tr.ansf.shop Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tr.ansf.shop/verify.php?xx=100245&s=db25a7323a7c50b9dd026ecba9b409eee0f4&cid=1683661941100010TUKTV414435712764V4
Effective URL:
http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV4...
Submission: On May 10 via manual (May 10th 2023, 9:43:31 am UTC) from SE — Scanned from NL

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tr.ansf.shop. The Cisco Umbrella rank of the primary domain is 493367.

This is the only time tr.ansf.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
10	3

10 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tr.ansf.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ansf.shop 1 redirects tr.ansf.shop — Cisco Umbrella Rank: 493367	59 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	950 B
10	2

	Domain	Requested by
10	tr.ansf.shop	1 redirects tr.ansf.shop
1	fonts.googleapis.com	tr.ansf.shop
10	2

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Frame ID: 960F677B2F23153B795254830752CA9E
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File Download

Page URL History Show full URLs

http://tr.ansf.shop/verify.php?xx=100245&s=db25a7323a7c50b9dd026ecba9b409eee0f4&cid=168366194110... HTTP 302
http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=16... Page URL

Page Statistics

10
Requests

10 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

58 kB
Transfer

104 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tr.ansf.shop/verify.php?xx=100245&s=db25a7323a7c50b9dd026ecba9b409eee0f4&cid=1683661941100010TUKTV414435712764V4 HTTP 302
http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
tr.ansf.shop/oxford/
Redirect Chain

http://tr.ansf.shop/verify.php?xx=100245&s=db25a7323a7c50b9dd026ecba9b409eee0f4&cid=1683661941100010TUKTV414435712764V4
http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4

9 KB
5 KB

187ms
186ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 068f97f86c91d6d26cd8b3ea4ed99346e6a7ba100b0ff4f18a91bcd65e38299f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7c513ce7cb34b752-AMS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 10 May 2023 09:43:26 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7SlgwMdB%2BBQlL00LbrCTVuShsM9Kzibf6Gbqb8N7HiQi%2BE2Ors12KB9EK7qbgOa5qlbKkPiLbAcljl0DqxvOs3YIqzpTcKIYJfwxt%2F0OmJwOHoselo3fS4i5e%2B9dYtOXWz1gcuN8KTZOBY%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7c513ce699feb752-AMS
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 10 May 2023 09:43:26 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWYgPREfhTukSiy6u6sZgeZKZUoswt%2BLN%2FpfuPzoFpIAbUi69AYhMpn3sdElW%2F5z3XODqIijqn0AmXhNTgLN8SjQk6stI9rojgQux7csvpIc6nJENuL71tnx2QPUip4AfSYAYno7GlBivOk%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
location: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4#

GET
H/1.1 200
OK js.cookie.min.js Show response
tr.ansf.shop/templates/FileDown/js/ 2 KB
2 KB 36ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.ansf.shop/templates/FileDown/js/js.cookie.min.js
Requested by: Host: tr.ansf.shop
URL: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3138064ce6d74b3a5fa2aed4f07ea29b2039cb745e94911d829cc6e5ef7fe531

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 09:43:26 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 18367
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sat, 08 Apr 2023 02:49:37 GMT
Server: cloudflare
ETag: W/"6430d641-6d8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rSnhjpmR9X7Ie6ggSXUDQK1M5J9ayX%2FRjQo6AOVkY4QcnZp%2FI5FLHcDEtREUMsBtKq%2F20HVOUO3NKGKDi0mQirU61YlmYW2qQ1hPcZ1urHRuuee%2Fx%2B0EurnrO81Ng3aEXOebXcyHMsc9HE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 7c513ce8fc70b752-AMS
Expires: Wed, 10 May 2023 16:07:08 GMT

GET
H/1.1 200
OK main.min.js Show response
tr.ansf.shop/templates/FileDown/js/ 3 KB
2 KB 68ms
32ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.ansf.shop/templates/FileDown/js/main.min.js
Requested by: Host: tr.ansf.shop
URL: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50a386b3d8bce29be1178334b9f227667dc52f86340a57c5f1bf5e6205aa6e1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 09:43:26 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 18434
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sat, 08 Apr 2023 02:49:37 GMT
Server: cloudflare
ETag: W/"6430d641-bc2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHjvIsJAwKhS2aQONJ7VufmLI7CauH2jHOn6VmIv55IoHC0sjqDJdSWLIU%2BPU%2B%2FSELMHv%2FVjiVUnMjPp6s51CO%2FHOsaaCCDGJVfZivDz9eRC%2BCABjbFq2zGEI5gnXLR0UPAmimB9GODxvqs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 7c513ce92ca3b752-AMS
Expires: Wed, 10 May 2023 16:07:08 GMT

GET
H/1.1 200
OK promo13.min.css
tr.ansf.shop/templates/FileDown/css/ 37 KB
7 KB 64ms
38ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.ansf.shop/templates/FileDown/css/promo13.min.css
Requested by: Host: tr.ansf.shop
URL: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd6735655dcaa246afb0442a350c76b2f3ac4db51792d8c9cd5ea6d74a976c77

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 09:43:26 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 14373
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sat, 08 Apr 2023 02:49:37 GMT
Server: cloudflare
ETag: W/"6430d641-921a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9RK%2FHECB%2FGYgeKK%2F8uT%2B9K9NXY%2BpjkZySpciNmUgXIrlN2UDjMW4JNAuESZOYy5oVNMXzqAldGsJgENv81nefuB5AcT7tBEm%2BPwAHg1kfpYDqagiNfNxANoy9ijkMZobARrmmb9wv4ebFs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
CF-RAY: 7c513ce919590b84-AMS
Expires: Wed, 10 May 2023 16:07:08 GMT

GET
H/1.1 200
OK styles.min.css
tr.ansf.shop/templates/FileDown/css/ 4 KB
2 KB 71ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.ansf.shop/templates/FileDown/css/styles.min.css
Requested by: Host: tr.ansf.shop
URL: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c0712f1580838102f5d56bc4c407dad090b57a1c0c38aeead24d10cf85a0b3c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 09:43:26 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 19843
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sat, 08 Apr 2023 02:49:37 GMT
Server: cloudflare
ETag: W/"6430d641-fd0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsZpUYDWMLFWu4mQaZrGUVKJ4ZHYrDI8p5s%2F3JPLgBb0ge%2FRL4LFL7tG0ZWZpSojIUQfk8020XhL6CtkujS2Gcj71FYDwt6ZyR7wCFD6FHEI1f0m9mr2t6%2FmXoxaPnr6JmqT8cDwpdtqi6o%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
CF-RAY: 7c513ce91b93b8ca-AMS
Expires: Wed, 10 May 2023 16:07:08 GMT

GET
H/1.1 200
OK utils.js Show response
tr.ansf.shop/templates/FileDown/js/ 8 KB
3 KB 63ms
37ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.ansf.shop/templates/FileDown/js/utils.js
Requested by: Host: tr.ansf.shop
URL: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667f0b29ff668bb5066e8f880f26c9bda92645ffa9b6410af847e12a5971c1a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 09:43:26 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 18690
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sat, 08 Apr 2023 02:49:37 GMT
Server: cloudflare
ETag: W/"6430d641-1e34"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgNUw1l14T8JOdqAG55fDXthg4dQ%2FNUIsv8DsK%2FWSQQLOiG94sygD3xywcjFrFvcBuzvIsiVrq2zzNF%2B0i2g6gQP4gxM%2BmtziePopTYDihLbFbEU4mvJNqJshZREEkAOVv2sdpvEX7OWQTk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 7c513ce919e10b62-AMS
Expires: Wed, 10 May 2023 16:06:18 GMT

GET
H/1.1 200
OK arrow__up.png
tr.ansf.shop/templates/FileDown/img/ 32 KB
33 KB 51ms
40ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tr.ansf.shop/templates/FileDown/img/arrow__up.png
Requested by: Host: tr.ansf.shop
URL: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4399fd13a2b71e3f70846fd5de33d293ecbba9d870115a1fdef53b3a142b62fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 09:43:26 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 322569
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 33223
Last-Modified: Sat, 08 Apr 2023 02:49:37 GMT
Server: cloudflare
ETag: "6430d641-81c7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVcqbOY7WEhEnpdNEKXLquvcUThfxWKs6dR9GkAHBA6Pgx3NpIQsTZvRyxvLEnnguOndLl1jbH8%2BAXIgV6okk%2FFUp%2F5Y0JfpB40R5mxquu6PVqNbjE3ncjBnfZVhaongWcGvtSjn1DXjcP0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7c513ce93c620bba-AMS
Expires: Sun, 04 Jun 2023 19:22:37 GMT

GET
H/1.1 200
OK info_icon.svg
tr.ansf.shop/templates/FileDown/img/ 399 B
1 KB 32ms
32ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tr.ansf.shop/templates/FileDown/img/info_icon.svg
Requested by: Host: tr.ansf.shop
URL: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3790d6e556194fd7d17b273234befd2de44daa4c57d5055bdd0de714c57152a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 09:43:26 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6829
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sat, 08 Apr 2023 02:49:37 GMT
Server: cloudflare
ETag: W/"6430d641-18f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8vYC4pq%2BL8wmHdp69FwaVuLxp1SpJBYht2ozrixo4mdVDECTgqbfguy8T86Igt0QBKl0wsmk9iNka%2FmthW8o8sAe5ddXfJC7y%2BEdJHbx4Nc%2FEfiyvgVxSY4p%2BB8Wfa2Oc1twaNqW0PlIgs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: max-age=14400
CF-RAY: 7c513ce95a380b62-AMS

GET
H/1.1 200
OK lp_v4.js Show response
tr.ansf.shop/templates/FileDown/js/ 4 KB
2 KB 43ms
37ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.ansf.shop/templates/FileDown/js/lp_v4.js
Requested by: Host: tr.ansf.shop
URL: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b9b2abaa92c36faca3493ca5382cae5ba4e05034749bda244bbfa03427d4024

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/oxford/?id=1683711806599&v=f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7&cid=1683661941100010TUKTV414435712764V4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 09:43:26 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 18411
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sat, 08 Apr 2023 02:49:37 GMT
Server: cloudflare
ETag: W/"6430d641-1011"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZDc%2Fz2DhrMuYda0uwSKshbffQo8gXltoAPiId1ovcUiyAQ2Xn2trOstj6die7dIQQyePY0VMGhSipfVI0dyqQJPW1W4nQNtgmWhooJ1rH%2BUSy3tbtgWeW%2BUGdxuq0S2QDWthAF7W%2FdOFS8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 7c513ce91d681cae-AMS
Expires: Wed, 10 May 2023 16:07:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
950 B 143ms
70ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Requested by

Host: tr.ansf.shop
URL: http://tr.ansf.shop/templates/FileDown/css/promo13.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39deb3024b64d67a27e79c3152ba16ea68026e8574fc9e4a3dbe1e291503ef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 May 2023 09:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 May 2023 09:43:27 GMT

GET
DATA 200
OK truncated
/ 818 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6555d7efa57e9983c429ca01fcf878f20fb625b39783d4e86bbe1dba4bbf8f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://tr.ansf.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tr.ansf.shop/	1970-01-20 21:17:51	Name: vt Value: f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7
.ansf.shop/	1970-01-20 21:17:51	Name: storeid Value: gallcoocglcmomfgkeakllnfapekiieo
.ansf.shop/	1970-01-20 21:17:51	Name: refurl Value: http%3A%2F%2Ftr.ansf.shop%2Fverify.php%3Fxx%3D100245%26s%3Ddb25a7323a7c50b9dd026ecba9b409eee0f4%26cid%3D1683661941100010TUKTV414435712764V4
.ansf.shop/	1970-01-20 21:17:51	Name: taskid Value: 100245
.tr.ansf.shop/	1970-01-20 21:17:51	Name: subid Value: adslp2
.tr.ansf.shop/	1970-01-20 21:17:51	Name: uid Value: u83711806645b673ebf95b506331287
.tr.ansf.shop/	1970-01-20 21:17:51	Name: ts Value: 65637b243d29a4450394a67g3q5b4c2megbg0bfe5q
.tr.ansf.shop/	1970-01-20 21:17:51	Name: p Value: 100067
.ansf.shop/	1970-01-20 21:17:51	Name: rqp Value: %7B%22id%22%3A%221683711806599%22%2C%22v%22%3A%22f1dd51c6e637464fe8c8f71d9ec7d1e523bf821de7%22%2C%22cid%22%3A%221683661941100010TUKTV414435712764V4%22%7D
.tr.ansf.shop/	1970-01-20 11:41:55	Name: vs Value: tr.ansf.shop

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
tr.ansf.shop
2a00:1450:4001:82f::200a
2a06:98c1:3121::3
068f97f86c91d6d26cd8b3ea4ed99346e6a7ba100b0ff4f18a91bcd65e38299f
3138064ce6d74b3a5fa2aed4f07ea29b2039cb745e94911d829cc6e5ef7fe531
3790d6e556194fd7d17b273234befd2de44daa4c57d5055bdd0de714c57152a1
39deb3024b64d67a27e79c3152ba16ea68026e8574fc9e4a3dbe1e291503ef48
4399fd13a2b71e3f70846fd5de33d293ecbba9d870115a1fdef53b3a142b62fb
50a386b3d8bce29be1178334b9f227667dc52f86340a57c5f1bf5e6205aa6e1e
667f0b29ff668bb5066e8f880f26c9bda92645ffa9b6410af847e12a5971c1a6
9b9b2abaa92c36faca3493ca5382cae5ba4e05034749bda244bbfa03427d4024
9c0712f1580838102f5d56bc4c407dad090b57a1c0c38aeead24d10cf85a0b3c
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
c6555d7efa57e9983c429ca01fcf878f20fb625b39783d4e86bbe1dba4bbf8f3
cd6735655dcaa246afb0442a350c76b2f3ac4db51792d8c9cd5ea6d74a976c77

tr.ansf.shop Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

10 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

58 kBTransfer

104 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

10 Cookies

Indicators

tr.ansf.shop Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

10 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

58 kB
Transfer

104 kB
Size

10
Cookies

10 HTTP transactions
2 data transactions