rack-space-a32937.owamser.workers.dev Open in urlscan Pro
172.67.182.110  Malicious Activity! Public Scan

URL: https://rack-space-a32937.owamser.workers.dev/
Submission: On July 17 via api from BY — Scanned from US

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 11 HTTP transactions. The main IP is 172.67.182.110, located in United States and belongs to CLOUDFLARENET, US. The main domain is rack-space-a32937.owamser.workers.dev.
TLS certificate: Issued by WE1 on July 14th 2024. Valid for: 3 months.
This is the only time rack-space-a32937.owamser.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rackspace (Online)

Domain & IP information

IP Address AS Autonomous System
2 172.67.182.110 13335 (CLOUDFLAR...)
1 2001:4802:7a0... 27357 (RACKSPACE)
3 2001:4802:7a0... 27357 (RACKSPACE)
2 172.253.115.156 15169 (GOOGLE)
1 1 142.251.179.157 15169 (GOOGLE)
1 172.253.62.147 15169 (GOOGLE)
11 6
Apex Domain
Subdomains
Transfer
4 rackspace.com
apps.rackspace.com — Cisco Umbrella Rank: 188012
cp.rackspace.com
41 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
22 KB
2 workers.dev
rack-space-a32937.owamser.workers.dev
13 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
64 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
24 B
0 ajax.goog Failed
ajax.goog Failed
0 sitepoint.com Failed
www.sitepoint.com Failed
11 7
Domain Requested by
3 cp.rackspace.com rack-space-a32937.owamser.workers.dev
2 www.googleadservices.com rack-space-a32937.owamser.workers.dev
www.googleadservices.com
2 rack-space-a32937.owamser.workers.dev
1 www.google.com rack-space-a32937.owamser.workers.dev
1 googleads.g.doubleclick.net 1 redirects
1 apps.rackspace.com rack-space-a32937.owamser.workers.dev
0 ajax.goog Failed rack-space-a32937.owamser.workers.dev
0 www.sitepoint.com Failed rack-space-a32937.owamser.workers.dev
11 8

This site contains links to these domains. Also see Links.

Domain
www.rackspace.com
cp.rackspace.com
apps.rackspace.com
Subject Issuer Validity Valid
owamser.workers.dev
WE1
2024-07-14 -
2024-10-12
3 months crt.sh
apps.rackspace.com
Thawte EV RSA CA G2
2023-08-08 -
2024-08-17
a year crt.sh
cp.rackspace.com
Thawte TLS RSA CA G1
2024-07-01 -
2025-07-23
a year crt.sh
*.googleadservices.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://rack-space-a32937.owamser.workers.dev/
Frame ID: 904B453CFBC44B664843C0184E19DC88
Requests: 11 HTTP requests in this frame

Screenshot


Page Statistics

11
Requests

73 %
HTTPS

33 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

76 kB
Transfer

189 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1040066332/?random=1242732529&cv=9&fst=1721216352400&num=1&value=0&label=gyhyCL7-6AEQnM747wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Frack-space-a32937.owamser.workers.dev%2F&tiba=Rackspace%20Webmail%3A%20Hosted%20Email%20for%20Business&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI7bqVyv6thwMVw4uDCB332AgEMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Lmh0dHBzOi8vcmFjay1zcGFjZS1hMzI5Mzcub3dhbXNlci53b3JrZXJzLmRldi8 HTTP 302
  • https://www.google.com/pagead/1p-user-list/1040066332/?random=1242732529&cv=9&fst=1721214000000&num=1&value=0&label=gyhyCL7-6AEQnM747wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Frack-space-a32937.owamser.workers.dev%2F&tiba=Rackspace%20Webmail%3A%20Hosted%20Email%20for%20Business&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI7bqVyv6thwMVw4uDCB332AgEMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Lmh0dHBzOi8vcmFjay1zcGFjZS1hMzI5Mzcub3dhbXNlci53b3JrZXJzLmRldi8&is_vtc=1&cid=CAQSGwDaQooLXqalWHwtsZCkpWQiQtQauXjqmzNI3A&random=2367357355&resp=GooglemKTybQhCsO

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rack-space-a32937.owamser.workers.dev/
45 KB
6 KB
Document
General
Full URL
https://rack-space-a32937.owamser.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
678c7bdfa334cc04afdfdbb1e3e7ebf98ecce178135ab46d4d6791bf70cf6028

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8a49f333a9e47edb-LAX
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 17 Jul 2024 11:39:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5awmB0WE1IQyqmCJKMT9r%2FpqFVzWPflkECiAsVr6L4wV1L9UAD3qjrpe6vFNNNF%2Fg1PGUqFXQpLnsYEns8HFG5XolC9fWCreDhXQxOx6nBgyyj4H4wld6OieliUC5n9POhX3jkgffMPiXnLXYJvgLsJm%2Fcsrno95"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
MaskedPassword.js
www.sitepoint.com/examples/password/MaskedPassword/
0
0

jquery.min.js
ajax.goog//leapis.com/ajax/libs/jquery/1.10.2/
0
0

login.js
apps.rackspace.com/a/js/
29 KB
29 KB
Script
General
Full URL
https://apps.rackspace.com/a/js/login.js?2230
Requested by
Host: rack-space-a32937.owamser.workers.dev
URL: https://rack-space-a32937.owamser.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4802:7a01:10::4 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
openresty /
Resource Hash
254954afb10634ad2eead14d873510c39a68c15d3bf54bf958655962cb7e1450
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rack-space-a32937.owamser.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Content-Type
application/x-javascript
Date
Wed, 17 Jul 2024 11:39:12 GMT
Server
openresty
Connection
keep-alive
Content-Length
29376
X-Frame-Options
SAMEORIGIN
Expires
Thu, 17 Jul 2025 11:39:12 +0000
blank.gif
cp.rackspace.com/clients/webmail/apps_rackspace_com/images/
43 B
313 B
Image
General
Full URL
https://cp.rackspace.com/clients/webmail/apps_rackspace_com/images/blank.gif
Requested by
Host: rack-space-a32937.owamser.workers.dev
URL: https://rack-space-a32937.owamser.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4802:7a01:10::7 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2894fa1d1ebe2f99a165317c3c46ea23a7de28590a1c3965508acaf802e9c9a8

Request headers

Referer
https://rack-space-a32937.owamser.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 11:39:11 GMT
Last-Modified
Mon, 28 Feb 2011 22:29:24 GMT
Server
Microsoft-IIS/8.5
ETag
"03a78f396d7cb1:0"
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
43
conversion.js
www.googleadservices.com/pagead/
57 KB
21 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: rack-space-a32937.owamser.workers.dev
URL: https://rack-space-a32937.owamser.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
184011b264b77cdb8b17caa6a712a67e3ef6c573853a751aa212858d7f2ba1e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rack-space-a32937.owamser.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 17 Jul 2024 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21159
x-xss-protection
0
server
cafe
etag
13176321977885934374
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jul 2024 11:39:11 GMT
/
www.googleadservices.com/pagead/conversion/1040066332/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/1040066332/?random=1721216352400&cv=9&fst=1721216352400&num=1&value=0&label=gyhyCL7-6AEQnM747wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Frack-space-a32937.owamser.workers.dev%2F&tiba=Rackspace%20Webmail%3A%20Hosted%20Email%20for%20Business&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef9025a043d2d92730696cd33b7216fd4a33e8d4f5d3ad4b17243b415f1ab766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rack-space-a32937.owamser.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 11:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1566
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_20141002.png
cp.rackspace.com/clients/webmail/apps_rackspace_com/images/
2 KB
2 KB
Image
General
Full URL
https://cp.rackspace.com/clients/webmail/apps_rackspace_com/images/logo_20141002.png
Requested by
Host: rack-space-a32937.owamser.workers.dev
URL: https://rack-space-a32937.owamser.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4802:7a01:10::7 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f167dfd881b45166119fce39b1fa639e925f80e4e7391e3cbe83f843490b7b19

Request headers

Referer
https://rack-space-a32937.owamser.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 11:39:12 GMT
Last-Modified
Thu, 02 Oct 2014 17:24:37 GMT
Server
Microsoft-IIS/8.5
ETag
"4924cebd65decf1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
2080
plus-anytime_anywhere-190x294.png
cp.rackspace.com/clients/webmail/apps_rackspace_com/images/
9 KB
9 KB
Image
General
Full URL
https://cp.rackspace.com/clients/webmail/apps_rackspace_com/images/plus-anytime_anywhere-190x294.png
Requested by
Host: rack-space-a32937.owamser.workers.dev
URL: https://rack-space-a32937.owamser.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4802:7a01:10::7 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
db18ad437ed30b29a15bb4a394df2f29cd5073ccab904b6ed5e2cf870530dc62

Request headers

Referer
https://rack-space-a32937.owamser.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 11:39:12 GMT
Last-Modified
Tue, 31 Oct 2017 20:00:35 GMT
Server
Microsoft-IIS/8.5
ETag
"af449aea8252d31:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
9209
/
www.google.com/pagead/1p-user-list/1040066332/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1040066332/?random=1242732529&cv=9&fst=1721216352400&num=1&value=0&label=gyhyCL7-6AEQnM747wM&bg=666666&hl=en&guid=ON&resp=GooglemKTy...
  • https://www.google.com/pagead/1p-user-list/1040066332/?random=1242732529&cv=9&fst=1721214000000&num=1&value=0&label=gyhyCL7-6AEQnM747wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2...
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1040066332/?random=1242732529&cv=9&fst=1721214000000&num=1&value=0&label=gyhyCL7-6AEQnM747wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Frack-space-a32937.owamser.workers.dev%2F&tiba=Rackspace%20Webmail%3A%20Hosted%20Email%20for%20Business&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI7bqVyv6thwMVw4uDCB332AgEMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Lmh0dHBzOi8vcmFjay1zcGFjZS1hMzI5Mzcub3dhbXNlci53b3JrZXJzLmRldi8&is_vtc=1&cid=CAQSGwDaQooLXqalWHwtsZCkpWQiQtQauXjqmzNI3A&random=2367357355&resp=GooglemKTybQhCsO
Requested by
Host: rack-space-a32937.owamser.workers.dev
URL: https://rack-space-a32937.owamser.workers.dev/
Protocol
H3
Server
172.253.62.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rack-space-a32937.owamser.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 11:39:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jul 2024 11:39:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-user-list/1040066332/?random=1242732529&cv=9&fst=1721214000000&num=1&value=0&label=gyhyCL7-6AEQnM747wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Frack-space-a32937.owamser.workers.dev%2F&tiba=Rackspace%20Webmail%3A%20Hosted%20Email%20for%20Business&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI7bqVyv6thwMVw4uDCB332AgEMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Lmh0dHBzOi8vcmFjay1zcGFjZS1hMzI5Mzcub3dhbXNlci53b3JrZXJzLmRldi8&is_vtc=1&cid=CAQSGwDaQooLXqalWHwtsZCkpWQiQtQauXjqmzNI3A&random=2367357355&resp=GooglemKTybQhCsO
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
rack-space-a32937.owamser.workers.dev/
45 KB
6 KB
Other
General
Full URL
https://rack-space-a32937.owamser.workers.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
678c7bdfa334cc04afdfdbb1e3e7ebf98ecce178135ab46d4d6791bf70cf6028

Request headers

Referer
https://rack-space-a32937.owamser.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 11:39:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gFPaqrtwTu3v9gD6I4jf3jFX0igd2gr7kC2ZTtUaj9Sc7E%2BY2OjK5o7Y4O%2BXe4T4jqjX69co0JXmE7LoLwnaBYNLODvlTPKW0qFRN6HBWb0xwsB4IdryxZOie0jWftQ2KyKJ63DiAwNl0KARSmYGqjayrj8pNEZX"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
cf-ray
8a49f3408b377edb-LAX
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.sitepoint.com
URL
https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js
Domain
ajax.goog
URL
https://ajax.goog//leapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rackspace (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onFormSubmit object| Webmail object| $Login object| $TEAEncrypt object| google_tag_data function| GooglemKTybQhCsO number| google_conversion_snippets number| google_conversion_first_time

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

6 Console Messages

Source Level URL
Text
javascript warning URL: https://rack-space-a32937.owamser.workers.dev/(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rack-space-a32937.owamser.workers.dev/(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rack-space-a32937.owamser.workers.dev/(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.goog//leapis.com/ajax/libs/jquery/1.10.2/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rack-space-a32937.owamser.workers.dev/(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://apps.rackspace.com/a/js/login.js?2230, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rack-space-a32937.owamser.workers.dev/(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googleadservices.com/pagead/conversion.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://ajax.goog//leapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED