mytrack5044.info Open in urlscan Pro
85.187.142.72 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mytrack5044.info/fd/form.php
Effective URL:
https://mytrack5044.info/fd/land.php
Submission: On July 09 via api (July 9th 2023, 7:27:49 am UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 85.187.142.72, located in United States and belongs to A2HOSTING, US. The main domain is mytrack5044.info.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 21st 2023. Valid for: 3 months.

This is the only time mytrack5044.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fedex (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
2 12	85.187.142.72 85.187.142.72	55293 (A2HOSTING) (A2HOSTING)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
22	8

12 85.187.142.72 (United States) 2 redirects

ASN55293 (A2HOSTING, US)
PTR: nl1-ss108.a2hosting.com

mytrack5044.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mytrack5044.info 2 redirects mytrack5044.info	181 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1040 c.clarity.ms — Cisco Umbrella Rank: 1589 x.clarity.ms — Cisco Umbrella Rank: 8804	26 KB
3	gstatic.com fonts.gstatic.com	33 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	49 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	1 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 258	742 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	10 KB
22	7

	Domain	Requested by
12	mytrack5044.info	2 redirects mytrack5044.info
3	fonts.gstatic.com	fonts.googleapis.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	mytrack5044.info www.clarity.ms
2	cdn.jsdelivr.net	mytrack5044.info
2	fonts.googleapis.com	mytrack5044.info
1	x.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	cdnjs.cloudflare.com	mytrack5044.info
22	9

This site contains no links.

Subject Issuer	Validity	Valid
track937361139.online cPanel, Inc. Certification Authority	`2023-05-21` - `2023-08-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mytrack5044.info/fd/land.php
Frame ID: 638C81EB4371146EB687064A3191D790
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FedEx Abholoptionen | Planen und verwalten Sie Ihre Abholungen

Page URL History Show full URLs

https://mytrack5044.info/fd/form.php HTTP 302
https://mytrack5044.info/fd/index.php HTTP 302
https://mytrack5044.info/fd/land.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

95 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

300 kB
Transfer

618 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mytrack5044.info/fd/form.php HTTP 302
https://mytrack5044.info/fd/index.php HTTP 302
https://mytrack5044.info/fd/land.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE32320DED3D4F8781355E7D8C0504D0&RedC=c.clarity.ms&MXFR=331123FA970C610E29B930B3930C6FAD HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE32320DED3D4F8781355E7D8C0504D0&MUID=0B9199BA2A3262D715AE8AF32BE063C6

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request land.php Show response
mytrack5044.info/fd/
Redirect Chain

https://mytrack5044.info/fd/form.php
https://mytrack5044.info/fd/index.php
https://mytrack5044.info/fd/land.php

32 KB
6 KB

52ms
51ms

Document
text/html

85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://mytrack5044.info/fd/land.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache / PHP/7.4.33

Resource Hash

6613fda8e0035273f1876526ed284a4f301b98c51a69d51186681a16e00d76e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5387
Content-Type: text/html; charset=UTF-8
Date: Sun, 09 Jul 2023 07:27:44 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=3, max=498
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.33

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 09 Jul 2023 07:27:44 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=3, max=499
Location: land.php
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.33

GET
H2 200 css2
fonts.googleapis.com/ 699 B
648 B 138ms
44ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dangrek:wght@100;300;400&display=swap

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a445cdc557fc630511df76a82c3d437fd0375eff8bbb7f1b75dc08d5e335c5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jul 2023 07:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 09 Jul 2023 07:27:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
862 B 139ms
46ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;700&display=swap

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24dd7afdb20c5ae3a1fdf39357f940416a487c81bb54ee2a533202aa9808d469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jul 2023 07:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 09 Jul 2023 07:27:44 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 56ms
8ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 09 Jul 2023 07:27:44 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2410906
x-jsd-version: 5.0.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230119-FRA
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 56 KB
10 KB 49ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 09 Jul 2023 07:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8083498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10022
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-de0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B19%2Fn1%2Fna1BVc5BKWqcLpV2TaoEWAWsooznMEBTOB196FE2r7QqmTzCl0jdEjtoCaqcg96KV%2FDvQSc2XHyyQ3CeANE%2FwNjB2lBEHluvfEh4PLIluHvnqu%2BzGFkgqIb%2BPLeIXh8AByAqxAOq2bGa4j5iG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e3ed8a02c601caf-FRA
expires: Fri, 28 Jun 2024 07:27:44 GMT

GET
H/1.1 200
OK css.css
mytrack5044.info/fd/css/ 11 KB
3 KB 23ms
21ms Stylesheet
text/css 85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://mytrack5044.info/fd/css/css.css

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache /

Resource Hash

c8873b39720dd5f9e1027e0866b71f9ba0f00ac0e018847417add640d2eaa2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/fd/land.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 09 Jul 2023 07:27:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 13:07:59 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Content-Length: 2586

GET
H/1.1 200
OK logo.png
mytrack5044.info/fd/img/ 18 KB
5 KB 55ms
25ms Image
image/png 85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrack5044.info/fd/img/logo.png

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache /

Resource Hash

99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/fd/land.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 09 Jul 2023 07:27:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 13:07:59 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Content-Length: 4467

GET
H/1.1 200
OK sprite-placeholder.png
mytrack5044.info/fd/img/ 8 KB
2 KB 62ms
22ms Image
image/png 85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrack5044.info/fd/img/sprite-placeholder.png

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache /

Resource Hash

6f46e13ab4b86da0407a98685e6cdf678aa732e29335fe0f441c2b816ddf0e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/fd/land.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 09 Jul 2023 07:27:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 13:07:59 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 1758

GET
H/1.1 200
OK girlfedex.jpg
mytrack5044.info/fd/img/ 59 KB
56 KB 65ms
26ms Image
image/jpeg 85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrack5044.info/fd/img/girlfedex.jpg

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache /

Resource Hash

d3c713646e90fdf69931ec50c650f78b3e36946b1a575e7ae9c846a5cea19a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/fd/land.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 09 Jul 2023 07:27:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 13:07:59 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 57302

GET
H/1.1 200
OK trolly.svg
mytrack5044.info/fd/img/ 5 KB
5 KB 58ms
19ms Image
image/svg+xml 85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrack5044.info/fd/img/trolly.svg

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache /

Resource Hash

25d3c856bbe08eac13822fe561074d497c8448bf7e66381eeae2aaddc388a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/fd/land.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 09 Jul 2023 07:27:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 13:07:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 4630

GET
H/1.1 200
OK backsign.svg
mytrack5044.info/fd/img/ 2 KB
2 KB 58ms
20ms Image
image/svg+xml 85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrack5044.info/fd/img/backsign.svg

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache /

Resource Hash

0c22ca5fd0f43e8b9595864ef751e20666b321dfee5ff4ab57f39737696faaa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/fd/land.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 09 Jul 2023 07:27:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 13:07:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 1901

GET
H/1.1 200
OK carbox.svg
mytrack5044.info/fd/img/ 4 KB
5 KB 35ms
22ms Image
image/svg+xml 85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrack5044.info/fd/img/carbox.svg

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache /

Resource Hash

5f87d49d51fb5639dab1e3e6190a706296d7bce78ffed06f93eeb287719b5bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/fd/land.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 09 Jul 2023 07:27:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 13:07:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 4399

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
24 KB 52ms
10ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 09 Jul 2023 07:27:44 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4036859
x-jsd-version: 5.0.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
x-served-by: cache-fra-eddf8230119-FRA
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gnuh603x6b Show response
www.clarity.ms/tag/ 667 B
1 KB 183ms
102ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gnuh603x6b
Requested by: Host: mytrack5044.info
URL: https://mytrack5044.info/fd/land.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c5a1dda805cc600fbef1ed586d734b125ba1b68d884b63479d32429ef27ac9ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: -1
date: Sun, 09 Jul 2023 07:27:44 GMT
x-azure-ref: 20230709T072744Z-y77t7vfuy53ph7v9xayvswh5uw00000005gg00000000q8fc
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 667
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H/1.1 200
OK menu-sprite.png
mytrack5044.info/fd/img/ 7 KB
7 KB 20ms
20ms Image
image/png 85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrack5044.info/fd/img/menu-sprite.png

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache /

Resource Hash

8c8e4cee94204596733d23753ae8cebddfc2157e56eae975f0ae7127b795a03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/fd/css/css.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 09 Jul 2023 07:27:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 13:07:59 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Content-Length: 6499

GET
H/1.1 200
OK girlwithlaptop.jpg
mytrack5044.info/fd/img/ 89 KB
89 KB 21ms
20ms Image
image/jpeg 85.187.142.72
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrack5044.info/fd/img/girlwithlaptop.jpg

Requested by

Host: mytrack5044.info
URL: https://mytrack5044.info/fd/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.187.142.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

nl1-ss108.a2hosting.com

Software

Apache /

Resource Hash

17dfdd2aac4b52fb18f0985827d2b3762f133c68590ba096415e87c0746dd446

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/fd/css/css.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 09 Jul 2023 07:27:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 13:07:59 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mytrack5044.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 08 Jul 2023 16:59:24 GMT
x-content-type-options: nosniff
age: 52100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 16:59:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 129ms
45ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mytrack5044.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 05 Jul 2023 01:47:19 GMT
x-content-type-options: nosniff
age: 366025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 01:47:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 159ms
74ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mytrack5044.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 04 Jul 2023 17:00:47 GMT
x-content-type-options: nosniff
age: 397617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11160
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 17:00:47 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 15ms
15ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gnuh603x6b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 09 Jul 2023 07:27:44 GMT
content-encoding: br
last-modified: Mon, 03 Jul 2023 06:56:14 GMT
etag: W/"0x8DB7B9297842775"
vary: Accept-Encoding
x-azure-ref: 20230709T072744Z-y77t7vfuy53ph7v9xayvswh5uw00000005gg00000000q8fp
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a9b9580f-c01e-0004-5648-afa3dc000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE32320DED3D4F8781355E7D8C0504D0&RedC=c.clarity.ms&MXFR=331123FA970C610E29B930B3930C6FAD
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE32320DED3D4F8781355E7D8C0504D0&MUID=0B9199BA2A3262D715AE8AF32BE063C6

42 B
466 B

27ms
27ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE32320DED3D4F8781355E7D8C0504D0&MUID=0B9199BA2A3262D715AE8AF32BE063C6
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytrack5044.info/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 07:27:45 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 09 Jul 2023 07:27:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D6ED59FBE5A24C0D9B098155B0F0DF4E Ref B: FRAEDGE1220 Ref C: 2023-07-09T07:27:45Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE32320DED3D4F8781355E7D8C0504D0&MUID=0B9199BA2A3262D715AE8AF32BE063C6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
296 B 428ms
205ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://mytrack5044.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin: https://mytrack5044.info
Date: Sun, 09 Jul 2023 07:27:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fedex (Transportation)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mytrack5044.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2f27c5e4fd9794b57d9c391100c20154
mytrack5044.info/	1970-01-20 13:51:19	Name: tkn Value: 69
www.clarity.ms/	1970-01-20 21:53:43	Name: CLID Value: 237d29bea3e840cdb2fdbe3f5548316c.20230709.20240708
.mytrack5044.info/	1970-01-20 21:53:43	Name: _clck Value: cnxj95\|2\|fd5\|0\|1285
.bing.com/	1970-01-20 22:29:43	Name: MUID Value: 0B9199BA2A3262D715AE8AF32BE063C6
.c.bing.com/	1970-01-20 13:18:12	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:29:43	Name: SRM_B Value: 0B9199BA2A3262D715AE8AF32BE063C6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:29:43	Name: MUID Value: 0B9199BA2A3262D715AE8AF32BE063C6
.c.clarity.ms/	1970-01-20 13:18:12	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 13:08:08	Name: ANONCHK Value: 0
.mytrack5044.info/	1970-01-20 13:09:34	Name: _clsk Value: 85oew0\|1688887665547\|1\|1\|x.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
mytrack5044.info
www.clarity.ms
x.clarity.ms
20.114.190.119
2606:4700::6811:180e
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:827::200a
2a04:4e42:400::485
68.219.88.97
85.187.142.72
0c22ca5fd0f43e8b9595864ef751e20666b321dfee5ff4ab57f39737696faaa5
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
17dfdd2aac4b52fb18f0985827d2b3762f133c68590ba096415e87c0746dd446
24dd7afdb20c5ae3a1fdf39357f940416a487c81bb54ee2a533202aa9808d469
25d3c856bbe08eac13822fe561074d497c8448bf7e66381eeae2aaddc388a2f7
5f87d49d51fb5639dab1e3e6190a706296d7bce78ffed06f93eeb287719b5bc4
6613fda8e0035273f1876526ed284a4f301b98c51a69d51186681a16e00d76e9
6f46e13ab4b86da0407a98685e6cdf678aa732e29335fe0f441c2b816ddf0e46
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8c8e4cee94204596733d23753ae8cebddfc2157e56eae975f0ae7127b795a03d
8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
a445cdc557fc630511df76a82c3d437fd0375eff8bbb7f1b75dc08d5e335c5c7
c5a1dda805cc600fbef1ed586d734b125ba1b68d884b63479d32429ef27ac9ed
c8873b39720dd5f9e1027e0866b71f9ba0f00ac0e018847417add640d2eaa2cb
d3c713646e90fdf69931ec50c650f78b3e36946b1a575e7ae9c846a5cea19a3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

mytrack5044.info Open in urlscan Pro 85.187.142.72 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

67 %IPv6

7 Domains

9 Subdomains

8 IPs

3 Countries

300 kBTransfer

618 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

12 Cookies

Security Headers

Indicators

mytrack5044.info Open in urlscan Pro
85.187.142.72 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

300 kB
Transfer

618 kB
Size

12
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!