Report - trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

Report Overview

Submitted URL
trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
IP
109.206.191.154
ASN
#50245 Serverel Inc.
Submitted
2023-02-06 21:47:10
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
70

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.213.121.129
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	60 kB	34.120.237.76
trackwin.net	unknown	2019-05-17T05:19:53Z	2023-03-10T14:35:55Z	34 kB	163 kB	109.206.191.154
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-06 21:47:46	medium	109.206.191.154	Client IP	ET POLICY WebRTC IP tracking Javascript

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-06	medium	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	Phishing
2023-02-06	medium	trackwin.net/js/out/core.js	Phishing
2023-02-06	medium	trackwin.net/js/vendor/evercookie/js/swfobject-2.2.min.js	Phishing
2023-02-06	medium	trackwin.net/js/vendor/evercookie/js/eckie.js	Phishing
2023-02-06	medium	trackwin.net/etag.php	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8589966190561154	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7079512970146804	Phishing
2023-02-06	medium	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	Phishing
2023-02-06	medium	trackwin.net/etag.php	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7691879444918539	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.23909553743738488	Phishing
2023-02-06	medium	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	Phishing
2023-02-06	medium	trackwin.net/etag.php	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7115150175164517	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.5649503985691936	Phishing
2023-02-06	medium	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	Phishing
2023-02-06	medium	trackwin.net/etag.php	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8464124402560405	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8788699739324557	Phishing
2023-02-06	medium	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	Phishing
2023-02-06	medium	trackwin.net/etag.php	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6176417412872933	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6653917912252545	Phishing
2023-02-06	medium	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	Phishing
2023-02-06	medium	trackwin.net/etag.php	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.41496378348382534	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.22444192301934351	Phishing
2023-02-06	medium	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	Phishing
2023-02-06	medium	trackwin.net/etag.php	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6769198992844616	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.477382491845212	Phishing
2023-02-06	medium	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	Phishing
2023-02-06	medium	trackwin.net/etag.php	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.9387883749061415	Phishing
2023-02-06	medium	trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.2561249192633468	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	trackwin.net/js/vendor/evercookie/js/swfobject-2.2.min.js	10 kB	2023-03-08	2024-02-24
Pretty URL trackwin.net/js/vendor/evercookie/js/swfobject-2.2.min.js IP 109.206.191.154 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:11:28 Last Seen2024-02-24 05:43:26 Times Seen93 Hash 1d9de1ee4d0506c961879defa754e39e 54eb2eee074f410a1ded764bb6be0691726768ca 9e5ce0263c3be2bbde8f13f01633cea5a06a35776500bc3ab88cca75669dea0b Loading...

	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	23 B	2023-03-08	2023-10-20
Pretty URL trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ IP 109.206.191.154 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:11:28 Last Seen2023-10-20 06:03:41 Times Seen11 Hash c6f4c1afe4c9adceba1b6b2c868d1ecb 72f0b27e7b7e784d8833e0d8103a0c2cfeb775ee 16a7288e55ddb4d3d516006190a1331ee0083c11eda5e847c3923ac91f5cfc0b Loading...

	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	23 B	2023-03-08	2023-10-20
Pretty URL trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ IP 109.206.191.154 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:11:28 Last Seen2023-10-20 06:03:41 Times Seen11 Hash d8ef8c178e0679334ed1342954125e07 7531511310e3179b2dee0c5b021fb2057cb04b8c 1468f9173824889f5e31d4a34b4fbf2bf27a3ebd803726da2375f3754b7e6dee Loading...

	trackwin.net/js/out/core.js	8.1 kB	2023-03-08	2023-08-25
Pretty URL trackwin.net/js/out/core.js IP 109.206.191.154 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:11:28 Last Seen2023-08-25 22:48:39 Times Seen88 Hash ece2bdda90cac26309742f4bd2b6091a 637b4c5f8841377c9d3cb799cb98657e2828002c b955441e65520b7a579cb17de09b8ac6c315d2480c68fe05f547ccb109864c61 Loading...

	trackwin.net/js/vendor/evercookie/js/eckie.js	40 kB	2023-03-08	2023-11-23
Pretty URL trackwin.net/js/vendor/evercookie/js/eckie.js IP 109.206.191.154 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:11:28 Last Seen2023-11-23 09:50:15 Times Seen57 Hash 620f017208c169970372e41c5c2c7550 3269411f439638cac7cb3288d59ebb96c99fc1a0 07efef7c3beb939b0fff4634e02d5088cb527509b6d2276500b41154ed9cd5fd Loading...

	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	4.1 kB	2023-03-13	2023-03-13
Pretty URL trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ IP 109.206.191.154 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:37:48 Last Seen2023-03-13 18:37:48 Times Seen1 Hash b35e8b3c386f6874a45cb4990e9cf989 2b36c643b26f355f2c10be01f3236dff0972ada8 565ec46defc0084d4b7ba711bf0849a49dd3bb8955d6f48847d82b43c27daf2f Loading...

	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	23 B	2023-03-08	2023-10-20
Pretty URL trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ IP 109.206.191.154 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:11:28 Last Seen2023-10-20 06:03:41 Times Seen11 Hash 8e1a534b7eb92117ba036bb97391c6b8 ef44b2ea9bda52ff5689cfeccd6346aedd9b7431 aff5f5e3220aa42845c9af22c2e975c1fe7e27be9eeac36d8f05003ad3470373 Loading...

	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	23 B	2023-03-08	2023-10-20
Pretty URL trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ IP 109.206.191.154 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:11:28 Last Seen2023-10-20 06:03:41 Times Seen11 Hash 19745b53ee837ec756ab9ac39105703b eae0bf563b34f8de7c57236d8099b72065117af9 d330b2cf68c2f9993c743cdccf8ef776992542366de5328f4f415eeae3860609 Loading...

	trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/	23 B	2023-03-08	2023-10-20
Pretty URL trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ IP 109.206.191.154 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:11:28 Last Seen2023-10-20 06:03:41 Times Seen11 Hash d59b283e97fcae3a849b070cea32b957 46e08d4f9a4b2ed34fe75ad7fc00f133a6de5add 850366306daf148f2db92a602fd2143e0fd59d7803366d10bd0c54b8269455e3 Loading...

HTTP Transactions (79)

URL IP Response Size

trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

109.206.191.154

200 OK

9.8 kB

URL HTTP/1.1
trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4721)
Size
9.8 kB (9798 bytes)
Hash
9fb335769acc61af7f2235f038ca93bc
173aedfc04560af1005193ff0657754067c78e33
5dd23890ef2224669aa2fc8a12fba567d625f393f5629f094cc5cf430c65ec86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9798
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16912
Expires: Tue, 07 Feb 2023 02:28:51 GMT
Date: Mon, 06 Feb 2023 21:46:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4611
Expires: Mon, 06 Feb 2023 23:03:50 GMT
Date: Mon, 06 Feb 2023 21:46:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13544
Expires: Tue, 07 Feb 2023 01:32:43 GMT
Date: Mon, 06 Feb 2023 21:46:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 21:34:06 GMT
content-type: application/json
age: 773
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: s8nJEEPYtirnF7zG5TSfTttsebbCJbXG9XmH4zcmGHqq4X96d7t277Tl+T7WoSlvP31xGH1sseg=
x-amz-request-id: W6M05YPXCY423H27
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 21:45:19 GMT
age: 100
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 21:46:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

trackwin.net/js/out/core.js

109.206.191.154

200 OK

8.1 kB

URL HTTP/1.1
trackwin.net/js/out/core.js
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with CRLF line terminators
Size
8.1 kB (8102 bytes)
Hash
ece2bdda90cac26309742f4bd2b6091a
637b4c5f8841377c9d3cb799cb98657e2828002c
b955441e65520b7a579cb17de09b8ac6c315d2480c68fe05f547ccb109864c61

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET POLICY WebRTC IP tracking Javascript

HTTP Headers

GET /js/out/core.js HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Content-Type: application/javascript
Content-Length: 8102
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-1fa6"
Accept-Ranges: bytes

trackwin.net/js/vendor/evercookie/js/swfobject-2.2.min.js

109.206.191.154

200 OK

10 kB

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/js/swfobject-2.2.min.js
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with very long lines (10071)
Size
10 kB (10221 bytes)
Hash
1d9de1ee4d0506c961879defa754e39e
54eb2eee074f410a1ded764bb6be0691726768ca
9e5ce0263c3be2bbde8f13f01633cea5a06a35776500bc3ab88cca75669dea0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/vendor/evercookie/js/swfobject-2.2.min.js HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Content-Type: application/javascript
Content-Length: 10221
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-27ed"
Accept-Ranges: bytes

trackwin.net/js/vendor/evercookie/js/eckie.js

109.206.191.154

200 OK

40 kB

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/js/eckie.js
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
C source, ASCII text
Size
40 kB (40371 bytes)
Hash
620f017208c169970372e41c5c2c7550
3269411f439638cac7cb3288d59ebb96c99fc1a0
07efef7c3beb939b0fff4634e02d5088cb527509b6d2276500b41154ed9cd5fd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/vendor/evercookie/js/eckie.js HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Content-Type: application/javascript
Content-Length: 40371
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-9db3"
Accept-Ranges: bytes

trackwin.net/etag.php

109.206.191.154

200 OK

4.3 kB

URL HTTP/1.1
trackwin.net/etag.php
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
MS Windows icon resource - 1 icon, 32x32, 32 planes, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
dfad22ee47b5c6c46999d1548e8cd74b
30fa0f1d934bf23079e036b49fc43d4bc07fff7b
0fcc7db2de8a5504f039b8a0cd5390ba1656fe71a677c93b08cf60c720e8638b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etag.php HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
ETag: ""

trackwin.net/favicon.ico

109.206.191.154

200 OK

4.3 kB

URL HTTP/1.1
trackwin.net/favicon.ico
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
MS Windows icon resource - 1 icon, 32x32, 32 planes, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
dfad22ee47b5c6c46999d1548e8cd74b
30fa0f1d934bf23079e036b49fc43d4bc07fff7b
0fcc7db2de8a5504f039b8a0cd5390ba1656fe71a677c93b08cf60c720e8638b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-10be"
Accept-Ranges: bytes

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

200 OK

1.9 kB

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
PHP script, ASCII text
Size
1.9 kB (1947 bytes)
Hash
cbbcdf7f275458757e09ed728f84d661
29fc823f42b8d15410283a747f009640722d6cda
112082682bda5cdf8085ffa1e19e75fd50d5b7d6e44ac4f9269bac8165236325

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Content-Type: application/octet-stream
Content-Length: 1947
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"
Accept-Ranges: bytes

trackwin.net/js/vendor/evercookie/php/evercookie_cache.php?name=ec_uid&cookie=evercookie_cache

109.206.191.154

200 OK

775 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_cache.php?name=ec_uid&cookie=evercookie_cache
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
PHP script, ASCII text
Size
775 B (775 bytes)
Hash
c20464eb21351af01763e51a576d5c92
2851a0ae525b5d9c17ca828dec9f2c59ee43ae8a
a475e250ba9cf7b8083218cac51ebaf9c92f6443202aa26b9884268d238bfe08

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_cache.php?name=ec_uid&cookie=evercookie_cache HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Content-Type: application/octet-stream
Content-Length: 775
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-307"
Accept-Ranges: bytes

trackwin.net/js/vendor/evercookie/php/evercookie_etag.php?name=ec_uid&cookie=evercookie_etag

109.206.191.154

200 OK

2.3 kB

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_etag.php?name=ec_uid&cookie=evercookie_etag
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
PHP script, ASCII text
Size
2.3 kB (2265 bytes)
Hash
e89312a6cae1ac71cf900b42ecdfb11b
795235a48421ad9fecf624b484604c15085b9348
d13662d58ca8ffaf5cee039555803b0fafa2c7b4e0fa6ac4e12f5601180ba64f

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_etag.php?name=ec_uid&cookie=evercookie_etag HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Content-Type: application/octet-stream
Content-Length: 2265
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-8d9"
Accept-Ranges: bytes

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=; evercookie_etag=undefined; evercookie_cache=; ec_uid=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:46:59 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8589966190561154

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8589966190561154
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8589966190561154 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=; evercookie_etag=undefined; evercookie_cache=undefined; ec_uid=

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 20:51:19 GMT
age: 3341
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=; evercookie_etag=undefined; evercookie_cache=undefined
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:00 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2826
Expires: Mon, 06 Feb 2023 22:34:06 GMT
Date: Mon, 06 Feb 2023 21:47:00 GMT
Connection: keep-alive

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7079512970146804

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7079512970146804
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7079512970146804 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=; evercookie_etag=undefined; evercookie_cache=undefined

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

push.services.mozilla.com/

34.213.121.129

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.121.129:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9KoQuiR0rfhK+HgMSTaKcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ccwDdzdi53c52YPm4A5aNRKl75E=

trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

109.206.191.154

200 OK

9.8 kB

URL HTTP/1.1
trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4721)
Size
9.8 kB (9798 bytes)
Hash
9fb335769acc61af7f2235f038ca93bc
173aedfc04560af1005193ff0657754067c78e33
5dd23890ef2224669aa2fc8a12fba567d625f393f5629f094cc5cf430c65ec86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=<?php; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=<?php; evercookie_png=; evercookie_etag=undefined; evercookie_cache=undefined
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9798
Connection: keep-alive

trackwin.net/etag.php

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/etag.php
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etag.php HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=; evercookie_etag=undefined; evercookie_cache=undefined
If-None-Match: ""

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:01 GMT
Connection: keep-alive
Set-Cookie: server_etag=%22%22; expires=Mon, 06-Feb-2023 21:48:01 GMT; Max-Age=60; path=/
ETag: """"
Cache-Control: public

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:01 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=; evercookie_cache=; ec_uid=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:01 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7691879444918539

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7691879444918539
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7691879444918539 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:01 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.23909553743738488

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.23909553743738488
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.23909553743738488 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9276
Expires: Tue, 07 Feb 2023 00:21:37 GMT
Date: Mon, 06 Feb 2023 21:47:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9276
Expires: Tue, 07 Feb 2023 00:21:37 GMT
Date: Mon, 06 Feb 2023 21:47:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12256 bytes)
Hash
062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4R-s-RLkMZ07191B7nQm0O5Bh2njqsKKvOzNkhmygr13X-97J-1BCg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 05:58:11 GMT
age: 56930
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4442 bytes)
Hash
7d8c3ebd17a435401c7f9fe3b8f842be
f2106be148fea23bf961fcdb69ea4cb127aa5f3e
ee708e68414539c75ddc077e0be7b75a86fd4fc9b6c1ddd1da86d0b9aca35558

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4442
x-amzn-requestid: 1bb3d1b3-ff58-4b0d-9a2b-c25797530c5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQG1JoAMFRtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1bb478453ececa9613e7e4a2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9U-7wtL1xaLoE87hXcnrcTp-LCseI5ne10812N_9F_arqyi703w7Ng==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:10 GMT
age: 86211
etag: "f2106be148fea23bf961fcdb69ea4cb127aa5f3e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8929 bytes)
Hash
d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:11:05 GMT
age: 84956
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7851 bytes)
Hash
13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-bdQPU-zYhIlXtxcW_TiqE8ifPg3i0cg8gFuvJSfwoMDTe-Hqy1jg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:47 GMT
age: 85454
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10514 bytes)
Hash
9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 86212
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9808 bytes)
Hash
ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 84967
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

109.206.191.154

200 OK

9.8 kB

URL HTTP/1.1
trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4721)
Size
9.8 kB (9798 bytes)
Hash
9fb335769acc61af7f2235f038ca93bc
173aedfc04560af1005193ff0657754067c78e33
5dd23890ef2224669aa2fc8a12fba567d625f393f5629f094cc5cf430c65ec86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=<?php; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=<?php; server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9798
Connection: keep-alive

trackwin.net/etag.php

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/etag.php
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etag.php HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-None-Match: ""

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:02 GMT
Connection: keep-alive
Set-Cookie: server_etag=%22%22; expires=Mon, 06-Feb-2023 21:48:02 GMT; Max-Age=60; path=/
ETag: """"
Cache-Control: public

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_etag=<?php; evercookie_cache=<?php
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:02 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:02 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7115150175164517

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7115150175164517
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.7115150175164517 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:02 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.5649503985691936

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.5649503985691936
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.5649503985691936 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

109.206.191.154

200 OK

9.8 kB

URL HTTP/1.1
trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4721)
Size
9.8 kB (9798 bytes)
Hash
9fb335769acc61af7f2235f038ca93bc
173aedfc04560af1005193ff0657754067c78e33
5dd23890ef2224669aa2fc8a12fba567d625f393f5629f094cc5cf430c65ec86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=<?php; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=<?php; server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9798
Connection: keep-alive

trackwin.net/etag.php

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/etag.php
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etag.php HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-None-Match: ""

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:03 GMT
Connection: keep-alive
Set-Cookie: server_etag=%22%22; expires=Mon, 06-Feb-2023 21:48:03 GMT; Max-Age=60; path=/
ETag: """"
Cache-Control: public

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_cache=<?php
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:03 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=; evercookie_cache=; ec_uid=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:03 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8464124402560405

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8464124402560405
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8464124402560405 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:03 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8788699739324557

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8788699739324557
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.8788699739324557 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

109.206.191.154

200 OK

9.8 kB

URL HTTP/1.1
trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4721)
Size
9.8 kB (9798 bytes)
Hash
9fb335769acc61af7f2235f038ca93bc
173aedfc04560af1005193ff0657754067c78e33
5dd23890ef2224669aa2fc8a12fba567d625f393f5629f094cc5cf430c65ec86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=<?php; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=<?php; server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9798
Connection: keep-alive

trackwin.net/etag.php

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/etag.php
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etag.php HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-None-Match: ""

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:04 GMT
Connection: keep-alive
Set-Cookie: server_etag=%22%22; expires=Mon, 06-Feb-2023 21:48:04 GMT; Max-Age=60; path=/
ETag: """"
Cache-Control: public

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:04 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=; evercookie_cache=; ec_uid=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:04 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6176417412872933

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6176417412872933
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6176417412872933 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:04 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6653917912252545

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6653917912252545
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6653917912252545 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

109.206.191.154

200 OK

9.8 kB

URL HTTP/1.1
trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4721)
Size
9.8 kB (9798 bytes)
Hash
9fb335769acc61af7f2235f038ca93bc
173aedfc04560af1005193ff0657754067c78e33
5dd23890ef2224669aa2fc8a12fba567d625f393f5629f094cc5cf430c65ec86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=<?php; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=<?php; server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:05 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9798
Connection: keep-alive

trackwin.net/etag.php

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/etag.php
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etag.php HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-None-Match: ""

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:05 GMT
Connection: keep-alive
Set-Cookie: server_etag=%22%22; expires=Mon, 06-Feb-2023 21:48:05 GMT; Max-Age=60; path=/
ETag: """"
Cache-Control: public

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:05 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=; evercookie_cache=; ec_uid=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:05 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.41496378348382534

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.41496378348382534
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.41496378348382534 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:05 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.22444192301934351

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.22444192301934351
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.22444192301934351 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

109.206.191.154

200 OK

9.8 kB

URL HTTP/1.1
trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4721)
Size
9.8 kB (9798 bytes)
Hash
9fb335769acc61af7f2235f038ca93bc
173aedfc04560af1005193ff0657754067c78e33
5dd23890ef2224669aa2fc8a12fba567d625f393f5629f094cc5cf430c65ec86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=<?php; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=<?php; server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9798
Connection: keep-alive

trackwin.net/etag.php

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/etag.php
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etag.php HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-None-Match: ""

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:06 GMT
Connection: keep-alive
Set-Cookie: server_etag=%22%22; expires=Mon, 06-Feb-2023 21:48:06 GMT; Max-Age=60; path=/
ETag: """"
Cache-Control: public

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:06 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=; evercookie_cache=; ec_uid=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:06 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6769198992844616

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6769198992844616
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.6769198992844616 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:06 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.477382491845212

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.477382491845212
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.477382491845212 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/

109.206.191.154

200 OK

9.8 kB

URL HTTP/1.1
trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4721)
Size
9.8 kB (9798 bytes)
Hash
9fb335769acc61af7f2235f038ca93bc
173aedfc04560af1005193ff0657754067c78e33
5dd23890ef2224669aa2fc8a12fba567d625f393f5629f094cc5cf430c65ec86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/ HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: evercookie_png=<?php; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=<?php; server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:07 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9798
Connection: keep-alive

trackwin.net/etag.php

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/etag.php
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etag.php HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php
If-None-Match: ""

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:07 GMT
Connection: keep-alive
Set-Cookie: server_etag=%22%22; expires=Mon, 06-Feb-2023 21:48:07 GMT; Max-Age=60; path=/
ETag: """"
Cache-Control: public

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_cache=<?php
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:07 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=; evercookie_cache=; ec_uid=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:07 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.9387883749061415

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.9387883749061415
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.9387883749061415 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png

109.206.191.154

304 Not Modified

0 B

URL HTTP/1.1
trackwin.net/js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/vendor/evercookie/php/evercookie_png.php?name=ec_uid&cookie=evercookie_png HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php; ec_uid=
If-Modified-Since: Wed, 20 Jun 2018 11:17:56 GMT
If-None-Match: "5b2a37e4-79b"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 06 Feb 2023 21:47:08 GMT
Last-Modified: Wed, 20 Jun 2018 11:17:56 GMT
Connection: keep-alive
ETag: "5b2a37e4-79b"

trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.2561249192633468

109.206.191.154

200 OK

0 B

URL HTTP/1.1
trackwin.net/out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.2561249192633468
IP
109.206.191.154:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /out/simple/saveStats/2f4d8868b8c0d10e95c51fb64d433e30/?0.2561249192633468 HTTP/1.1
Host: trackwin.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 342
Origin: http://trackwin.net
Connection: keep-alive
Referer: http://trackwin.net/out/simple/show/2f4d8868b8c0d10e95c51fb64d433e30/
Cookie: server_etag=%22%22; evercookie_png=; evercookie_etag=<?php; evercookie_cache=<?php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 21:47:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://trackwin.net

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML