info-tracking.info Open in urlscan Pro
172.187.229.14 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cubasim.com/1.php
Effective URL:
https://info-tracking.info/
Submission: On June 01 via manual (June 1st 2024, 1:25:29 am UTC) from SG — Scanned from SG

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 172.187.229.14, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is info-tracking.info.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.

This is the only time info-tracking.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.214.110.165 162.214.110.165	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
18	172.187.229.14 172.187.229.14	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.76.138 142.250.76.138	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	3

1 162.214.110.165 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-208653.topupservices.com

cubasim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.187.229.14 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

info-tracking.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.76.138 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	info-tracking.info info-tracking.info	730 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	4 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380	31 KB
1	cubasim.com 1 redirects cubasim.com	250 B
20	4

	Domain	Requested by
18	info-tracking.info	info-tracking.info
1	cdnjs.cloudflare.com	info-tracking.info
1	ajax.googleapis.com	info-tracking.info
1	cubasim.com	1 redirects
20	4

This site contains no links.

Subject Issuer	Validity	Valid
info-tracking.info R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://info-tracking.info/
Frame ID: 6FDEFF19E815D60D47860DC443CABCEE
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tracker

Page URL History Show full URLs

https://cubasim.com/1.php HTTP 301
https://info-tracking.info/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

764 kB
Transfer

849 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cubasim.com/1.php HTTP 301
https://info-tracking.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
info-tracking.info/
Redirect Chain

https://cubasim.com/1.php
https://info-tracking.info/

10 KB
4 KB

3952ms
1651ms

Document
text/html

172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PHP/8.1.28 PleskLin
Resource Hash: 05c839b2390a765b2508a4cd47ebf021c6ac4ae9ba7ca19c318dfd737280bd70

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 3314
content-type: text/html; charset=UTF-8
date: Sat, 01 Jun 2024 01:25:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.1.28 PleskLin

Redirect headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 01 Jun 2024 01:25:16 GMT
Keep-Alive: timeout=5, max=100
Location: https://info-tracking.info/
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 card-reader.js Show response
info-tracking.info/js/ 17 KB
6 KB 345ms
340ms Script
text/javascript 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://info-tracking.info/js/card-reader.js
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:21 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 11:08:49 GMT
server: nginx
etag: W/"6659afc1-4372"
x-powered-by: PleskLin
content-type: text/javascript

GET
H2 200 index.css
info-tracking.info/css/ 12 KB
2 KB 331ms
327ms Stylesheet
text/css 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://info-tracking.info/css/index.css
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 713312881a67974659efe42ae1ad49d794e24afca6f5f4c684ce414e181e5f22

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:21 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 11:09:00 GMT
server: nginx
etag: W/"6659afcc-2e32"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 1380ms
301ms Script
text/javascript 142.250.76.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: info-tracking.info
URL: https://info-tracking.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.138 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f10.1e100.net

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 23:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 May 2025 23:58:41 GMT

GET
H2 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 8 KB
4 KB 1125ms
261ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js

Requested by

Host: info-tracking.info
URL: https://info-tracking.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 801898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3074
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-2087"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UIcjKgXrVClxI9jIhjKtSUT4uQV0KEROQVbZu0ArE6C6U3DcTIc07clDM2xfmkNWdMYYBYSaJ39ef9pCqjp725HERYRobrQsxSJlYBYV12p%2BmtW4glbH0YpVFTHfiJ2Zs7MsCuZr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88cb68cd7bee819c-SIN
expires: Thu, 22 May 2025 01:25:22 GMT

GET
H2 200 logo.svg
info-tracking.info/img/ 2 KB
2 KB 338ms
337ms Image
image/svg+xml 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/logo.svg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:21 GMT
last-modified: Fri, 31 May 2024 11:09:03 GMT
server: nginx
etag: "6659afcf-643"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1603

GET
H2 200 down.png
info-tracking.info/img/ 347 B
516 B 531ms
530ms Image
image/png 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/down.png
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ba5e989876fa29d931bf72e833d665ea2af12ca5a0fbb59f190d2312ca3a2ad7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:21 GMT
last-modified: Fri, 31 May 2024 11:09:02 GMT
server: nginx
x-accel-version: 0.01
etag: "15b-619be02de08e4"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 347

GET
H2 200 1.svg
info-tracking.info/img/ 2 KB
2 KB 331ms
330ms Image
image/svg+xml 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/1.svg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7fb04530877285cb70aba19ab2f3eb8c2fcca66c408ca68715bd58e2dfee2b33

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:00 GMT
server: nginx
etag: "6659afcc-6e6"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1766

GET
H2 200 2.svg
info-tracking.info/img/ 786 B
959 B 342ms
341ms Image
image/svg+xml 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/2.svg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 33e4d6ea85fcc033bc1d066cc202ae0a5a64dbbba953dce91874e81391d54eef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:00 GMT
server: nginx
x-accel-version: 0.01
etag: "312-619be02baa268"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 786

GET
H2 200 3.svg
info-tracking.info/img/ 764 B
937 B 1178ms
1177ms Image
image/svg+xml 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/3.svg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: bea8a5bcb115d49d5222c79804eeaceadd425c1b36c19396e746749dcc5d9be3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:00 GMT
server: nginx
x-accel-version: 0.01
etag: "2fc-619be02bcd4e8"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 764

GET
H2 200 4.svg
info-tracking.info/img/ 392 B
565 B 1151ms
1149ms Image
image/svg+xml 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/4.svg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ca4c1ad509fd5285e670f5aca7f9b9ea1c425b85749cf6cdcba51c1a9f93d577

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:00 GMT
server: nginx
x-accel-version: 0.01
etag: "188-619be02bf8467"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 392

GET
H2 200 5.svg
info-tracking.info/img/ 2 KB
2 KB 1154ms
1152ms Image
image/svg+xml 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/5.svg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5e1dbf589440c83fb3b7ad3e5ab21ed85dd48b7dbf3b59eb92f759465cd9caa2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:01 GMT
server: nginx
etag: "6659afcd-765"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1893

GET
H2 200 6.svg
info-tracking.info/img/ 378 B
551 B 1154ms
1153ms Image
image/svg+xml 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/6.svg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 459695cd37aba6102ac4ddd47bbfa857afc77c7ff69868c30a00ca9e6f622645

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:01 GMT
server: nginx
x-accel-version: 0.01
etag: "17a-619be02c44727"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 378

GET
H2 200 1.jpeg
info-tracking.info/img/background-card/ 172 KB
172 KB 1445ms
1444ms Image
image/jpeg 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/background-card/1.jpeg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0943441cce4ddba7b91d347a93a7ab1e6b1282c64e5dfd846563a47d4fab0419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:01 GMT
server: nginx
etag: "6659afcd-2af44"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 175940

GET
H2 200 2.jpeg
info-tracking.info/img/background-card/ 160 KB
160 KB 1169ms
1168ms Image
image/jpeg 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/background-card/2.jpeg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4206680a9ba9581f85f757068ea2738d7298864e7fb547fbc04c772ce28fa12b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:01 GMT
server: nginx
etag: "6659afcd-28067"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 163943

GET
H2 200 3.jpeg
info-tracking.info/img/background-card/ 169 KB
169 KB 675ms
674ms Image
image/jpeg 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/background-card/3.jpeg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: cb1952f989e6a250245f337b6a4cb3f2fd83219da88340b798a9a951c11620ce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:02 GMT
server: nginx
etag: "6659afce-2a4a9"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 173225

GET
H2 200 footer-logo.svg
info-tracking.info/img/ 4 KB
5 KB 330ms
329ms Image
image/svg+xml 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/footer-logo.svg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 90fb9be0fae070f08d943401c91c851f70f58ceaf874f4e75aeed2ac3c5a38da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:24 GMT
last-modified: Fri, 31 May 2024 11:09:03 GMT
server: nginx
etag: "6659afcf-1197"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4503

GET
H2 200 background.jpg
info-tracking.info/img/ 94 KB
94 KB 1506ms
1506ms Image
image/jpeg 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/background.jpg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8f1ebdc817062f76c282bb6f6c0b80aa0fa81d08295cb223e672a162fe26e1d0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/css/index.css
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:02 GMT
server: nginx
etag: "6659afce-17820"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 96288

GET
H2 200 4.jpeg
info-tracking.info/img/background-card/ 106 KB
107 KB 1536ms
1535ms Image
image/jpeg 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-tracking.info/img/background-card/4.jpeg
Requested by: Host: info-tracking.info
URL: https://info-tracking.info/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 80c11f16439c2c376dad2ca5784dc763b94e5fa1cef7a9d1f0805e6dcfbf45fc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/css/index.css
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:22 GMT
last-modified: Fri, 31 May 2024 11:09:02 GMT
server: nginx
etag: "6659afce-1a9ac"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 108972

GET
H2 200 favicon.ico
info-tracking.info/img/ 1 KB
1 KB 555ms
554ms Other
image/vnd.microsoft.icon 172.187.229.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://info-tracking.info/img/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.187.229.14 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info-tracking.info/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 01:25:24 GMT
last-modified: Fri, 31 May 2024 11:09:02 GMT
server: nginx
etag: "6659afce-47e"
x-powered-by: PleskLin
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 1150

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| DisableDevtool function| $ function| jQuery object| $jscomp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			info-tracking.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1njimh2rob8tajol4kqc6l32hr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
cubasim.com
info-tracking.info
104.17.25.14
142.250.76.138
162.214.110.165
172.187.229.14
05c839b2390a765b2508a4cd47ebf021c6ac4ae9ba7ca19c318dfd737280bd70
0943441cce4ddba7b91d347a93a7ab1e6b1282c64e5dfd846563a47d4fab0419
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
33e4d6ea85fcc033bc1d066cc202ae0a5a64dbbba953dce91874e81391d54eef
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
4206680a9ba9581f85f757068ea2738d7298864e7fb547fbc04c772ce28fa12b
459695cd37aba6102ac4ddd47bbfa857afc77c7ff69868c30a00ca9e6f622645
5e1dbf589440c83fb3b7ad3e5ab21ed85dd48b7dbf3b59eb92f759465cd9caa2
713312881a67974659efe42ae1ad49d794e24afca6f5f4c684ce414e181e5f22
7fb04530877285cb70aba19ab2f3eb8c2fcca66c408ca68715bd58e2dfee2b33
80c11f16439c2c376dad2ca5784dc763b94e5fa1cef7a9d1f0805e6dcfbf45fc
8f1ebdc817062f76c282bb6f6c0b80aa0fa81d08295cb223e672a162fe26e1d0
90fb9be0fae070f08d943401c91c851f70f58ceaf874f4e75aeed2ac3c5a38da
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
ba5e989876fa29d931bf72e833d665ea2af12ca5a0fbb59f190d2312ca3a2ad7
bea8a5bcb115d49d5222c79804eeaceadd425c1b36c19396e746749dcc5d9be3
ca4c1ad509fd5285e670f5aca7f9b9ea1c425b85749cf6cdcba51c1a9f93d577
cb1952f989e6a250245f337b6a4cb3f2fd83219da88340b798a9a951c11620ce
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

info-tracking.info Open in urlscan Pro 172.187.229.14 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

764 kBTransfer

849 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

info-tracking.info Open in urlscan Pro
172.187.229.14 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

764 kB
Transfer

849 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!