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6276
etag
W/"6426491d-1e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQFIvQoETON0xmcoC7SsfGj5ifXq7VQEysIwS0L2Ah%2FQDcjXIA0tgj5E6hboQlr%2BzVSSaNX4eqKuhcis3%2BENEfcJ9Xcc4fxSCUefwE8glRQpiQeoq420sZdJhDq1G9JProBG60lzY5lY7Dg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7b12b78acf989136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 03:40:43 GMT
arrow__up.png
tr.ansf.shop/templates/FileDownV2/img/
32 KB
33 KB
Image
General
Full URL
https://tr.ansf.shop/templates/FileDownV2/img/arrow__up.png
Requested by
Host: tr.ansf.shop
URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4399fd13a2b71e3f70846fd5de33d293ecbba9d870115a1fdef53b3a142b62fb

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 17:57:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310641
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33223
last-modified
Fri, 17 Mar 2023 04:19:38 GMT
server
cloudflare
etag
"6413ea5a-81c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5u%2FLTENHbyQfjzhmPfw%2FxPcaE6AZcCNORqB%2BDoycoL84Fhtgzv%2FRzfLd2FTMFqOfrHqw0I4UjZxyDXd%2BZlsiQzuaFT0ZNmqeRyEWYyOEOy2PZ3Y4eT8VwGkVCay7ukRiohLZmvSMSOHq3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7b12b78affe59136-FRA
expires
Fri, 28 Apr 2023 03:36:31 GMT
lp_v4.js
tr.ansf.shop/templates/FileDownV2/js/
4 KB
2 KB
Script
General
Full URL
https://tr.ansf.shop/templates/FileDownV2/js/lp_v4.js
Requested by
Host: tr.ansf.shop
URL: https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c8b30ee082dde1bed0f8e76553af581ed3f2d710ca0a58a9733d65b220dd12

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://tr.ansf.shop/oxford/?id=1680371872104&v=d4bf59e4a7d372d063299d4ab369913207af844cb7&cid=168037187010000TDKTV431193035504V98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 17:57:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 02:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6261
etag
W/"6426491d-ffc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yM%2BujaNdkbHwC7gddUZH5FlTnF2eVeUHzWdR06Xadgj3wUDD35earTbYaEm96Sp3iUP6gOFtxeIpcV56eyYJbeXKUF5RoJaD69oRvkVVcz8zJAodnZfHgEffqeIGYfPZzIoqo5kKvtKb3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7b12b78affe09136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 03:40:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: tr.ansf.shop
URL: https://tr.ansf.shop/templates/FileDownV2/css/css2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.ansf.shop/
Origin
https://tr.ansf.shop
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:00 GMT
x-content-type-options
nosniff
age
372412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| offer_url boolean| blnk function| Cookies object| _$_41fc function| getCookie string| refurl function| createOfferWindow function| detectDevice function| eraseCookie function| getCursorXY function| redirectPage function| modifyTop function| onOfferOpened function| loadError function| loadSuccess function| callInstall object| __offerWindow boolean| postbackInvalid

11 Cookies

Domain/Path Name / Value
.www.oxfoadv.store/ Name: uid
Value: u803718716428709fb3162212111639
.tr.ansf.shop/ Name: vt
Value: d4bf59e4a7d372d063299d4ab369913207af844cb7
.ansf.shop/ Name: storeid
Value: ngdgobnmmlnignedbmofabebpmmnnplc
.ansf.shop/ Name: refurl
Value: http%3A%2F%2Ftr.ansf.shop%2Fverify.php%3Fxx%3D100241%26s%3Da0203fd8fb08f2bc24b4a82cf7489e9729b7%26cid%3D168037187010000TDKTV431193035504V98
.ansf.shop/ Name: taskid
Value: 100241
.tr.ansf.shop/ Name: subid
Value: adsn
.tr.ansf.shop/ Name: uid
Value: u80371872642870a05635c645153156
.tr.ansf.shop/ Name: ts
Value: 5c5d47a00aa4da1926c663eg2q8b0efc5mag3b3m2o
.tr.ansf.shop/ Name: p
Value: 100066
.ansf.shop/ Name: rqp
Value: %7B%22id%22%3A%221680371872104%22%2C%22v%22%3A%22d4bf59e4a7d372d063299d4ab369913207af844cb7%22%2C%22cid%22%3A%22168037187010000TDKTV431193035504V98%22%7D
.tr.ansf.shop/ Name: vs
Value: tr.ansf.shop