Report - rack-space-a32937.owamser.workers.dev/

Report Overview

Visited public
2023-09-03 01:57:52
Tags
URL
rack-space-a32937.owamser.workers.dev/
Finishing URL
rack-space-a32937.owamser.workers.dev/
IP / ASN
172.67.182.110
#13335 CLOUDFLARENET
Title
Rackspace Webmail: Hosted Email for Business

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
status.thawte.com	5123	1996-02-10	2017-11-27 13:33:51	2023-09-02 05:12:01	331 B	642 B	192.229.221.95
cp.rackspace.com	405282	1998-08-14	2012-09-29 21:40:04	2023-09-02 10:20:14	1.5 kB	12 kB	104.130.182.72
apps.rackspace.com	119514	1998-08-14	2013-06-19 02:23:06	2023-08-28 16:00:46	435 B	30 kB	69.20.91.24
ajax.goog	unknown	unknown	No data	No data	918 B	0 B	0.0.0.0
rack-space-a32937.owamser.workers.dev	unknown	2019-02-08	2022-03-02 01:30:39	2023-08-18 10:36:12	967 B	93 kB	172.67.182.110
www.sitepoint.com	198954	1999-10-04	2012-06-18 18:45:42	2023-08-26 22:07:00	466 B	421 B	54.230.111.54
i2.sitepoint.com	unknown	1999-10-04	2014-11-05 17:37:39	2023-08-08 04:04:14	465 B	6.5 kB	185.199.111.153

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-09-02	medium	rack-space-a32937.owamser.workers.dev/	Rackspace
2023-09-02	medium	rack-space-a32937.owamser.workers.dev/	Rackspace

PhishTank

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	rack-space-a32937.owamser.workers.dev/favicon.ico	Other
2022-10-26	medium	rack-space-a32937.owamser.workers.dev/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-03	medium	ajax.goog	Sinkholed
2023-09-03	medium	ajax.goog	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	658 B	2023-05-20	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 14:17 Last Seen2024-08-21 08:25 Times Seen11 Hash bc5721a2ef9c3b21c4d0e667876dca2a f8e844cd2457275e91cd7bcdf201c6ac641e6148 b47ed527a55d0f6d5aa40e0f841e6f8757a5a1d725c2a544742aadfe5005e9c7 Loading...

	unknown	ScriptElement	706 B	2023-05-20	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 14:17 Last Seen2024-08-21 08:25 Times Seen11 Hash 31ed37595265a06c02b514a6e615ac26 892a43347051dd7857487686f4052ff667a068f5 e66d7a5d47c90cf8d95cc654339e7f4c21c892767ba5445f0d9c3756d7b74c1f Loading...

	rack-space-a32937.owamser.workers.dev/	ScriptElement	46 kB	2023-03-08	2024-08-21
Pretty URL rack-space-a32937.owamser.workers.dev/ IP 172.67.182.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 21:14 Last Seen2024-08-21 08:25 Times Seen11 Hash bd2e1778d5678677b5d145eb7c2c40ef 42854d5af63cfcf273ffddca921568262167fcf0 efddb081f390693022bfddb74fdb5496e171aff9e7e93724e1c6cf077e3e7ccf Loading...

	www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js	ScriptElement	17 kB	2023-03-07	2025-04-02
Pretty URL www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js IP 54.230.111.54 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:07 Last Seen2025-04-02 11:57 Times Seen13 Hash 093b948a3133ccde7091158531d5d63e 9c704980cfe00a2f4f8fd29b7aa383a92cc31983 2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825 Loading...

	unknown	ScriptElement	48 B	2023-05-20	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 14:17 Last Seen2024-08-21 08:25 Times Seen11 Hash 5a287cf209df83154895e1556576f10a 685cd47b48bf4ad58654cb03bcb4d6eb4eca2e91 67f59b9103eefbd8d93d6d700baed85c18ac892717ca3c9ae96f4e584b147316 Loading...

	apps.rackspace.com/a/js/login.js?2230	ScriptElement	29 kB	2023-03-07	2025-02-11
Pretty URL apps.rackspace.com/a/js/login.js?2230 IP 69.20.91.24 ASN #27357 RACKSPACE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10 Last Seen2025-02-11 02:43 Times Seen12 Hash 5824a1ae81fa3c66da0dc9a3bcbc8b2a da485b2798d9176afbdca97de9a7698d66dcb784 254954afb10634ad2eead14d873510c39a68c15d3bf54bf958655962cb7e1450 Loading...

	unknown	ScriptElement	609 B	2023-05-20	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 14:17 Last Seen2024-08-21 08:25 Times Seen11 Hash 6961302ac6bfbb65dc18a91ee497b0c3 2bf011b6ed883f9a013a4071c54cc9a375fe0966 71da2f429c59ab1e2f33e83353be6f1ff73a99301bac3736adc3a42b4dd10b2e Loading...

	unknown	ScriptElement	609 B	2023-05-20	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 14:17 Last Seen2024-08-21 08:25 Times Seen11 Hash af13fa58bd25626b1c233bb03571bd05 d82da40689d325b1a36927537471f5e3016ba330 641bd120b696178995b29d4eaa416ff49ec3ae6c85d7fa5346ced880ba4ec589 Loading...

		Size	First Seen	Last Seen
	#1 Write - c83db1de28220971c7a33bb1d86be5a2	15 kB	2023-03-08 21:14	2024-08-21 08:25
Pretty Observations First Seen2023-03-08 21:14 Last Seen2024-08-21 08:25 Times Seen11 Hash c83db1de28220971c7a33bb1d86be5a2 b97a123238ae68b089df772033f4d5276aa8cc3c 026328cd5645dda6845eb283b13e44d262214af8d5a63239485ebf52ebff4bc9 Loading...

HTTP Transactions (11)

URL IP Response Size

www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js

54.230.111.54

301 Moved Permanently

0 B

URL GET HTTP/2
www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js
IP
54.230.111.54:443
ASN
#16509 AMAZON-02

Requested by
https://rack-space-a32937.owamser.workers.dev/
Certificate
IssuerAmazon
Subjectwww.sitepoint.com
FingerprintFF:74:46:4C:A4:D3:75:AE:2E:CD:70:1A:DB:49:E0:95:C2:C6:81:D8
ValiditySun, 06 Aug 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /examples/password/MaskedPassword/MaskedPassword.js HTTP/1.1
Host: www.sitepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rack-space-a32937.owamser.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-length: 0
location: https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js
server: CloudFront
date: Sat, 02 Sep 2023 21:24:39 GMT
x-cache: Hit from cloudfront
via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P8jCCVsezeIBGNEy6hrdmM2S1LGd4N7NKBe6Ntknp7wOM95iUZA77A==
age: 16376
X-Firefox-Spdy: h2

i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js

185.199.111.153

200 OK

5.8 kB

URL GET HTTP/2
i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js
IP
185.199.111.153:443
ASN
#54113 FASTLY

Requested by
https://rack-space-a32937.owamser.workers.dev/
Certificate
IssuerLet's Encrypt
Subjecti2.sitepoint.com
Fingerprint33:FD:A9:F9:80:50:F1:F9:67:5C:47:A4:D5:71:CE:24:4F:8F:A7:4B
ValiditySun, 20 Aug 2023 09:50:29 GMT - Sat, 18 Nov 2023 09:50:28 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
5.8 kB (5816 bytes)
Hash
093b948a3133ccde7091158531d5d63e
9c704980cfe00a2f4f8fd29b7aa383a92cc31983
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825

HTTP Headers

GET /examples/password/MaskedPassword/MaskedPassword.js HTTP/1.1
Host: i2.sitepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rack-space-a32937.owamser.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 31 Aug 2023 04:08:29 GMT
access-control-allow-origin: *
etag: W/"64f0123d-4208"
expires: Sun, 03 Sep 2023 02:07:35 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 338C:5989:1B83278:1C0AF1B:64F3E80F
accept-ranges: bytes
date: Sun, 03 Sep 2023 01:57:35 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1652-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1693706256.859008,VS0,VE118
vary: Accept-Encoding
x-fastly-request-id: e6442188f63dc4e541cbb352a2571e70001201ec
content-length: 5816
X-Firefox-Spdy: h2

status.thawte.com/

192.229.221.95

471 B

URL
status.thawte.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
95ece6605c78431d96c84f536a051a7e
6a37382632edef0f80a341336fbc6ec57e67d3d7
5cf9e0d8dfca360b080110b9266a169135f11c8997ef9fa3eec2808d8b1eadb5

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Sun, 03 Sep 2023 01:57:36 GMT
Server: ECAcc (amb/6B53)
Content-Length: 471

cp.rackspace.com/clients/webmail/apps_rackspace_com/images/blank.gif

104.130.182.72

200 OK

43 B

URL GET HTTP/1.1
cp.rackspace.com/clients/webmail/apps_rackspace_com/images/blank.gif
IP
104.130.182.72:443
ASN
#27357 RACKSPACE

Requested by
https://rack-space-a32937.owamser.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectcp.rackspace.com
FingerprintB9:8D:D6:59:7E:14:85:B1:BA:E3:2B:32:4D:01:37:8A:ED:F4:D4:63
ValidityWed, 05 Jul 2023 00:00:00 GMT - Thu, 18 Jul 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
710d230ab6d70d5b4bbe1456ab8ba56b
aeee8694ace8cb587017c3d586533b5c0d3bf8c0
2894fa1d1ebe2f99a165317c3c46ea23a7de28590a1c3965508acaf802e9c9a8

HTTP Headers

GET /clients/webmail/apps_rackspace_com/images/blank.gif HTTP/1.1
Host: cp.rackspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rack-space-a32937.owamser.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 03 Sep 2023 01:57:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache
Last-Modified: Mon, 28 Feb 2011 22:29:24 GMT
Accept-Ranges: bytes
ETag: "03a78f396d7cb1:0"
X-Powered-By: ASP.NET

apps.rackspace.com/a/js/login.js?2230

69.20.91.24

200 OK

29 kB

URL GET HTTP/1.1
apps.rackspace.com/a/js/login.js?2230
IP
69.20.91.24:443
ASN
#27357 RACKSPACE

Requested by
https://rack-space-a32937.owamser.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectapps.rackspace.com
Fingerprint1C:E7:50:06:25:9C:A3:B9:23:9C:2D:8E:FF:73:7F:91:B5:EA:2A:91
ValidityTue, 08 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text
Size
29 kB (29376 bytes)
Hash
5824a1ae81fa3c66da0dc9a3bcbc8b2a
da485b2798d9176afbdca97de9a7698d66dcb784
254954afb10634ad2eead14d873510c39a68c15d3bf54bf958655962cb7e1450

HTTP Headers

GET /a/js/login.js?2230 HTTP/1.1
Host: apps.rackspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rack-space-a32937.owamser.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 03 Sep 2023 01:57:36 GMT
Content-Type: application/x-javascript
Content-Length: 29376
Connection: keep-alive
Expires: Mon, 02 Sep 2024 01:57:36 +0000
X-Frame-Options: SAMEORIGIN

cp.rackspace.com/clients/webmail/apps_rackspace_com/images/logo_20141002.png

104.130.182.72

200 OK

2.1 kB

URL GET HTTP/1.1
cp.rackspace.com/clients/webmail/apps_rackspace_com/images/logo_20141002.png
IP
104.130.182.72:443
ASN
#27357 RACKSPACE

Requested by
https://rack-space-a32937.owamser.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectcp.rackspace.com
FingerprintB9:8D:D6:59:7E:14:85:B1:BA:E3:2B:32:4D:01:37:8A:ED:F4:D4:63
ValidityWed, 05 Jul 2023 00:00:00 GMT - Thu, 18 Jul 2024 23:59:59 GMT

File type
PNG image data, 130 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2080 bytes)
Hash
1a23f0a81dc5a1fe8495461a3afced86
0e87647cb2ab7ae544322d1961052598d564eeae
f167dfd881b45166119fce39b1fa639e925f80e4e7391e3cbe83f843490b7b19

HTTP Headers

GET /clients/webmail/apps_rackspace_com/images/logo_20141002.png HTTP/1.1
Host: cp.rackspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rack-space-a32937.owamser.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 03 Sep 2023 01:57:36 GMT
Content-Type: image/png
Content-Length: 2080
Connection: keep-alive
Cache-Control: no-cache
Last-Modified: Thu, 02 Oct 2014 17:24:37 GMT
Accept-Ranges: bytes
ETag: "4924cebd65decf1:0"
X-Powered-By: ASP.NET

cp.rackspace.com/clients/webmail/apps_rackspace_com/images/plus-anytime_anywhere-190x294.png

104.130.182.72

200 OK

9.2 kB

URL GET HTTP/1.1
cp.rackspace.com/clients/webmail/apps_rackspace_com/images/plus-anytime_anywhere-190x294.png
IP
104.130.182.72:443
ASN
#27357 RACKSPACE

Requested by
https://rack-space-a32937.owamser.workers.dev/
Certificate
IssuerDigiCert Inc
Subjectcp.rackspace.com
FingerprintB9:8D:D6:59:7E:14:85:B1:BA:E3:2B:32:4D:01:37:8A:ED:F4:D4:63
ValidityWed, 05 Jul 2023 00:00:00 GMT - Thu, 18 Jul 2024 23:59:59 GMT

File type
PNG image data, 190 x 294, 8-bit/color RGB, non-interlaced\012- data
Size
9.2 kB (9209 bytes)
Hash
db1fe5ca924ca5ff4a9482e114b43886
4e54b079d9addab4fd642f2295b9563adeb3c47a
db18ad437ed30b29a15bb4a394df2f29cd5073ccab904b6ed5e2cf870530dc62

HTTP Headers

GET /clients/webmail/apps_rackspace_com/images/plus-anytime_anywhere-190x294.png HTTP/1.1
Host: cp.rackspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rack-space-a32937.owamser.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 03 Sep 2023 01:57:36 GMT
Content-Type: image/png
Content-Length: 9209
Connection: keep-alive
Cache-Control: no-cache
Last-Modified: Tue, 31 Oct 2017 20:00:35 GMT
Accept-Ranges: bytes
ETag: "af449aea8252d31:0"
X-Powered-By: ASP.NET

ajax.goog//leapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

0.0.0.0

0 B

URL GET
ajax.goog//leapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://rack-space-a32937.owamser.workers.dev/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET //leapis.com/ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rack-space-a32937.owamser.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

rack-space-a32937.owamser.workers.dev/favicon.ico

172.67.182.110

200 OK

46 kB

URL GET HTTP/3
rack-space-a32937.owamser.workers.dev/favicon.ico
IP
172.67.182.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rack-space-a32937.owamser.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectowamser.workers.dev
FingerprintB0:2B:7E:22:29:79:AD:83:30:FD:28:47:4E:FA:A4:9C:DD:80:A3:6F
ValidityTue, 25 Jul 2023 20:45:00 GMT - Mon, 23 Oct 2023 20:44:59 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (45572)
Size
46 kB (45749 bytes)
Hash
57c9c677d1c4fe758317d85cfe01073e
a3b3a000b2fd39e7ab11a081bff5f492eac2d652
678c7bdfa334cc04afdfdbb1e3e7ebf98ecce178135ab46d4d6791bf70cf6028

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Rackspace
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rack-space-a32937.owamser.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rack-space-a32937.owamser.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Sep 2023 01:57:36 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3khSnxiNNom5xhC6eMIbJDC%2FuLc8XhUhtM0xCxNBaSfzkRQoZr3vfhnJxSG1OOwuFJjDwpSNuLmycXcuJ2HEbNaQpjyySt0oylxiQDJJiImR8sk%2FNkD%2B3Fo4kEbZ2XdBN%2BKsecOeIRv3eAFK8quGd2bUSO5kvMU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 800a62078f4a5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.goog//leapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

0.0.0.0

0 B

URL GET
ajax.goog//leapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://rack-space-a32937.owamser.workers.dev/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET //leapis.com/ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rack-space-a32937.owamser.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

rack-space-a32937.owamser.workers.dev/

172.67.182.110

200 OK

46 kB

URL User Request GET HTTP/2
rack-space-a32937.owamser.workers.dev/
IP
172.67.182.110:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectowamser.workers.dev
FingerprintB0:2B:7E:22:29:79:AD:83:30:FD:28:47:4E:FA:A4:9C:DD:80:A3:6F
ValidityTue, 25 Jul 2023 20:45:00 GMT - Mon, 23 Oct 2023 20:44:59 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (45572)
Size
46 kB (45749 bytes)
Hash
57c9c677d1c4fe758317d85cfe01073e
a3b3a000b2fd39e7ab11a081bff5f492eac2d652
678c7bdfa334cc04afdfdbb1e3e7ebf98ecce178135ab46d4d6791bf70cf6028

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Rackspace
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: rack-space-a32937.owamser.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 01:57:35 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIXqPn8sfBXCwlqAf78wQos3TCgVbN8%2F5rTA8yeFhLsfh62WTZ2mavO1ISJaJadAeXv4KL3e5ylgT1ChjHraMUTVZFPNowb%2BusLma%2BJsRrbzzcYWOzYT07cFwaK1PKe0mjXEfE5%2FurqaMfKWJ%2FYuwOg0ESdhecXO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 800a61ff5f28b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (11)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size