www.retracepackage.com Open in urlscan Pro
2606:4700:3033::ac43:d468  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response www.retracepackage.com/lt/multi/contest19/	15 KB 4 KB	139ms 116ms	Document text/html	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 175db359a17becf64c758b89bdb54de2eb18ccb479a810bce2a944591775f779 Request headers :method GET :authority www.retracepackage.com :scheme https :path /lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-type text/html set-cookie __cfduid=d8963272e937f4fbc9d9e59bc78f6e4311607491997; expires=Fri, 08-Jan-21 05:33:17 GMT; path=/; domain=.retracepackage.com; HttpOnly; SameSite=Lax; Secure last-modified Fri, 13 Nov 2020 17:42:45 GMT vary Accept-Encoding expires Fri, 08 Jan 2021 05:33:18 GMT cache-control max-age=2592000 cf-cache-status DYNAMIC cf-request-id 06e7966903000005f185a65000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=69vQNAzKaR%2BcfMAHgC7%2Fgngvvm7yetVhowxoegMCQLeNs5A59ax6Iy9T5HW%2FDWOaMPyod8Rw50oNijRrCaOKX9MNn99HndtbqgJchAd5L4CGHUOP0GNShXTvGqGOFdLDoghD"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5fec59bb3bfd05f1-FRA content-encoding br
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	8 KB 3 KB	33ms 18ms	Script application/javascript	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding gzip cf-cache-status HIT server cloudflare age 3441 etag W/"f35a2111ffcc2dc2fded1fe3c98a7bee" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=43200 cf-ray 5fec59bc1d2c96f8-FRA cf-request-id 06e796698c000096f815393000000001 expires Wed, 09 Dec 2020 17:33:18 GMT
GET H2	200	auto-push.min.js Show response api.mdsyzz.info/	3 KB 2 KB	187ms 148ms	Script application/x-javascript	2606:4700:3032::681f:582e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.mdsyzz.info/auto-push.min.js Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::681f:582e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 032814cf4be1a49b079a1c3c0aceda71a8aecb63c4a4a65d01e0a632b4b2a476 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 08 Dec 2020 11:19:20 GMT server cloudflare x-powered-by ASP.NET etag W/"0ec25f953cdd61:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z0oYThDOMtJd3b1wvaxHQaDkCWyOqyfirmLiHGrN4ds3nNJhKqLtp0GFgV8BYGbOGygFBxMEZLdAFsH1NAX1xwO252zCCDa8JuWYAIiNNWe5mpjVvs25cWhsaR0%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * nel {"report_to":"cf-nel","max_age":604800} cf-ray 5fec59bc3d771756-FRA cf-request-id 06e79669a400001756ea33f000000001
GET H2	200	styles.css www.retracepackage.com/lt/multi/contest19/	21 KB 5 KB	12ms 11ms	Stylesheet text/css	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.retracepackage.com/lt/multi/contest19/styles.css Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4aed1e3e06ce0ab65f3020d615b35bbfb94844a91b216de8669b0b80bdfa39d8 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 cf-polished origSize=33563 cf-bgj minify cf-request-id 06e796697d000005f193942000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag W/"5faec595-831b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qObaJAYkELWlqoHC5cvfYfnzy7WM1b9GJMOK%2BZBH4GU%2Fiom3I10doLIK8K7WkGUZGmih4zqZG1HcVAoPIJysZEoS0BpPNdVcdJ%2FSyqIuqMb6ZFhJHjDouEBQiIYazB0xysrM"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 5fec59bbfd2605f1-FRA expires Wed, 06 Jan 2021 16:11:36 GMT
GET H2	200	modernizr.min.js Show response www.retracepackage.com/lt/multi/contest19/	11 KB 4 KB	12ms 11ms	Script application/javascript	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.retracepackage.com/lt/multi/contest19/modernizr.min.js Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 cf-request-id 06e796697d000005f180184000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag W/"5faec595-2b4c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JBnU2kf9HB5Jn1%2FxNrAouGQ28lsZpPqpi54hocz8EZSI2qMlMdtYk5OSYG0C0Zas%2B3fskThzQqicPo%2FSBMlN1dSvuEw03jACBMx%2ByoI7nrrNeHh6v9yfsQmc3Zy4gB3gLtCY"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 5fec59bbfd2705f1-FRA expires Wed, 06 Jan 2021 16:11:36 GMT
GET H2	200	logo.svg www.retracepackage.com/lt/multi/contest19/	922 B 830 B	11ms 10ms	Image image/svg+xml	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.retracepackage.com/lt/multi/contest19/logo.svg Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 192c954608ecc1bc65823d4e08f66d316492e233391808aadcde1d1c84020ca1 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 cf-request-id 06e7966a54000005f157b4e000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag W/"5faec595-39a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4MJUTGab%2Bbjf6%2FKdispAVNE52ZiRzTbpOF75fCKxQw5J6A9M8te4CxEYNSTM0QliP0qEICyCWU%2B3jVmzvCj%2Bizm%2FH2C3lXEZsjy84xE0%2Fo%2BIUA9xr3b%2F5k3JK9ORczPw4yFV"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=2592000 cf-ray 5fec59bd5f9905f1-FRA expires Wed, 06 Jan 2021 16:11:38 GMT
GET H2	200	icon-box.svg www.retracepackage.com/lt/multi/contest19/	1 KB 776 B	12ms 10ms	Image image/svg+xml	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.retracepackage.com/lt/multi/contest19/icon-box.svg Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62f7ef6281d5e0db3f14298ca3707ee3a9f61d1ee85ac5fa5dade011eafb32e9 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 cf-request-id 06e7966a54000005f15c00f000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag W/"5faec595-49e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aT3%2FYPlnbYxsIzyxRsTjHtsQwtAIREz2wHgy89y9UwuAxj11W5H0%2BwpIppZw%2FTBOpnlcSABCGNgPUJ%2FydNyST5jyIsoHU3ZtxrwGewJBEifYUY40u2IJopbBnUwWybLImDKE"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=2592000 cf-ray 5fec59bd5f9b05f1-FRA expires Wed, 06 Jan 2021 16:11:37 GMT
GET H2	200	s20.png www.retracepackage.com/lt/multi/contest19/	43 KB 43 KB	13ms 11ms	Image image/png	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.retracepackage.com/lt/multi/contest19/s20.png Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3755efb3bbfe37ac633387bd5bd5a550710551c8b68acbbc8a37b616f9870ef2 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 content-length 43767 cf-request-id 06e7966a54000005f1a40d9000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag "5faec595-aaf7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WzBBzPj3cQOzlJnrU2q6DbT7iKrERGw4QJJrC1vLQ0qy4ExrfWgiaYIocG1NJ6BoaO5qW%2Fh43Ycq1TpZotd2hRVf4PGhvWSRAae%2FUkezQM3FT0XCJZfB%2BiJ20QelS5FbKZiF"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 5fec59bd5f9d05f1-FRA expires Wed, 06 Jan 2021 16:11:38 GMT
GET H2	200	foot-icon01.svg www.retracepackage.com/lt/multi/contest19/	8 KB 3 KB	12ms 11ms	Image image/svg+xml	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.retracepackage.com/lt/multi/contest19/foot-icon01.svg Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72b5508eefd5a9c85c53de4e82c9e8821dea88160cddd36d31644506c1cbfa13 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 cf-request-id 06e7966a55000005f14fab5000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag W/"5faec595-1f3d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y4S8wL33HPAvb%2B%2Fn%2BltCXhMyrpq5Jq%2FRkxRAeiHKVXcvAkrWixPpIa7jZxrSCc6qs%2Fx3EGZwP9PSYm2D7QtVvJJIyycYzywY%2FDcDalDEfAcHBR7nZd3MjS3kwJfhAHjeiwM2"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=2592000 cf-ray 5fec59bd5f9e05f1-FRA expires Wed, 06 Jan 2021 16:11:38 GMT
GET H2	200	foot-icon02.svg www.retracepackage.com/lt/multi/contest19/	4 KB 2 KB	13ms 12ms	Image image/svg+xml	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.retracepackage.com/lt/multi/contest19/foot-icon02.svg Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00b79e96e2324306f897649364907340e7d6ed2199bd7cd928cc2bec37d7c287 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 cf-request-id 06e7966a55000005f17c2ca000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag W/"5faec595-10b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rGilPslsqSokBu7H2GcTLquKXVV6yO8ZlKziOBY3Cxi5PIcfwWOoPEtc28vQYvyWD6rYLB0NSUTFziwr15BTnxhpNb8OVYlVbbH4XMqhtNAv4uC7reqD6P2txUmmO2x%2FJgcr"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=2592000 cf-ray 5fec59bd5f9f05f1-FRA expires Wed, 06 Jan 2021 16:11:38 GMT
GET H2	200	foot-icon03.svg www.retracepackage.com/lt/multi/contest19/	4 KB 2 KB	18ms 17ms	Image image/svg+xml	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.retracepackage.com/lt/multi/contest19/foot-icon03.svg Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3263bb41c37e93568aa88421e753f4247c809c3dc7b8e21c701c966d16eee5b0 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 cf-request-id 06e7966a55000005f13684a000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag W/"5faec595-f1a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qrhvBIkrXZlzWle30%2BJRgpZzDyCv30xnYaKS%2B8QQOzFnOEp%2BbCxUL9H%2BtniwbE%2FUtdi8J6M5u1%2BX5Rb2ddAzTO5Z336WWHr4YcLjoDfn6JVFaHf01MP1fZGAcWzFd%2Fkl5q9f"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=2592000 cf-ray 5fec59bd5fa005f1-FRA expires Wed, 06 Jan 2021 16:11:38 GMT
GET H2	200	jquery-latest.min.js Show response www.retracepackage.com/lt/multi/contest19/	94 KB 32 KB	19ms 19ms	Script application/javascript	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.retracepackage.com/lt/multi/contest19/jquery-latest.min.js Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 cf-request-id 06e796699f000005f17da12000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag W/"5faec595-1762a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CSLfWr%2FL8eJ57tyKVQVYb3tBEpLz1pxX7hVdqmtZLZzq4YVfk4TZGVVgn5tJa04K4ZuMfro0lnoWqApyhVOR6TjgacYLyFNV1bIhj9gJyxidGLjvJ1%2F%2Ba%2FoRBMZwp%2FZJKUQo"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 5fec59bc3d8b05f1-FRA expires Wed, 06 Jan 2021 16:11:37 GMT
GET H2	200	svg4everybody.min.js Show response www.retracepackage.com/lt/multi/contest19/	2 KB 1 KB	12ms 12ms	Script application/javascript	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.retracepackage.com/lt/multi/contest19/svg4everybody.min.js Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f07f6a30a14463d06d1e492211b5a9291ee684f2a6d2c792363721297208e9fb Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 133469 cf-request-id 06e79669b6000005f17da14000000001 last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare etag W/"5faec595-893" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FlA4vT%2BC0UTlSte9g4OFcj%2B9CRtMSbYghvCXRTVfqHnTGaSZPFavVR55o4seo4vAkv3ERw%2BA0BDrro6cYpYky4Bztx%2BZc3iqunHr4aWfvR93kth3W7rCgjkhdnUYvhr5ctMJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 5fec59bc5e0105f1-FRA expires Wed, 06 Jan 2021 16:11:37 GMT
GET H2	200	country Show response country.yepshare.com/geoip/	534 B 1 KB	43ms 19ms	Script text/javascript	2606:4700:3033::681f:560b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://country.yepshare.com/geoip/country?callback=get_geoip Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:560b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash de72b9c1416240a92928c1cec2e7b119e8b8122bedf295ba69c8ef0ac5ca0b4f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status DYNAMIC x-fastly-country DE age 1554 x-powered-by Express x-cache HIT content-encoding br cf-request-id 06e79669da0000c2e0cc292000000001 x-served-by cache-hhn4080-HHN server cloudflare x-timer S1607491998.183916,VS0,VE0 etag W/"216-5gHsBaW4YbK89wOAIo5Yq+xcb8A" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L6n2tR6bBJKRetYIKxhCK6z6tbnLxW7gLNPfk3xa9WxOp27sOqKGnTCNySGE9nF0sPC71QkQTswYGACZJR2u9CS72fouK%2FbewXECwfQuzDVYBnsfufJ%2Bbzwc1L3Hx0QSxQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * x-cloudflare-country DE cf-ray 5fec59bc9ff8c2e0-FRA access-control-allow-headers X-Requested-With x-cache-hits 2
GET H/1.1	200 OK	p.js Show response my.rtmark.net/	697 B 1 KB	62ms 15ms	Script text/javascript	139.45.196.87 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/p.js?f=sync&lr=1&partner=6ec4dd9b6c2415c7516714d098675141f7c59ec2bad694d3ad5a6660f0429f30 Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.196.87 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash be1a344b94aa98e1270c43cfdb02b560cc0eaae9a2bdd89f5ca0816a24f3a606 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 09 Dec 2020 05:33:18 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type text/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Authorization Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token Content-Length 697
GET H/1.1	200 OK	segments.js Show response d.adtelligent.com/	16 B 428 B	78ms 21ms	Script application/javascript	185.239.174.10 24SHELLS
General Check archive.org Show headers Download Go to Full URL https://d.adtelligent.com/segments.js?id=256 Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.239.174.10 , United Kingdom, ASN55081 (24SHELLS, US), Reverse DNS Software VertaMedia 1.0 / Resource Hash 2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 09 Dec 2020 05:33:18 GMT Server VertaMedia 1.0 Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin https://www.retracepackage.com Access-Control-Allow-Credentials true Connection Keep-Alive Keep-Alive timeout=7200 Content-Length 16
GET H2	200	pixel.js Show response rtb.adx1.com/pixels/	532 B 609 B	304ms 100ms	Script text/javascript	38.122.162.114 COGENT-174
General Check archive.org Show headers Download Go to Full URL https://rtb.adx1.com/pixels/pixel.js?id=1277336&event=conversion&value=0 Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 38.122.162.114 Memphis, United States, ASN174 (COGENT-174, US), Reverse DNS Software openresty/1.15.8.3 / Resource Hash ea48d2bd92f365d290b7c044478a9dea6365f69e66b3f9757ab0e50dccd6104a Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT server openresty/1.15.8.3 content-length 532 content-type text/javascript
GET H2	500	05f285b2-a616-434c-8df8-f25de1dc71b6 Show response api.mdsyzz.info/rest/v1/p-apps/get-id/	50 B 728 B	288ms 273ms	XHR text/plain	2606:4700:3032::681f:582e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.mdsyzz.info/rest/v1/p-apps/get-id/05f285b2-a616-434c-8df8-f25de1dc71b6?url=https://www.retracepackage.com Requested by Host: api.mdsyzz.info URL: https://api.mdsyzz.info/auto-push.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::681f:582e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e7ca41e4c24aa3b2b1bf62fcc52e95c6e22c56bd2d98db84662aebd57227984e Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} x-aspnet-version 4.0.30319 x-powered-by ASP.NET failedat 4 content-length 50 cf-request-id 06e7966a4800002b1a6d257000000001 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B5prLVeit3cANxf5QoUidhKGog7zE%2BK2HT0QuAyx8HJ6dKTaIRq8U5uXQXe5DwoaZQstE%2BMkfUByv6U%2FoCCBw5YmJmh6T4lp4tkL7LN5iuXfNHoEbEg4QnHJpss%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control no-cache cf-ray 5fec59bd3abe2b1a-FRA expires -1
GET H2	404	icons.svg www.retracepackage.com/lt/multi/contest19/	0 0	111ms 110ms	Other text/html	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.retracepackage.com/lt/multi/contest19/icons.svg Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type text/html; charset=iso-8859-1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=whl4ok4ECc7KxcZQo8OaDc3Vc8mLOghyJsiTpi5IaCEo9NSBvm3el9E68eLaFEOTqsJdnd3GAFygF4OfsB7vKGY7DPQyhgWJBPSjDKTiA9VOQQfZz6M99%2BEgbK8uW4j2jK8p"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 cf-ray 5fec59bd5fa105f1-FRA cf-request-id 06e7966a55000005f1370a2000000001
GET H2	200	redirect Show response rtb.us4post.com/pixels/	35 B 179 B	385ms 128ms	Fetch image/gif	38.140.142.154 COGENT-174
General Check archive.org Show headers Download Go to Full URL https://rtb.us4post.com/pixels/redirect?id=1277336&event=conversion&value=0 Requested by Host: rtb.adx1.com URL: https://rtb.adx1.com/pixels/pixel.js?id=1277336&event=conversion&value=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 38.140.142.154 Fort Lauderdale, United States, ASN174 (COGENT-174, US), Reverse DNS Software openresty/1.15.8.3 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin https://www.retracepackage.com date Wed, 09 Dec 2020 05:33:18 GMT access-control-allow-credentials true server openresty/1.15.8.3 content-length 35 content-type image/gif
GET H2	200	redirect Show response rtb.eupost.link/pixels/	35 B 179 B	80ms 25ms	Fetch image/gif	149.6.163.10 COGENT-174
General Check archive.org Show headers Download Go to Full URL https://rtb.eupost.link/pixels/redirect?id=1277336&event=conversion&value=0 Requested by Host: rtb.adx1.com URL: https://rtb.adx1.com/pixels/pixel.js?id=1277336&event=conversion&value=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 149.6.163.10 Paris, France, ASN174 (COGENT-174, US), Reverse DNS Software openresty/1.15.8.3 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin https://www.retracepackage.com date Wed, 09 Dec 2020 05:33:18 GMT access-control-allow-credentials true server openresty/1.15.8.3 content-length 35 content-type image/gif
GET H2	200	en.json Show response www.retracepackage.com/lt/multi/contest19/lng/	2 KB 1004 B	118ms 118ms	XHR application/json	2606:4700:3033::ac43:d468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.retracepackage.com/lt/multi/contest19/lng/en.json Requested by Host: www.retracepackage.com URL: https://www.retracepackage.com/lt/multi/contest19/jquery-latest.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e6598af88bc24da39e0a2b2e64078cb9e9e5ce344a1c83d7aa3d1d16f2c5abe Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 05:33:18 GMT content-encoding br cf-cache-status DYNAMIC last-modified Fri, 13 Nov 2020 17:42:45 GMT server cloudflare age 0 etag W/"67a-5b4008e62fb68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS content-type application/json report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qko9%2BCGrDf%2FSDi1u7kI9zqJRPLoIuiuaiDp3%2BICXmPfy4OqQINBLDH0%2FS1aoSoHWqw%2B2Ax1T2RdiefL%2Bk%2FofCG0QyDu773yjMITptW%2BZu%2Bok1%2FXNZJZEWnCqcv%2FR8IsFK99w"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} cf-ray 5fec59bf1a9805f1-FRA cf-request-id 06e7966b6e000005f128107000000001
GET H/1.1	200 OK	img.gif my.rtmark.net/	43 B 707 B	41ms 40ms	Image image/gif	139.45.196.87 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://my.rtmark.net/img.gif?f=sync&partner=6ec4dd9b6c2415c7516714d098675141f7c59ec2bad694d3ad5a6660f0429f30&ttl=&rurl=https%3A%2F%2Fwww.retracepackage.com%2Flt%2Fmulti%2Fcontest19%2Findex.html%3Fdomain%3Drubytraffic.com%26amp%3Bsub_id%3D74651 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.196.87 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 09 Dec 2020 05:33:19 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type image/gif Access-Control-Allow-Origin * Access-Control-Expose-Headers Authorization Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token Content-Length 43

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Tracking (Transportation)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| OneSignal object| _at function| InitializePush function| myDomain function| getLocation function| CheckImageAndReplace function| httpGetAsync function| getUrlVars function| getUrlParam object| html5 object| Modernizr function| $ function| jQuery string| productLoc object| myUrl object| param function| svg4everybody object| jQuery111107377975806259427 boolean| changed_title function| _117gvxe9qj string| country string| code string| continent string| lg function| get_geoip function| makeGetRequest object| params string| url

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.retracepackage.com/	1970-01-19 15:14:43	Name: __cfduid Value: d8963272e937f4fbc9d9e59bc78f6e4311607491997

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://www.retracepackage.com/lt/multi/contest19/index.html?domain=rubytraffic.com&sub_id=74651(Line 436) Message: EU

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mdsyzz.info
cdn.onesignal.com
country.yepshare.com
d.adtelligent.com
my.rtmark.net
rtb.adx1.com
rtb.eupost.link
rtb.us4post.com
www.retracepackage.com
139.45.196.87
149.6.163.10
185.239.174.10
2606:4700:3032::681f:582e
2606:4700:3033::681f:560b
2606:4700:3033::ac43:d468
2606:4700::6812:e134
38.122.162.114
38.140.142.154
00b79e96e2324306f897649364907340e7d6ed2199bd7cd928cc2bec37d7c287
032814cf4be1a49b079a1c3c0aceda71a8aecb63c4a4a65d01e0a632b4b2a476
175db359a17becf64c758b89bdb54de2eb18ccb479a810bce2a944591775f779
192c954608ecc1bc65823d4e08f66d316492e233391808aadcde1d1c84020ca1
2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05
3263bb41c37e93568aa88421e753f4247c809c3dc7b8e21c701c966d16eee5b0
3755efb3bbfe37ac633387bd5bd5a550710551c8b68acbbc8a37b616f9870ef2
4aed1e3e06ce0ab65f3020d615b35bbfb94844a91b216de8669b0b80bdfa39d8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
62f7ef6281d5e0db3f14298ca3707ee3a9f61d1ee85ac5fa5dade011eafb32e9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e6598af88bc24da39e0a2b2e64078cb9e9e5ce344a1c83d7aa3d1d16f2c5abe
72b5508eefd5a9c85c53de4e82c9e8821dea88160cddd36d31644506c1cbfa13
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
be1a344b94aa98e1270c43cfdb02b560cc0eaae9a2bdd89f5ca0816a24f3a606
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
de72b9c1416240a92928c1cec2e7b119e8b8122bedf295ba69c8ef0ac5ca0b4f
e7ca41e4c24aa3b2b1bf62fcc52e95c6e22c56bd2d98db84662aebd57227984e
ea48d2bd92f365d290b7c044478a9dea6365f69e66b3f9757ab0e50dccd6104a
f07f6a30a14463d06d1e492211b5a9291ee684f2a6d2c792363721297208e9fb