| pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html | 104.18.2.35 | 200 OK | 589 B |
URL User Request GET HTTP/1.1pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html IP104.18.2.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash80f1fbf47a0839bc54a06bad0aa464f4 e7b1996d7d685574d13f9735d326772d32010d21 07e0b6b9cc7de0ff7e6db7b5cadb249e50a404dea4382e2038e0be1a79e107e2
Analyzer | Verdict | Alert | OpenPhish | phishing | Rackspace | PhishTank | phishing | Rackspace | Quad9 DNS | malicious | Sinkholed |
GET /indexjs.html HTTP/1.1
Host: pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 17:36:42 GMT
Content-Type: text/html
Content-Length: 589
Connection: keep-alive
Accept-Ranges: bytes
ETag: "80f1fbf47a0839bc54a06bad0aa464f4"
Last-Modified: Thu, 29 Feb 2024 10:55:35 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a018c76cdc0b31-OSL
|
|
| static.emailsrvr.com/beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png | 152.199.21.175 | 200 OK | 8.2 kB |
URL GET HTTP/2static.emailsrvr.com/beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png IP152.199.21.175:443
Requested byhttps://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html CertificateIssuerDigiCert Inc Subjectsni9278gl.wpc.edgecastcdn.net Fingerprint09:B9:46:2E:35:CB:D9:7B:2E:BF:E7:A6:5E:9F:05:94:00:02:CD:5F ValidityWed, 27 Mar 2024 00:00:00 GMT - Sun, 27 Apr 2025 23:59:59 GMT
File typePNG image data, 800 x 247, 8-bit colormap, non-interlaced Hash28263b070e6cc2fc679f2b4dac7d1d69 82b6ea53695926e0d9fe8e10aacd02a228df53e3 97669a98a4d13725fbefcfd567ea8adf12fc3c06eef40e71d824bb47267ccb18
GET /beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png HTTP/1.1
Host: static.emailsrvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 310350
cache-control: max-age=300
content-type: image/png
date: Thu, 25 Apr 2024 17:36:43 GMT
etag: "ffe73fd4e59d61:0"
expires: Thu, 25 Apr 2024 17:41:43 GMT
last-modified: Mon, 13 Jul 2020 19:51:24 GMT
server: ECAcc (ska/F760)
x-cache: HIT
x-powered-by: ASP.NET
content-length: 8173
X-Firefox-Spdy: h2
|
|
| static.emailsrvr.com/apps_rackspace_com/images/Suspicious-Email-Banner.jpg | 152.199.21.175 | 200 OK | 32 kB |
URL GET HTTP/2static.emailsrvr.com/apps_rackspace_com/images/Suspicious-Email-Banner.jpg IP152.199.21.175:443
Requested byhttps://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html CertificateIssuerDigiCert Inc Subjectsni9278gl.wpc.edgecastcdn.net Fingerprint09:B9:46:2E:35:CB:D9:7B:2E:BF:E7:A6:5E:9F:05:94:00:02:CD:5F ValidityWed, 27 Mar 2024 00:00:00 GMT - Sun, 27 Apr 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 190x294, components 3 Hash9a457ecb967c34f7b32732c0b2b2209f b51b39359e84580e17153f4a9826788d9ab3d252 ee608b4a41a47f8df45dd1d505afb39cb7293e7a33c094b756764a85d67fca47
GET /apps_rackspace_com/images/Suspicious-Email-Banner.jpg HTTP/1.1
Host: static.emailsrvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 309858
cache-control: max-age=300
content-type: image/jpeg
date: Thu, 25 Apr 2024 17:36:43 GMT
etag: "5b1d4cae5757d41:0"
expires: Thu, 25 Apr 2024 17:41:43 GMT
last-modified: Fri, 28 Sep 2018 18:18:39 GMT
server: ECAcc (ska/F749)
x-cache: HIT
x-powered-by: ASP.NET
content-length: 31715
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 IP142.250.74.131:443
Requested byhttps://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15764, version 1.0 Hash603b8950590bf833546eee7cbc79944a ebbde06eb829868c5f689afe2d48377608be1e7b 0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
GET /s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 22:10:20 GMT
expires: Tue, 22 Apr 2025 22:10:20 GMT
cache-control: public, max-age=31536000
age: 242784
last-modified: Wed, 11 May 2022 19:24:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttps://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:37:01 GMT
expires: Fri, 25 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 53983
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:100,400,500,700 | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:100,400,500,700 IP142.250.74.106:443
Requested byhttps://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash1661a1cf9c8733eee85efbef729d7e87 ba6e490d3d17662f1c0e4b19c8ec223104a346a9 119980c860366693bb3e46228e14f56d990c415ef4a23ecdc3f2a7daa074caf6
GET /css?family=Roboto:100,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 17:36:43 GMT
date: Thu, 25 Apr 2024 17:36:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/favicon.ico | 0.0.0.0 | | 0 B |
URL GET pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/favicon.ico IP0.0.0.0:0
Requested byhttps://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| dev-rakcjkd.pantheonsite.io/rakcjkd/jquery.js | 23.185.0.1 | 200 OK | 291 kB |
URL GET HTTP/2dev-rakcjkd.pantheonsite.io/rakcjkd/jquery.js IP23.185.0.1:443
Requested byhttps://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html CertificateIssuerLet's Encrypt Subjectpantheonsite.io FingerprintF0:B6:EE:9C:03:9F:B0:36:8C:F7:7A:BA:A2:D4:49:C5:4D:32:99:59 ValidityMon, 22 Apr 2024 16:38:54 GMT - Sun, 21 Jul 2024 16:38:53 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Size291 kB (290960 bytes) Hash24fa855a7678b1938f16235881e3e80b 67b6c9946134456d67c07765d230130d8679f8c6 f2a84bc4f4cb8ae04162f42f1f3ebed1e05725d9b5bf666b885356c7698a071f
GET /rakcjkd/jquery.js HTTP/1.1
Host: dev-rakcjkd.pantheonsite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"65df762c-47090"
expires: Thu, 25 Apr 2024 17:36:42 GMT
last-modified: Wed, 28 Feb 2024 18:06:36 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-6fbf54f75-dc4gj
x-styx-req-id: 61aeda76-032a-11ef-ba6b-96e8d5d5e462
cache-control: no-cache, must-revalidate
date: Thu, 25 Apr 2024 17:36:43 GMT
x-served-by: cache-chi-kigq8000063-CHI, cache-hel1410023-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1714066603.215864,VS0,VE272
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
|
|
| dev-rakcjkd.pantheonsite.io/rakcjkd/basic.js | 23.185.0.1 | 200 OK | 13 kB |
URL GET HTTP/2dev-rakcjkd.pantheonsite.io/rakcjkd/basic.js IP23.185.0.1:443
Requested byhttps://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/indexjs.html CertificateIssuerLet's Encrypt Subjectpantheonsite.io FingerprintF0:B6:EE:9C:03:9F:B0:36:8C:F7:7A:BA:A2:D4:49:C5:4D:32:99:59 ValidityMon, 22 Apr 2024 16:38:54 GMT - Sun, 21 Jul 2024 16:38:53 GMT
File typeJavaScript source, ASCII text, with very long lines (12700), with CRLF line terminators Hash5fbf7d93a4f781b885906b26436dee27 31549ecde9e8a09061dae6a52c1a9f7c374fd895 cb73f6ed78d4c486297f5a91a8153e1dfe3ff637ad5f21fff01669866ecd8be7
GET /rakcjkd/basic.js HTTP/1.1
Host: dev-rakcjkd.pantheonsite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-6a428cb930554d0d8e7b1cfb106ff923.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"65df7a08-33c7"
expires: Thu, 25 Apr 2024 17:36:42 GMT
last-modified: Wed, 28 Feb 2024 18:23:04 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-6fbf54f75-5hx8r
x-styx-req-id: 61af368f-032a-11ef-aa87-2eb7127b9689
cache-control: no-cache, must-revalidate
date: Thu, 25 Apr 2024 17:36:43 GMT
x-served-by: cache-chi-klot8100174-CHI, cache-hel1410023-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1714066603.219575,VS0,VE291
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
|
|