2.servientregatracking.info Open in urlscan Pro
47.236.2.231 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://2.servientregatracking.info/
Submission: On May 07 via automatic, source certstream-suspicious (May 7th 2024, 8:21:14 am UTC) — Scanned from SG

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 34 HTTP transactions. The main IP is 47.236.2.231, located in Singapore and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is 2.servientregatracking.info.
TLS certificate: Issued by R3 on May 7th 2024. Valid for: 3 months.

This is the only time 2.servientregatracking.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fedex (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
6	47.236.2.231 47.236.2.231	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
10	185.107.83.119 185.107.83.119	43350 (NFORCE) (NFORCE)
1	86.108.190.145 86.108.190.145	16135 (TURKCELL-...) (TURKCELL-AS Turkcell A.S.)
4	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1 2	104.17.247.203 104.17.247.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.59.168.171 23.59.168.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
34	8

6 47.236.2.231 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

2.servientregatracking.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.107.83.119 (Netherlands)

ASN43350 (NFORCE, NL)

ffo3gv1cf3ir.merlincdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 86.108.190.145 (Turkey)

ASN16135 (TURKCELL-AS Turkcell A.S., TR)
PTR: fastlogin.com.tr

fastlogin.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.247.203 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.59.168.171 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-168-171.deploy.static.akamaitechnologies.com

www.fedex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	merlincdn.net ffo3gv1cf3ir.merlincdn.net — Cisco Umbrella Rank: 308333	400 KB
6	servientregatracking.info 2.servientregatracking.info	5 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	280 KB
2	fedex.com www.fedex.com — Cisco Umbrella Rank: 8672	25 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 771	6 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	30 KB
1	fastlogin.com.tr fastlogin.com.tr — Cisco Umbrella Rank: 295316 Failed	213 KB
34	7

	Domain	Requested by
10	ffo3gv1cf3ir.merlincdn.net	2.servientregatracking.info ffo3gv1cf3ir.merlincdn.net
6	2.servientregatracking.info	2.servientregatracking.info code.jquery.com
4	cdnjs.cloudflare.com	2.servientregatracking.info cdnjs.cloudflare.com
2	www.fedex.com	2.servientregatracking.info
2	unpkg.com	1 redirects 2.servientregatracking.info
1	code.jquery.com	2.servientregatracking.info
1	fastlogin.com.tr	2.servientregatracking.info fastlogin.com.tr
34	7

This site contains no links.

Subject Issuer	Validity	Valid
fedexe.shop R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
*.merlincdn.net Thawte TLS RSA CA G1	`2023-07-11` - `2024-06-15`	a year	crt.sh
*.fastlogin.com.tr GlobalSign RSA OV SSL CA 2018	`2024-04-26` - `2025-05-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
www.fedex.com Sectigo RSA Organization Validation Secure Server CA	`2024-04-16` - `2025-04-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://2.servientregatracking.info/
Frame ID: 4FBFC6D57D353D893B4AE2D29C4F386E
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detailed Tracking

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/

Page Statistics

34
Requests

71 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

8
IPs

5
Countries

958 kB
Transfer

1916 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@11.1.1/swiper-bundle.min.css

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
2.servientregatracking.info/ 17 KB
4 KB 483ms
15ms Document
text/html 47.236.2.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://2.servientregatracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.236.2.231 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: acd176e0a4507e6c6c2e3c9d05db45bff9b7fd438eae8a4701825a6fc64f13ac

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-length: 4311
content-type: text/html; charset=UTF-8
date: Tue, 07 May 2024 08:21:01 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 GreycliffCF-Regular.woff2
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/ 30 KB
30 KB 1861ms
1017ms Font
font/woff2 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/GreycliffCF-Regular.woff2?1773534948063

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

d438636e0bd8a3d3fb186e97094a6df438be2d44c995200a8fc19c5acf0fc190

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
via: HTTP/2.0 Merlin CDN
strict-transport-security: max-age=63072000
age: 38341
x-midtier: de-fra-dp-s05
x-cache-status: HIT
content-length: 30744
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:52 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 GreycliffCF-Bold.woff2
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/ 31 KB
31 KB 1469ms
626ms Font
font/woff2 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/GreycliffCF-Bold.woff2?1773534948063

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

bbf6306f0aa65400e72a31d58288ee368c340f54c52a3416b84829a663847860

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
via: HTTP/2.0 Merlin CDN
strict-transport-security: max-age=63072000
age: 38341
x-midtier: nl-naw3-ws-s14
x-cache-status: HIT
content-length: 31396
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:52 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 GreycliffCF-Medium.woff2
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/ 31 KB
31 KB 2392ms
1549ms Font
font/woff2 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/GreycliffCF-Medium.woff2?1773534948063

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

4e731d61a733d6768acaa4c546161ce3ff6bcc1bde4702fc8f5460e960098cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
via: HTTP/2.0 Merlin CDN
strict-transport-security: max-age=63072000
age: 38340
x-midtier: de-fra-dp-s05
x-cache-status: HIT
content-length: 31380
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:52 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 TurkcellIconFont.woff
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/ 24 KB
25 KB 1987ms
1144ms Font
font/woff 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/TurkcellIconFont.woff?1773534948063

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

fb6f7212776b51f179d591ff4ccb361f000fdd77bd1e617f583718ea907460a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
via: HTTP/2.0 Merlin CDN
strict-transport-security: max-age=63072000
age: 38287
x-midtier: nl-naw3-ws-s14
x-cache-status: HIT
content-length: 24760
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:52 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 vendors.css
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/styles/ 105 KB
21 KB 2163ms
1320ms Stylesheet
text/css 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/styles/vendors.css?1773534948063

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

fa658a114c8f5a95b8703f41bf947da22273bbefbe87fae72a218782ceb48501

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
strict-transport-security: max-age=63072000
age: 0
x-midtier: nl-naw3-ws-s14
x-cache-status: HIT
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:52 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000

GET
H2 200 smartbanner.min.css
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/styles/vendors/ 3 KB
1 KB 1108ms
266ms Stylesheet
text/css 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/styles/vendors/smartbanner.min.css?1773534948063

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

fc42c491fd516aa96b97fe66d40e58f52381b7be88ec26ec8f806b3dec9b7c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
strict-transport-security: max-age=63072000
age: 38307
x-midtier: de-fra-dp-s05
x-cache-status: HIT
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:52 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000

GET
H2 200 app.mobile.min.css
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/mobile/styles/ 860 KB
167 KB 1361ms
518ms Stylesheet
text/css 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/mobile/styles/app.mobile.min.css?1773534948063

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

5be9a6a1a650fe037e178fc7a5b2fee697f7de9f4a03d4f08821b920b9d8705a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
strict-transport-security: max-age=63072000
age: 38307
x-midtier: nl-naw3-ws-s14
x-cache-status: HIT
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:53 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000

GET IconFont.woff
fastlogin.com.tr/fast_static/assets/fonts/ 0
0

GET museo-sans-bold.woff2
fastlogin.com.tr/fast_static/assets/fonts/typekit/ 0
0

GET museo-sans.woff2
fastlogin.com.tr/fast_static/assets/fonts/typekit/ 0
0

GET GreycliffCF-Medium.woff2
fastlogin.com.tr/fast_static/assets/fonts/ 0
0

GET GreycliffCF-Regular.woff2
fastlogin.com.tr/fast_static/assets/fonts/ 0
0

GET GreycliffCF-Bold.woff2
fastlogin.com.tr/fast_static/assets/fonts/ 0
0

GET
H/1.1 200
OK main.min.css
fastlogin.com.tr/fast_static/assets/styles/ 212 KB
213 KB 3079ms
536ms Stylesheet
text/css 86.108.190.145
TURKCELL-AS Turkc...

General

Check archive.org

Show headers Download Go to

Full URL

https://fastlogin.com.tr/fast_static/assets/styles/main.min.css?v=202303-last

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

86.108.190.145 , Turkey, ASN16135 (TURKCELL-AS Turkcell A.S., TR),

Reverse DNS

fastlogin.com.tr

Software

Resource Hash

87df403286329ff3ea8e5493224d4b1c4aeaef2d3c3e630c36bad37628a32683

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 08:21:04 GMT
Last-Modified: Mon, 27 Mar 2023 21:13:21 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=26

GET
H2 404 navigation-desktop.css
2.servientregatracking.info/css/ 0
0 46ms
44ms Stylesheet
text/html 47.236.2.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://2.servientregatracking.info/css/navigation-desktop.css
Requested by: Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.236.2.231 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:01 GMT
server: Apache
content-length: 274
content-type: text/html; charset=iso-8859-1

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 640ms
24ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 967736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vv00nSEhBS2HlhiDaYmiT%2BcwksUB%2F3Zyg%2BYbJqKpiLOOSjxEdgoalUlGB8KGIfc75CDPk7JJqh%2F5Kb4FETnf7M3Cy6EuOf73Tzz4TTfsPYH0zLQy0xmNdpXO5%2FAoJnAbXV1E9K85"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87ffcb50b9da5f51-SIN
expires: Sun, 27 Apr 2025 08:21:02 GMT

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 630ms
13ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 927858
x-cache: HIT, HIT
content-length: 30336
x-served-by: cache-lga21978-LGA, cache-qpg120104-QPG
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715070062.198156,VS0,VE0
etag: W/"28feccc0-155ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 9, 65433

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@11.1.1/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@11.1.1/swiper-bundle.min.css

18 KB
6 KB

30ms
30ms

Stylesheet
text/css

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@11.1.1/swiper-bundle.min.css

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1709327d49e65c1ab54f2f85bea11706c9225cd89a6afa2306b9b1873dc20049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://2.servientregatracking.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2396743
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HV1MHTBFE4KG22H99R0FYHHA-sin
server: cloudflare
etag: "4800-rGtlXjKtcgD2vHJMUdjBNlDedoQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 87ffcb5139f040a9-SIN

Redirect headers

date: Tue, 07 May 2024 08:21:02 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HX9281W7NRNM2TGP41BXR21V-sin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 18
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@11.1.1/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 87ffcb50b97f40a9-SIN

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/ 100 KB
19 KB 640ms
25ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1243698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18778
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-495a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJ4JIWAL1xOrMBX2LFd3zJShAQKbfuKQUDZEBQAWN9vQXrPu1YV1TTvJ9E3DIKBY6BOxKdfHDjwm5hFGuYmIwAzkdKs%2BVCU4NDCMYykxZeCXaNeM0xWg26zf8fKCaO3ogoFgqtyq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87ffcb50b8023f9f-SIN
expires: Sun, 27 Apr 2025 08:21:02 GMT

GET
H2 200 logo.png
www.fedex.com/content/dam/fedex-com/logos/ 18 KB
18 KB 1069ms
34ms Image
image/png 23.59.168.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fedex.com/content/dam/fedex-com/logos/logo.png

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.59.168.171 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-59-168-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Sep 2023 12:46:37 GMT
server: Apache
akamai-grn: 0.a7a83b17.1715070062.4ba73fe
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/png
cache-control: max-age=85642
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 17964
expires: Wed, 08 May 2024 08:08:24 GMT

GET
H2 404 navigation-mobile.css
2.servientregatracking.info/css/ 0
0 54ms
54ms Stylesheet
text/html 47.236.2.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://2.servientregatracking.info/css/navigation-mobile.css
Requested by: Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.236.2.231 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:04 GMT
server: Apache
content-length: 274
content-type: text/html; charset=iso-8859-1

GET
H2 200 menu-sprite.png
www.fedex.com/etc.clientlibs/clientlibs/fedex/images/resources/ 7 KB
7 KB 32ms
31ms Image
image/png 23.59.168.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fedex.com/etc.clientlibs/clientlibs/fedex/images/resources/menu-sprite.png

Requested by

Host: 2.servientregatracking.info
URL: https://2.servientregatracking.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.59.168.171 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-59-168-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8c8e4cee94204596733d23753ae8cebddfc2157e56eae975f0ae7127b795a03d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:08 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 May 2024 20:55:31 GMT
server: Apache
akamai-grn: 0.a7a83b17.1715070068.4baa0be
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=82089
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 6736
expires: Wed, 08 May 2024 07:09:17 GMT

GET GreycliffCF-Regular.woff
fastlogin.com.tr/fast_static/assets/fonts/ 0
0

GET GreycliffCF-Bold.woff
fastlogin.com.tr/fast_static/assets/fonts/ 0
0

GET GreycliffCF-Medium.woff
fastlogin.com.tr/fast_static/assets/fonts/ 0
0

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/ 147 KB
147 KB 23ms
22ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:08 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1078192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-24a04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0OhoSlZVVbzDqG6i5elviue%2BCW4mSoGLSZv1yPp5QIMkwso8zvpgGr8qqVhfWd0lOH0Cr%2FNK094ifMXVUnX1NIvFsSy1IuudIH8%2Fc%2BeY72psTQUj%2B831tT7hm9I%2Bkl%2BMDohw9Sv"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87ffcb762e953f9f-SIN
expires: Sun, 27 Apr 2025 08:21:08 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/ 107 KB
108 KB 45ms
44ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:08 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1071525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109808
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-1acf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycGe8rwsszI5ynlW62YFTM1lQWOccgORnWNVND1%2B3yPimvrhVmGnVQIxeODPuobWv7HsYBvXrN37KxtXNAd2zCHrOB2TFpZeyz9ZBbrfhB1bEFTio%2BtkmCI1uX%2BU49%2FOrY%2B%2FoOHV"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87ffcb762e973f9f-SIN
expires: Sun, 27 Apr 2025 08:21:08 GMT

GET
H2 200 GreycliffCF-Medium.woff2
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/ 31 KB
31 KB 550ms
548ms Font
font/woff2 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/GreycliffCF-Medium.woff2

Requested by

Host: ffo3gv1cf3ir.merlincdn.net
URL: https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/mobile/styles/app.mobile.min.css?1773534948063

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

4e731d61a733d6768acaa4c546161ce3ff6bcc1bde4702fc8f5460e960098cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/mobile/styles/app.mobile.min.css?1773534948063
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:08 GMT
via: HTTP/2.0 Merlin CDN
strict-transport-security: max-age=63072000
age: 33184
x-midtier: de-fra-dp-s05
x-cache-status: HIT
content-length: 31380
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:52 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 GreycliffCF-Regular.woff2
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/ 30 KB
30 KB 573ms
572ms Font
font/woff2 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/GreycliffCF-Regular.woff2

Requested by

Host: ffo3gv1cf3ir.merlincdn.net
URL: https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/mobile/styles/app.mobile.min.css?1773534948063

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

d438636e0bd8a3d3fb186e97094a6df438be2d44c995200a8fc19c5acf0fc190

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/mobile/styles/app.mobile.min.css?1773534948063
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:08 GMT
via: HTTP/2.0 Merlin CDN
strict-transport-security: max-age=63072000
age: 28819
x-midtier: de-fra-dp-s05
x-cache-status: HIT
content-length: 30744
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:52 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 GreycliffCF-Bold.woff2
ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/ 31 KB
31 KB 630ms
629ms Font
font/woff2 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/common/fonts/GreycliffCF-Bold.woff2

Requested by

Host: ffo3gv1cf3ir.merlincdn.net
URL: https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/mobile/styles/app.mobile.min.css?1773534948063

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

MerlinCDN /

Resource Hash

bbf6306f0aa65400e72a31d58288ee368c340f54c52a3416b84829a663847860

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	turkcell.com.tr

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ffo3gv1cf3ir.merlincdn.net/static_lib/assetsv2/mobile/styles/app.mobile.min.css?1773534948063
Origin: https://2.servientregatracking.info
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:08 GMT
via: HTTP/2.0 Merlin CDN
strict-transport-security: max-age=63072000
age: 31716
x-midtier: de-fra-dp-s05
x-cache-status: HIT
content-length: 31396
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 06:28:52 GMT
server: MerlinCDN
x-frame-options: turkcell.com.tr
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-edge: nl-ams-nfc-s01
allow: GET, POST
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 404 fx-favicon.ico
2.servientregatracking.info/images/c/s1/ 274 B
325 B 50ms
49ms Other
text/html 47.236.2.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://2.servientregatracking.info/images/c/s1/fx-favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.236.2.231 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 81c51cf4e3067c2d11997f502379fb7b501a9c9dbe9b8f09c7dab4d8ca65b3c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://2.servientregatracking.info/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:08 GMT
server: Apache
content-length: 274
content-type: text/html; charset=iso-8859-1

POST
H2 200 visiter.php Show response
2.servientregatracking.info/ 16 B
88 B 325ms
325ms XHR
text/html 47.236.2.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://2.servientregatracking.info/visiter.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.7.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.236.2.231 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://2.servientregatracking.info/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:11 GMT
content-encoding: gzip
server: Apache
content-length: 36
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 200 visiter.php Show response
2.servientregatracking.info/ 0
40 B 33ms
32ms XHR
text/html 47.236.2.231
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://2.servientregatracking.info/visiter.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.7.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.236.2.231 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://2.servientregatracking.info/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:21:14 GMT
server: Apache
content-length: 0
content-type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlogin.com.tr
URL: https://fastlogin.com.tr/fast_static/assets/fonts/IconFont.woff?v=202303-last

Domain: fastlogin.com.tr
URL: https://fastlogin.com.tr/fast_static/assets/fonts/typekit/museo-sans-bold.woff2

Domain: fastlogin.com.tr
URL: https://fastlogin.com.tr/fast_static/assets/fonts/typekit/museo-sans.woff2

Domain: fastlogin.com.tr
URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Medium.woff2

Domain: fastlogin.com.tr
URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Regular.woff2

Domain: fastlogin.com.tr
URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Bold.woff2

Domain: fastlogin.com.tr
URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Regular.woff

Domain: fastlogin.com.tr
URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Bold.woff

Domain: fastlogin.com.tr
URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Medium.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fedex (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| visiter_live

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://2.servientregatracking.info/css/navigation-desktop.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://2.servientregatracking.info/ Message: Access to font at 'https://fastlogin.com.tr/fast_static/assets/fonts/IconFont.woff?v=202303-last' from origin 'https://2.servientregatracking.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastlogin.com.tr/fast_static/assets/fonts/IconFont.woff?v=202303-last Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2.servientregatracking.info/ Message: Access to font at 'https://fastlogin.com.tr/fast_static/assets/fonts/typekit/museo-sans.woff2' from origin 'https://2.servientregatracking.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastlogin.com.tr/fast_static/assets/fonts/typekit/museo-sans.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2.servientregatracking.info/ Message: Access to font at 'https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Bold.woff2' from origin 'https://2.servientregatracking.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2.servientregatracking.info/ Message: Access to font at 'https://fastlogin.com.tr/fast_static/assets/fonts/typekit/museo-sans-bold.woff2' from origin 'https://2.servientregatracking.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastlogin.com.tr/fast_static/assets/fonts/typekit/museo-sans-bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2.servientregatracking.info/ Message: Access to font at 'https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Regular.woff2' from origin 'https://2.servientregatracking.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2.servientregatracking.info/ Message: Access to font at 'https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Medium.woff2' from origin 'https://2.servientregatracking.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://2.servientregatracking.info/css/navigation-mobile.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://2.servientregatracking.info/ Message: Access to font at 'https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Bold.woff' from origin 'https://2.servientregatracking.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2.servientregatracking.info/ Message: Access to font at 'https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Medium.woff' from origin 'https://2.servientregatracking.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2.servientregatracking.info/ Message: Access to font at 'https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Regular.woff' from origin 'https://2.servientregatracking.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastlogin.com.tr/fast_static/assets/fonts/GreycliffCF-Regular.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://2.servientregatracking.info/images/c/s1/fx-favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.servientregatracking.info
cdnjs.cloudflare.com
code.jquery.com
fastlogin.com.tr
ffo3gv1cf3ir.merlincdn.net
unpkg.com
www.fedex.com
fastlogin.com.tr
104.17.247.203
104.17.25.14
151.101.194.137
185.107.83.119
23.59.168.171
47.236.2.231
86.108.190.145
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
1709327d49e65c1ab54f2f85bea11706c9225cd89a6afa2306b9b1873dc20049
4e731d61a733d6768acaa4c546161ce3ff6bcc1bde4702fc8f5460e960098cf1
5be9a6a1a650fe037e178fc7a5b2fee697f7de9f4a03d4f08821b920b9d8705a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81c51cf4e3067c2d11997f502379fb7b501a9c9dbe9b8f09c7dab4d8ca65b3c1
87df403286329ff3ea8e5493224d4b1c4aeaef2d3c3e630c36bad37628a32683
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8c8e4cee94204596733d23753ae8cebddfc2157e56eae975f0ae7127b795a03d
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
acd176e0a4507e6c6c2e3c9d05db45bff9b7fd438eae8a4701825a6fc64f13ac
bbf6306f0aa65400e72a31d58288ee368c340f54c52a3416b84829a663847860
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d438636e0bd8a3d3fb186e97094a6df438be2d44c995200a8fc19c5acf0fc190
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa658a114c8f5a95b8703f41bf947da22273bbefbe87fae72a218782ceb48501
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
fb6f7212776b51f179d591ff4ccb361f000fdd77bd1e617f583718ea907460a6
fc42c491fd516aa96b97fe66d40e58f52381b7be88ec26ec8f806b3dec9b7c77
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

2.servientregatracking.info Open in urlscan Pro 47.236.2.231 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

71 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

8 IPs

5 Countries

958 kBTransfer

1916 kBSize

0 Cookies

0 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

21 Console Messages

Indicators

2.servientregatracking.info Open in urlscan Pro
47.236.2.231 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

71 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

8
IPs

5
Countries

958 kB
Transfer

1916 kB
Size

0
Cookies

34 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!