urlscan.io logo urlscan.io
SecurityTrails logo

ansarishifting.world Open in urlscan Pro
2606:4700:3036::6815:58cc  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374
Effective URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Submission: On August 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3036::6815:58cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is ansarishifting.world.
TLS certificate: Issued by WE1 on August 12th 2024. Valid for: 3 months.
This is the only time ansarishifting.world was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 94.154.173.227 8100 (ASN-QUADR...)
23 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
28 4
Apex Domain
Subdomains		 Transfer
23 ansarishifting.world
ansarishifting.world
982 KB
4 trk-elevostra.com
trk-elevostra.com — Cisco Umbrella Rank: 357103
event.trk-elevostra.com — Cisco Umbrella Rank: 369321
3 KB
1 prestinlevel.com
prestinlevel.com
434 B
28 3
Domain Requested by
23 ansarishifting.world prestinlevel.com
ansarishifting.world
3 event.trk-elevostra.com trk-elevostra.com
1 trk-elevostra.com ansarishifting.world
1 prestinlevel.com
28 4

This site contains no links.

Subject Issuer Validity Valid
prestinlevel.com
R10		 2024-07-02 -
2024-09-30		 3 months crt.sh
ansarishifting.world
WE1		 2024-08-12 -
2024-11-10		 3 months crt.sh
trk-elevostra.com
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Frame ID: 3E88EF66C285731AB29E0015EBD633AE
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Kohls - We Want Your Opinion!

Page URL History Show full URLs

  1. http://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374 HTTP 307
    https://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374 Page URL
  2. https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

986 kB
Transfer

1910 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374 HTTP 307
    https://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374 Page URL
  2. https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374 HTTP 307
  • https://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0.34659277345401374
prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/
Redirect Chain
  • http://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374
  • https://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374
174 B
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.154.173.227 Hyattsville, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Aug 2024 09:24:27 GMT
server
nginx/1.12.2
vary
Accept-Encoding

Redirect headers

Location
https://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374
Non-Authoritative-Reason
HttpsUpgrades
Primary Request 736603&country_id=231
ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/ 		762 B
1008 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Requested by
Host: prestinlevel.com
URL: https://prestinlevel.com/0/0/0/6e26ff07e30858d0f219b8403be712bf/12/31416/0.34659277345401374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3162dde832bbe375a8283a599de3aa9db77bab71d2408d65fa2a78296fdc331c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prestinlevel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b405f175c40c436-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 16 Aug 2024 09:24:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVFRfOAGm1OXL3EnE8k9ovNOKERJulbOQ%2FiaqCXjaJNkVDuS8NHWmxaPLk2h%2FCTx8jeVjC81ufyTOhPLWm0q3%2BBvlStao8Gsh7MTTS1bXSB4zMsiSVg43BVA21rEmnwp%2BBGFF0MqxOM%2B%2BpdlxrDsIbVGnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
evxj
ansarishifting.world/bwkz/tllf/xqjv/ 		57 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231&_ax=w
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7bd9ccc452d1c9200981e984bc7613b647a62ca2ad34e08872de30ed3126ec6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pyaFHEaOWeessqfB3pojhfgkIi3%2FQ1eS8LqlZnQhWJzZXJJZuwcUBoKd5AzY%2FYVvC9oxV2FnLyyzn8%2FMuAIuo5QAqlSxYMY6hNCyHWMW5evUyqDUSE6tDY0ZBAkMolD%2BbhbmCptmgPiWaeDpjkautfmEDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8b405f1a8de0c436-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
ansarishifting.world/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
167602
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 23:17:43 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nYAJMfjzV8KUDhP1vTDcuQmbrU6r%2B1SFEL6JkBsbAHtjpPd2B%2ByLvYtN36g%2BzWe8HuTLBN95hVFbI3YmotoTvZDTMnWR4UeQbEKPiqzz7pKosLOrwhUiK6sJ%2BUUL4jt340gyU4mVfffXg%2FZQTwdpltTROw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1a9de5c436-EWR
expires
Wed, 21 Aug 2024 10:51:05 GMT
bootstrap.min.css
ansarishifting.world/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166964
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZYwHQJlNAYQeRJ6HjuX7GfydDMxY3qqvpPP0ajbBHujYUzY%2FyHIahUhRbXAOms7FnMfYSwNyVGlHlM35L4NVbOaNNpW6fTpGLScM4HWTtW1eZR%2FMusM273V9gH%2BqgIt%2BwWlmDIqZa3qjuljPoqon24Llg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1e9fdec436-EWR
expires
Wed, 21 Aug 2024 11:01:44 GMT
all.min.css
ansarishifting.world/assets/vendors/fontawesome_pro/css/ 		496 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/assets/vendors/fontawesome_pro/css/all.min.css
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166963
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:24 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3v6kFVmwix3Soz8PkLJDRp57cSy1D7j9R5EZSU%2FC7hPRPVG8ahEMrr%2BCK9%2FFGwp9tVeq9%2FtcwXTBLyaEkKaTZpZY8lTCCQNllgqhxXcwLCQNa3GWlQUhOX3qIl06hYeXJTDXxWdeMjbwx074AZPJyjDxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1e9fdfc436-EWR
expires
Wed, 21 Aug 2024 11:01:44 GMT
common-hybrid.css
ansarishifting.world/assets/css/madrid/dist/ 		56 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/assets/css/madrid/dist/common-hybrid.css?v=22dc3bc33f903d8744e47416d9a8b4a3
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30821b003dc6f23f1675a6a7e6c31e78f18db55f72a94e0af0f2209edda8ee8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 20 Jun 2024 14:24:07 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FqAlNIXEVKob9M%2B7QiVH01NJcKUmBmXo7vMTDzA%2FNBpoGidJiJQ6m4tB%2BTBXySzb2Husz4RuqACu%2BCVhiYIGhmeinIp3OeEVyrV2i159uOcA1OqrZg3%2Bf7Pxo%2FwTjDQJ62%2BLI2MIsN6Wv0weldpTfUNQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1e9fe1c436-EWR
expires
Fri, 23 Aug 2024 09:24:28 GMT
msg.v3.js
ansarishifting.world/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/inc/msg.v3.js?66bf1acc74e13
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fefa3e85fed59b89802e41266cac25ccf6e15137f69b18b14f783e1719207106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Jul 2024 13:46:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRkaXD%2BAxnkgV8emJV9fOerc0n0mHSKRGj0POTYE8VfOeqIpqTvEcyvfEzVQdtqfn7TpfOiFPbxG6s2msZFG6ZkOTyQU9%2BTtD4urGlbpJXlEIAn0hIFsBIusckzvRJ8z%2BVbGt%2BuQ%2BUJpf9GgPGomXjEeRg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1e9fe2c436-EWR
expires
Fri, 23 Aug 2024 09:24:28 GMT
kohls-logo-purple.png
ansarishifting.world/uploads/archive/company/55/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ansarishifting.world/uploads/archive/company/55/images/kohls-logo-purple.png
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6397f628a28671d7cff67cc61337ae3592e014d873a3bb1e916dbed7ae23e48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166964
alt-svc
h3=":443"; ma=86400
content-length
8332
x-xss-protection
1; mode=block
last-modified
Tue, 04 May 2021 18:30:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p6ZcHuduZuO5c7NGQ7kLStw0El%2FliO%2BzYxhy%2BQsPpi8YYmoPyiKN0%2BkeUXbsXuXdD8JDvFD%2FqOePq0aCF7t3r3%2Fbq3tsOdDhSFaQyktqZ925pyLbLWhiJYzFblLryEr7Oy%2FaeVRH%2BOA31%2FgTYvy8bbeO4A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b405f1e9fe3c436-EWR
expires
Wed, 21 Aug 2024 11:01:44 GMT
flag-us.png
ansarishifting.world/assets/images/flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ansarishifting.world/assets/images/flags/flag-us.png
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e34d082ccdc00408c7c4ddda543f1247f981ebc756c8458e2b6321d8a4d42a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166964
alt-svc
h3=":443"; ma=86400
content-length
2692
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:39:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rqWrgH%2BvhsRXQBKlhx%2BBNUwbFHywYd8mv0vGGtrmXYeiiL3uPYnImOiCl8e3voj1%2FRR7fLeX0Wt2c5TjcpbEaEEVocWgeZijtOL4u0zaSGM%2FV6bIOIvvFnTLy79A7fTnmg%2FS4kwvdhlert7eq1%2F4MaEtcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b405f1e9fe4c436-EWR
expires
Wed, 21 Aug 2024 11:01:44 GMT
ninja-5.png
ansarishifting.world/uploads/archive/product/399/images/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ansarishifting.world/uploads/archive/product/399/images/ninja-5.png
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af5bbe1218311c09e6c7ec25a4b4a0973b43af1845f2bbe3f33e30d29dbd206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166538
alt-svc
h3=":443"; ma=86400
content-length
110991
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 08:28:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htvv%2BozG7V%2F85uINaKn4nPnGBYa%2B%2BhduO9N3wbbiGI4%2Fro1lhu79EPaiuSx5Md9vSyNHqnmpr5KnMdlt3fdR4wZ5kfz1T0903hmBFbyV0vbcano5cxhlkJHbJyigJYZCxpbUxqHgJV%2BmhTfdmzbJEnkgMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b405f1e9fe5c436-EWR
expires
Wed, 21 Aug 2024 11:08:50 GMT
email-decode.min.js
ansarishifting.world/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Aug 2024 15:30:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66b635fa-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8H1CGcZao3ERgQgjDMCnvfv%2FAeXrpDNViIULKUI9YDaw4Cs5v6AmCb%2FdfTcHTKecgljOffj8wppHiOOyt2umKkTgrKdgzaz%2BuJ6GbGWclY0KKpLikAGyK00aeclyL2Th%2BbLSrV5iJf35HIKB28SPTWjyBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8b405f1e9fe6c436-EWR
expires
Sun, 18 Aug 2024 09:24:28 GMT
jquery-3.4.1.min.js
ansarishifting.world/assets/vendors/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166964
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOF%2FNhorGSS13UsFAOaXjv4sxzXVsAri7rIEhCr%2B3ygy6oSD4Cptx5MWM5HGjUe7kCmpSGmL%2BGPv138o%2B1nG0wA0%2FBbEn2qnrArBN4eAcn8E8E51SU5iEnJT0Uxs14ynUBToIaHj%2BYuNEyghJJDAmK4pLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1e9fe7c436-EWR
expires
Wed, 21 Aug 2024 11:01:44 GMT
bootstrap.min.js
ansarishifting.world/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166964
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlIJ9XaeunmS08Alti1MWWlL0QgIEkefI8dRGoMBhmoSjDTXM%2FeHN55xWx8f%2FOH2iieJ%2FOyewSfNAN3H4bGAvFbPEP1%2BSuwS7lt80imtdco5wpsvYq3UHW8e70AcCsE39yn27JCJyUk3JDUKJ%2FTKeOMCZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1e9fe8c436-EWR
expires
Wed, 21 Aug 2024 11:01:44 GMT
functions.js
ansarishifting.world/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/assets/js/functions.js?v=22dc3bc33f903d8744e47416d9a8b4a3
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4921e86e1c949a33cc2b898550944940b1c1a63d84eb852af1fa71dd33d49b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jun 2024 19:17:35 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YmkPhY0qTnAqpzeHsMI%2BLu4pcu9hfLWPJxjU4Kk2LLZJO9zfl1msck9RPFlAkohOMIDZ5sehDDog5JB%2BwA9tStDPtvD%2FKk9sYJVXsPvTqsCRFTQ9Efhx0celtGLpwpWWsAg1Xpps%2BQEjvQQirACHmtubng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1e9fe9c436-EWR
expires
Fri, 23 Aug 2024 09:24:28 GMT
gbvar.js
ansarishifting.world/assets/js/ 		41 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/assets/js/gbvar.js?v=15
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152803
alt-svc
h3=":443"; ma=86400
content-length
41
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 21:29:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mEmJVPK7e3W3NJEcA5OwuK8%2FdprOtS2Kz1pJe8U25gpbVmunXw6WhFG%2BlMx0%2BhUuHuKCxZqdzo3%2FuP40HUH04X%2BW2f1vq4VwQKvJuUBOMIftnWmt4jz16xEHfXNiEEZHLJUpeqRtwN67KA%2BqDecO5mnDSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b405f1e9febc436-EWR
expires
Wed, 21 Aug 2024 14:57:45 GMT
intl_functions.js
ansarishifting.world/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/assets/js/intl_functions.js?v=22dc3bc33f903d8744e47416d9a8b4a3
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415fcc5436be9039699e31bc9cbd8e6d8b23410581b0a72dac505d9fad85c691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jul 2024 19:31:48 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GVVKvBS9kxnn9yUvQ0PF76UMMG8LcZ20Tka0RE0YqG1CnobdnU99GLNcfDnZZKP1c5JXVCclfNrOYPRJne6WbMQ8hkZTHbvmTSPx456uD7iVJygVhpxKtrBID26pS%2FNUQ21wZyTERnakx3Q1OLYKicOMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1e9fedc436-EWR
expires
Fri, 23 Aug 2024 09:24:28 GMT
common-hybrid.js
ansarishifting.world/assets/js/madrid/dist/ 		107 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/assets/js/madrid/dist/common-hybrid.js?v=22dc3bc33f903d8744e47416d9a8b4a3
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/35119401/ad25dfc4c85c78c79575be7e75988b79x/0104/121713133602/736603&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a402f9a2cad96365b2432f5bce3521c99e48271874b97e1db5a90d3daee66ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jul 2024 19:31:48 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQZeU2trYT%2Ba%2FyZgqX3Um1stMHkNoqz4P3FAFqcn85OBUA%2Fgwjsg6cF3cmF9gxNhtNScxT%2B9983QGwheVqX50v8GO9h8s1od6GYLqFvBB3ZZ4AXvoK71MavutrwiF7%2BZ25i6bIupQp6cQNScR%2BRhn3Iirw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b405f1e9feec436-EWR
expires
Fri, 23 Aug 2024 09:24:28 GMT
v9e118mez8
trk-elevostra.com/scripts/push/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-elevostra.com/scripts/push/v9e118mez8
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/inc/msg.v3.js?66bf1acc74e13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:6008 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3992
alt-svc
h3=":443"; ma=86400
content-length
2519
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 16 Aug 2024 08:17:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vn2EEJBQL1Rksk3CW2VSZRRRQQk8mlrAuJUNQ63%2F3zzAdvTO9RE9CIxDD6U1E75ldxyAFoR%2FDGwE%2By2v2cZ1Cjy391m8QMKs2Z8L4GweOw34x64PbLZWkEUA8chXd3BHrYeEDsnF8a5u7Gq3AKjeOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
cf-ray
8b405f205e4e0f59-EWR
expires
0
ninja-5.png
ansarishifting.world/uploads/archive/product/399/images/ 		108 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ansarishifting.world/uploads/archive/product/399/images/ninja-5.png
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af5bbe1218311c09e6c7ec25a4b4a0973b43af1845f2bbe3f33e30d29dbd206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166538
alt-svc
h3=":443"; ma=86400
content-length
110991
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 08:28:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htvv%2BozG7V%2F85uINaKn4nPnGBYa%2B%2BhduO9N3wbbiGI4%2Fro1lhu79EPaiuSx5Md9vSyNHqnmpr5KnMdlt3fdR4wZ5kfz1T0903hmBFbyV0vbcano5cxhlkJHbJyigJYZCxpbUxqHgJV%2BmhTfdmzbJEnkgMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b405f1e9fe5c436-EWR
expires
Wed, 21 Aug 2024 11:08:50 GMT
kohls-blurred.png
ansarishifting.world/uploads/archive/industry/13/images/ 		609 KB
610 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ansarishifting.world/uploads/archive/industry/13/images/kohls-blurred.png
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b5c3361cef3984714d3322fca259a62f52b0dc57b22ad9a336f16d9a9c9244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166963
alt-svc
h3=":443"; ma=86400
content-length
624014
x-xss-protection
1; mode=block
last-modified
Tue, 12 Mar 2024 18:12:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HV34r7FOQ94giNmrKy4k4UU9zynIIuLlylEMwbLMn3sOjw%2BGfhUt5EGfs7F2csz6ByGcJEiwdtAaKktTRYLrcOCus1Tk0L9PTzLsXn8EQNJkXKrZNNkmzR5ryK%2BGZVcztz%2Frk7RdN8GoDHKODu%2Fpmhsmng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b405f1fe88bc436-EWR
expires
Wed, 21 Aug 2024 11:01:45 GMT
/
ansarishifting.world/ 		336 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/assets/vendors/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae556a6321ad9ae901f31aeabcd4775612bb3772ee628e8719ae633127a7ad9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 16 Aug 2024 09:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ReODTtB5LweEw%2FzMJQUp4H4m0ZPLBRAwNUe1lYqltIF%2BMwiSl8GKwimmLfm3Kc5JIogNo%2FhuhivJzOtyv6KlrGqrozkySbemNJ2wuIi0eOlXHqtHn87BJe2CoARfZbqddFVUSv20Xl96WO17pXqYj3lHvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8b405f2028a1c436-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
guarantee.png
ansarishifting.world/assets/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ansarishifting.world/assets/images/guarantee.png
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166959
alt-svc
h3=":443"; ma=86400
content-length
6352
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 20:16:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQS4z2dpq2ZImHASGzGztaCa7zPGAtvsluk7sU1Vn%2Br8VYFgMrQUH34q2gWgqZcnHx9BksUJQvIuHUY%2BTJKLog0Cm5SRYnFGRTuZ0YYigeqgUFWMarGDgeHvafv1G8891sAYEHAvUU15O3ZKhFUIujvb7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b405f2028a4c436-EWR
expires
Wed, 21 Aug 2024 11:01:49 GMT
secureSite.png
ansarishifting.world/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ansarishifting.world/assets/images/secureSite.png
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:24:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166959
alt-svc
h3=":443"; ma=86400
content-length
9862
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 20:16:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0XOI2mTjaqQ%2B%2FXgzKXLZ04v%2BvpCys5LAlU3DZjHVETMMsBTs2h6OaOElOoDZfI8b65DEbjulCvF7cdNbV9UmupVwr6LwpAy8FFfCELd1WTbG2Gth4tscYTyIRFDngUQuw%2BFiWhsax4aAPFteG9SoF0H0Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b405f2028a6c436-EWR
expires
Wed, 21 Aug 2024 11:01:49 GMT
/
ansarishifting.world/ 		25 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ansarishifting.world/
Requested by
Host: ansarishifting.world
URL: https://ansarishifting.world/inc/msg.v3.js?66bf1acc74e13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Aug 2024 09:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIqSczMAP9NXgRm8zeE3CFsKGl28k7ESAwAyABOWN9IfpO0SyVX92YCIuA%2BPXJhNIWL1JYqeb%2BA8Xoljrc3C2wn8VMJ9M0S8QFUzo%2B5n2GB0g3ePjxnfrI%2BFqjZhTcqo2ErwblFL1lvLM8esyn7F41KWow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8b405f20e90ac436-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:961e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Fri, 16 Aug 2024 09:24:29 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LN9yaTwFeyn0nSLgz%2B%2BS%2FXeF2T52RBY%2F78RahYuHZcqtMLqdjr8xknqCZaEpPyUFMqROjjgQAzA5gvNUga2SOyrJc2vWNdBKQEk4aXBV70gGHMp185e%2FmXXVNKAMk3fCHzF3hKjAvk3axQemotWGUbLdz2G0DA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8b405f2339bf15bb-EWR
expires
0
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:961e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ansarishifting.world
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b405f22d9ae15bb-EWR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Fri, 16 Aug 2024 09:24:29 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnzgdXq7miAkf9EVjpCZkwnr5lTeuCDcA4FqykyQvLS361NO3RBmkUUcmExeXVlj962zZx7JoR5jfH9labtbqtSSwuFqjmy17mnz2kxCuOoa0zsEd4LqFXy7RGO8zLiLUpImPUBiU2hficl%2FL4fHu0DtVEYGEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:961e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ansarishifting.world/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Fri, 16 Aug 2024 09:24:30 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuRsYNBJujMwXdy8DHpaeGQOItx%2FrujD1axHLnn26CzFb72rgnbGVMHHE3h35dCoNXwbwbTL%2Bhwrivg0r20khHWkq4ABdnqHLYVMcU07bKD7TCQt1R4X1mnJKHCWUN3%2BDS6bNijP2ksX%2FeCospzYXYQLPgCujQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8b405f296b6715bb-EWR
expires
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint function| $ function| jQuery object| bootstrap function| datehax function| startTimer number| duration string| popUrl function| getPopUrl string| rightnow object| currentdate object| months function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| PDN string| FNP function| a0_0x48ee8f string| attrChoices string| domain string| pipeline object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| replaceUrlParam number| time_popup function| startTimerPopup function| showModalPopup function| popunder function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| a0_0x4a61 function| emailPixel function| overflowP function| showDisclaimer function| preventS function| comment function| like function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU function| showModal function| showOfferWallU function| count_p function| mfq_tags function| fadeInImgModal function| a0_0x3179 function| lazyLoad function| lazyLoadStartSurvey string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| cityURL string| stateURL string| languageCode string| countryCode string| questiontx string| of string| prod_var string| pname_modal function| cheers function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes

2 Cookies

Domain/Path Name / Value
prestinlevel.com/ Name: uid7366
Value: 1217131336-20240816052427-78f2a400a0a2933a4ff01e47d97c2068-0
ansarishifting.world/ Name: PHPSESSID
Value: 0864b6362278dbe948453d4fa234b086

1 Console Messages

Source Level URL
Text
other error URL: https://ansarishifting.world/bwkz/tllf/xqjv/evxj?9e5a1ecced43e5b46788b73b828449a0&country_id=231
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ansarishifting.world
event.trk-elevostra.com
prestinlevel.com
trk-elevostra.com
2606:4700:3035::6815:6008
2606:4700:3036::6815:58cc
2606:4700:3036::ac43:961e
94.154.173.227
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
0e34d082ccdc00408c7c4ddda543f1247f981ebc756c8458e2b6321d8a4d42a9
1a402f9a2cad96365b2432f5bce3521c99e48271874b97e1db5a90d3daee66ed
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30821b003dc6f23f1675a6a7e6c31e78f18db55f72a94e0af0f2209edda8ee8e
3162dde832bbe375a8283a599de3aa9db77bab71d2408d65fa2a78296fdc331c
415fcc5436be9039699e31bc9cbd8e6d8b23410581b0a72dac505d9fad85c691
4921e86e1c949a33cc2b898550944940b1c1a63d84eb852af1fa71dd33d49b1a
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5af5bbe1218311c09e6c7ec25a4b4a0973b43af1845f2bbe3f33e30d29dbd206
6397f628a28671d7cff67cc61337ae3592e014d873a3bb1e916dbed7ae23e48e
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
ae556a6321ad9ae901f31aeabcd4775612bb3772ee628e8719ae633127a7ad9f
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
c7bd9ccc452d1c9200981e984bc7613b647a62ca2ad34e08872de30ed3126ec6
d2b5c3361cef3984714d3322fca259a62f52b0dc57b22ad9a336f16d9a9c9244
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fefa3e85fed59b89802e41266cac25ccf6e15137f69b18b14f783e1719207106