| round-sky-9de0.rackupdate.workers.dev/js/login.js | 172.67.217.230 | 200 OK | 4.0 kB |
URL GET HTTP/3round-sky-9de0.rackupdate.workers.dev/js/login.js IP172.67.217.230:443
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/ CertificateIssuerLet's Encrypt Subjectrackupdate.workers.dev Fingerprint63:46:F6:85:86:EA:06:59:02:7C:02:C0:7B:6D:FF:35:3B:7C:FB:C8 ValidityMon, 15 Apr 2024 04:49:02 GMT - Sun, 14 Jul 2024 04:49:01 GMT
File typeHTML document, ASCII text Hash299928350805443846ba8ca05e0b0711 483fda889f06f3611420a8d5dfc75081f81c31f3 45cde113f7e597f2865e796bbf02e78e0bd528a2064ad96cd0679e05c0592490
Analyzer | Verdict | Alert | OpenPhish | phishing | Rackspace | PhishTank | phishing | Other |
GET /js/login.js HTTP/1.1
Host: round-sky-9de0.rackupdate.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://round-sky-9de0.rackupdate.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:54:03 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRCZoMVuw0d9LzGnZwSH52ygNqSYXSRF4t5KqviCy%2BnqYDu4WhSl%2F0HpOzxsuSjIXBMYv%2F7XzP3fVpqZROTsE0Qdq84PJzahs1U8iGvjf1nDLLviqoCivEVlw6LH45duC7qxDMbMmrmwJ5J8ruLE2e%2Bctlebd9fy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875def51f903abe7-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 142.250.74.42 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP142.250.74.42:443
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://round-sky-9de0.rackupdate.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 10:51:04 GMT
expires: Thu, 17 Apr 2025 10:51:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 21780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:100,400,500,700 | 142.251.9.95 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:100,400,500,700 IP142.251.9.95:443
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashc895d23fb20b690e80b180a1099563aa a140b1d5a791067e2175867778eb054d3ceab552 235d61650d96fc759ccafcea20e0ec0122af3094b0a046692e93e96ddbfea94e
GET /css?family=Roboto:100,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://round-sky-9de0.rackupdate.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 16:54:04 GMT
date: Wed, 17 Apr 2024 16:54:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.251.209.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.251.209.131:443
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://round-sky-9de0.rackupdate.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 19:31:35 GMT
expires: Fri, 11 Apr 2025 19:31:35 GMT
cache-control: public, max-age=31536000
age: 508949
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 | 142.251.209.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 IP142.251.209.131:443
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15764, version 1.0 Hash603b8950590bf833546eee7cbc79944a ebbde06eb829868c5f689afe2d48377608be1e7b 0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
GET /s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://round-sky-9de0.rackupdate.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 19:33:08 GMT
expires: Fri, 11 Apr 2025 19:33:08 GMT
cache-control: public, max-age=31536000
age: 508856
last-modified: Wed, 11 May 2022 19:24:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| round-sky-9de0.rackupdate.workers.dev/favicon.ico | 172.67.217.230 | 200 OK | 11 kB |
URL GET HTTP/3round-sky-9de0.rackupdate.workers.dev/favicon.ico IP172.67.217.230:443
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/ CertificateIssuerLet's Encrypt Subjectrackupdate.workers.dev Fingerprint63:46:F6:85:86:EA:06:59:02:7C:02:C0:7B:6D:FF:35:3B:7C:FB:C8 ValidityMon, 15 Apr 2024 04:49:02 GMT - Sun, 14 Jul 2024 04:49:01 GMT
File typeHTML document, ASCII text Hash299928350805443846ba8ca05e0b0711 483fda889f06f3611420a8d5dfc75081f81c31f3 45cde113f7e597f2865e796bbf02e78e0bd528a2064ad96cd0679e05c0592490
Analyzer | Verdict | Alert | OpenPhish | phishing | Rackspace | PhishTank | phishing | Other |
GET /favicon.ico HTTP/1.1
Host: round-sky-9de0.rackupdate.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://round-sky-9de0.rackupdate.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:54:04 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LdW7xY0tOEF1Dpwjcdr7ZwTVxzZQQ0Wu0AmKh%2FlRs%2Bb%2FM08Yc4L%2BWjGjM6kCnHI4xXKA%2B40y6c%2FOjrfrRU0pxD1IzXOQCSwXr0ru9OMF61AukBz%2B2AcqrjRi6ZepeBhCdaBak8d%2F29QXBlXStTGqn51TVFgY5VjJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875def589e27abe7-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| benettonaustria.com/rack/static.emailsrvr.com/beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png | 0.0.0.0 | | 0 B |
URL GET benettonaustria.com/rack/static.emailsrvr.com/beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png IP0.0.0.0:0
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rack/static.emailsrvr.com/beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png HTTP/1.1
Host: benettonaustria.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://round-sky-9de0.rackupdate.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| benettonaustria.com/rack/static.emailsrvr.com/apps_rackspace_com/images/Suspicious-Email-Banner.jpg | 0.0.0.0 | | 0 B |
URL GET benettonaustria.com/rack/static.emailsrvr.com/apps_rackspace_com/images/Suspicious-Email-Banner.jpg IP0.0.0.0:0
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rack/static.emailsrvr.com/apps_rackspace_com/images/Suspicious-Email-Banner.jpg HTTP/1.1
Host: benettonaustria.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://round-sky-9de0.rackupdate.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| round-sky-9de0.rackupdate.workers.dev/ | 172.67.217.230 | 200 OK | 14 kB |
URL User Request GET HTTP/2round-sky-9de0.rackupdate.workers.dev/ IP172.67.217.230:443
CertificateIssuerLet's Encrypt Subjectrackupdate.workers.dev Fingerprint63:46:F6:85:86:EA:06:59:02:7C:02:C0:7B:6D:FF:35:3B:7C:FB:C8 ValidityMon, 15 Apr 2024 04:49:02 GMT - Sun, 14 Jul 2024 04:49:01 GMT
File typeHTML document, ASCII text Hash299928350805443846ba8ca05e0b0711 483fda889f06f3611420a8d5dfc75081f81c31f3 45cde113f7e597f2865e796bbf02e78e0bd528a2064ad96cd0679e05c0592490
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Generic phishing | OpenPhish | phishing | Rackspace | PhishTank | phishing | Other |
GET / HTTP/1.1
Host: round-sky-9de0.rackupdate.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:54:03 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1L8wvguvKAsGR4IrGaHRStdbL%2FmkXFOR4UFMosCKk%2BVgV2iUtCsEGGrv4tvfp6ja0ddjFAoanq4AIVH8HcSVX%2F1t2tzoADPlNP25iwfs3Ueu6%2B0IXwfYokIALng6z1gdWrfMERCozv3GKSusB5xBPWCkGxEJ0QIK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875def50be07abc2-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| benettonaustria.com/rack/static.emailsrvr.com/beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png | 0.0.0.0 | | 0 B |
URL GET benettonaustria.com/rack/static.emailsrvr.com/beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png IP0.0.0.0:0
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rack/static.emailsrvr.com/beta_apps_rackspace_com/images/Rackspace_Technology_Logo_RGB_WHT.png HTTP/1.1
Host: benettonaustria.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://round-sky-9de0.rackupdate.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| benettonaustria.com/rack/static.emailsrvr.com/apps_rackspace_com/images/Suspicious-Email-Banner.jpg | 0.0.0.0 | | 0 B |
URL GET benettonaustria.com/rack/static.emailsrvr.com/apps_rackspace_com/images/Suspicious-Email-Banner.jpg IP0.0.0.0:0
Requested byhttps://round-sky-9de0.rackupdate.workers.dev/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rack/static.emailsrvr.com/apps_rackspace_com/images/Suspicious-Email-Banner.jpg HTTP/1.1
Host: benettonaustria.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://round-sky-9de0.rackupdate.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|