monitoring.rax.bg Open in urlscan Pro
185.31.121.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://monitoring.rax.bg/
Submission Tags: phishingrod
Submission: On December 21 via api (December 21st 2023, 12:16:10 pm UTC) from DE — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 185.31.121.18, located in Bulgaria and belongs to RAX-AS, BG. The main domain is monitoring.rax.bg.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 30th 2020. Valid for: 2 years.

This is the only time monitoring.rax.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	185.31.121.18 185.31.121.18		199364 (RAX-AS) (RAX-AS)
11	1

11 185.31.121.18 (Bulgaria)

ASN199364 (RAX-AS, BG)
PTR: 18.121.31.185.static.webnick.net

monitoring.rax.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	rax.bg monitoring.rax.bg	714 KB
11	1

	Domain	Requested by
11	monitoring.rax.bg	monitoring.rax.bg
11	1

This site contains no links.

Subject Issuer	Validity	Valid
monitoring.rax.bg Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2022-07-30`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.rax.bg/
Frame ID: 6075A3D8A1B6E925DFC28A7DBDAB6C47
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RAX Monitoring System

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

714 kB
Transfer

710 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response monitoring.rax.bg/	4 KB 4 KB	577ms 59ms	Document text/html	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Full URL https://monitoring.rax.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / PHP/7.0.27 Resource Hash `10c06fe3a4e7ae3b12c004c5b74f484361981b479c181e817a0c8819572e3e8c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Length 3584 Content-Type text/html; charset=UTF-8 Date Thu, 21 Dec 2023 12:16:01 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 X-Powered-By PHP/7.0.27
GET H/1.1	200 OK	observium.css monitoring.rax.bg/css/	259 KB 260 KB	33ms 33ms	Stylesheet text/css	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Full URL https://monitoring.rax.bg/css/observium.css?v=18.9.9420 Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `ed153f4ee58c96ddfe7b4bdfc4ca2e4761052908da9985975961ff71bb424c77` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.rax.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:01 GMT Last-Modified Fri, 31 Aug 2018 14:23:21 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "40ccb-574bbeeffc840" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 265419
GET H/1.1	200 OK	sprite.css monitoring.rax.bg/css/	30 KB 31 KB	95ms 34ms	Stylesheet text/css	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Full URL https://monitoring.rax.bg/css/sprite.css?v=18.9.9420 Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `23c95ebdbfe460f6294603ba0d896390925c8bc1d6efe419b0342ce36a69c9e9` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.rax.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:01 GMT Last-Modified Fri, 31 Aug 2018 14:23:21 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "79d4-574bbeeffc840" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 31188
GET H/1.1	200 OK	jquery.min.js Show response monitoring.rax.bg/js/	95 KB 95 KB	93ms 32ms	Script application/javascript	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Full URL https://monitoring.rax.bg/js/jquery.min.js?v=18.9.9420 Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.rax.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:01 GMT Last-Modified Tue, 10 May 2016 22:04:58 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "17b9c-532841da55680" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 97180
GET H/1.1	200 OK	bootstrap.min.js Show response monitoring.rax.bg/js/	36 KB 36 KB	94ms 32ms	Script application/javascript	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Full URL https://monitoring.rax.bg/js/bootstrap.min.js?v=18.9.9420 Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.rax.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:01 GMT Last-Modified Mon, 16 May 2016 14:09:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "9004-532f62bef4d00" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 36868
GET H/1.1	200 OK	observium-screen.js Show response monitoring.rax.bg/js/	1 KB 2 KB	94ms 32ms	Script application/javascript	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Full URL https://monitoring.rax.bg/js/observium-screen.js?v=18.9.9420 Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `42cfa93fe9fd670ce99994ce148cf4a34c76b5322ffef64b776b37c21fd91f6b` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.rax.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:01 GMT Last-Modified Thu, 07 Jan 2016 20:43:12 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "5e8-528c484e73800" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1512
GET H/1.1	200 OK	login-hamster-large.png monitoring.rax.bg/images/	67 KB 67 KB	34ms 33ms	Image image/png	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://monitoring.rax.bg/images/login-hamster-large.png Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `33725361ad73ce7034677670468d0a6911a9d41cfd3d0f216e4c05f06351b297` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.rax.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:03 GMT Last-Modified Fri, 31 Aug 2018 14:23:20 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "10bf9-574bbeef08600" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 68601
GET H/1.1	200 OK	observium-mini-logo.png monitoring.rax.bg/images/	6 KB 7 KB	555ms 555ms	Image image/png	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Show image Full URL https://monitoring.rax.bg/images/observium-mini-logo.png Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/css/observium.css?v=18.9.9420 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `a68df80e66c57b39d2591e49c130841efa7d2c0bb75432bd981d35ff5fdfc954` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.rax.bg/css/observium.css?v=18.9.9420 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:03 GMT Last-Modified Sun, 04 Oct 2015 05:21:35 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "18e9-52140920555c0" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 6377
GET H/1.1	200 OK	SourceSansPro-Regular.ttf.woff2 monitoring.rax.bg/fonts/	85 KB 85 KB	620ms 620ms	Font application/font-sfnt	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Full URL https://monitoring.rax.bg/fonts/SourceSansPro-Regular.ttf.woff2 Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/css/observium.css?v=18.9.9420 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `27c06ca531d01f12d9e28d869000985e4cf84dd0724afe578e942d44f09d19c2` Request headers Referer https://monitoring.rax.bg/css/observium.css?v=18.9.9420 Origin https://monitoring.rax.bg accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:03 GMT Last-Modified Thu, 17 Dec 2015 05:17:39 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "1533c-52711243602c0" Content-Type application/font-sfnt Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 86844
GET H/1.1	200 OK	SourceSansPro-Semibold.ttf.woff2 monitoring.rax.bg/fonts/	84 KB 84 KB	914ms 914ms	Font application/font-sfnt	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Full URL https://monitoring.rax.bg/fonts/SourceSansPro-Semibold.ttf.woff2 Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/css/observium.css?v=18.9.9420 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `b96f55ccea2c4ad959ca841fa881a893e7df33a2e575d621a81d2f1063b429c4` Request headers Referer https://monitoring.rax.bg/css/observium.css?v=18.9.9420 Origin https://monitoring.rax.bg accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:04 GMT Last-Modified Thu, 17 Dec 2015 05:17:39 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "150b4-52711243602c0" Content-Type application/font-sfnt Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 86196
GET H/1.1	200 OK	fontawesome-webfont.woff monitoring.rax.bg/css/font-awesome/font/	43 KB 43 KB	804ms 804ms	Font application/font-woff	185.31.121.18 RAX-AS
General Check archive.org Show headers Download Go to Full URL https://monitoring.rax.bg/css/font-awesome/font/fontawesome-webfont.woff?v=3.2.1 Requested by Host: monitoring.rax.bg URL: https://monitoring.rax.bg/css/observium.css?v=18.9.9420 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.31.121.18 , Bulgaria, ASN199364 (RAX-AS, BG), Reverse DNS 18.121.31.185.static.webnick.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 / Resource Hash `18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f` Request headers Referer https://monitoring.rax.bg/css/observium.css?v=18.9.9420 Origin https://monitoring.rax.bg accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 12:16:03 GMT Last-Modified Sun, 04 Oct 2015 05:21:32 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.27 ETag "aa34-5214091d78f00" Content-Type application/font-woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 43572

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
monitoring.rax.bg/	1970-01-20 17:07:27	Name: OBSID Value: o1cd283gk3jbrrhk0d4qaul7k0cigiss
monitoring.rax.bg/	1970-01-20 17:06:04	Name: observium_screen_ratio Value: 1
monitoring.rax.bg/	1970-01-20 17:06:04	Name: observium_screen_resolution Value: 1600x1200

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

monitoring.rax.bg
185.31.121.18
10c06fe3a4e7ae3b12c004c5b74f484361981b479c181e817a0c8819572e3e8c
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
23c95ebdbfe460f6294603ba0d896390925c8bc1d6efe419b0342ce36a69c9e9
27c06ca531d01f12d9e28d869000985e4cf84dd0724afe578e942d44f09d19c2
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
33725361ad73ce7034677670468d0a6911a9d41cfd3d0f216e4c05f06351b297
42cfa93fe9fd670ce99994ce148cf4a34c76b5322ffef64b776b37c21fd91f6b
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
a68df80e66c57b39d2591e49c130841efa7d2c0bb75432bd981d35ff5fdfc954
b96f55ccea2c4ad959ca841fa881a893e7df33a2e575d621a81d2f1063b429c4
ed153f4ee58c96ddfe7b4bdfc4ca2e4761052908da9985975961ff71bb424c77

monitoring.rax.bg Open in urlscan Pro 185.31.121.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

714 kBTransfer

710 kBSize

3 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

3 Cookies

Indicators

monitoring.rax.bg Open in urlscan Pro
185.31.121.18 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

714 kB
Transfer

710 kB
Size

3
Cookies

11 HTTP transactions
0 data transactions