ratathesa.tk Open in urlscan Pro
2a06:98c1:3120::a  Malicious Activity! Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ratathesa.tk/us/openseapresale/	147 KB 54 KB	501ms 443ms	Document text/html	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d31b37dff5a974be7525c0acd2f749899f037f93ff56719ad63bdb16c7eb398b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 70f5de635acf904c-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 22 May 2022 13:23:51 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BMzCfb1YV6jpRFEIJ3pp8Gc%2FxGaiL%2FeYbIo%2FaCvvI7F8N2ypCONcENoDAdEpEVcu%2FPkseUBIELZeIs9n21JpnTrGpBXSReQN7AramNxigcgkY6WBuPxH80lzXbO8hp%2Bys4xFn7UE4YcuRs%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	main.css ratathesa.tk/us/openseapresale/files/	159 KB 18 KB	33ms 23ms	Stylesheet text/css	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ratathesa.tk/us/openseapresale/files/main.css Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c996bd1654516e4dfcd47681462d20eb3b711bae92f847da4bd04e29f601450 Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:51 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 14905 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Fri, 08 Apr 2022 09:38:37 GMT Server cloudflare ETag W/"6250029d-27a55" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFB6angmUnH0433489XNXucmhIF45wlm8G7tkFlJzYwF1%2Bc%2BhJsxLbb9tHsTbSDBs%2B%2FapaGXDpunP2vll8N3pxJPSJ6fs4UOcOtRQxAfXDQnj2IJIEgAlsrtBTSAr52Jh87yI9SjTwjatjs%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 70f5de666b579bf4-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	translateelement.css ratathesa.tk/us/openseapresale/files/	18 KB 4 KB	34ms 25ms	Stylesheet text/css	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ratathesa.tk/us/openseapresale/files/translateelement.css Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:51 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 14256 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Fri, 08 Apr 2022 09:38:37 GMT Server cloudflare ETag W/"6250029d-4924" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGCMM62pNdReHun5W7ej%2B4I1cCppbAFQQcJIjF%2BaVFup6jLU%2BM%2FxJb0BaoxpVApAdvWCjN7cQQMXLyTsSZ7b3zZolGboQWh%2BPrwA3CusK2rx%2BUAqkuWMwgEoSgh03%2BOLbSjgogvnR0PQeno%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 70f5de666c869113-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/	86 KB 31 KB	33ms 8ms	Script text/javascript	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 13:02:02 GMT content-encoding gzip x-content-type-options nosniff age 174109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 20 May 2023 13:02:02 GMT
GET H2	200	ethers-v4.min.js Show response cdn.ethers.io/scripts/	296 KB 92 KB	140ms 37ms	Script application/javascript	54.192.231.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.ethers.io/scripts/ethers-v4.min.js Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.231.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-231-66.waw50.r.cloudfront.net Software AmazonS3 / Resource Hash 2f426ca96f459f9229cf53665db2de4ec82d15ce49f767915378d87f733ccf9a Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 15:32:44 GMT content-encoding gzip last-modified Fri, 23 Oct 2020 03:52:54 GMT server AmazonS3 age 78668 etag W/"0e66b864a27c5961a702e18683961608" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id 1vIDD7850l9p1Juv2dxP72RhnSV02NFY via 1.1 f62050e21268ac5026b6ccb68a1f0a2a.cloudfront.net (CloudFront) x-amz-cf-pop WAW50-C1 content-type application/javascript; charset=utf-8 x-amz-cf-id 1442xMvp1ZINWIxXDMyWqzRv_N24RX5wToKAgFCpXqjSx6uay0i3hw==
GET DATA	200 OK	truncated /	30 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4c41e265716203e2e0df1c5631571d16ad601709b61ecaf90c5d447a89f7992a Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	openlogo.PNG ratathesa.tk/us/openseapresale/files/	2 KB 3 KB	27ms 26ms	Image image/png	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ratathesa.tk/us/openseapresale/files/openlogo.PNG Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a679224bb2f24e603d2a6921210bca37d0d3da453c01f206838090902adffeb8 Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:51 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 14585 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2137 Last-Modified Fri, 08 Apr 2022 09:38:38 GMT Server cloudflare ETag "6250029e-859" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzWsn%2BHrWhuOuiD%2By9UqmsoOH34SLn%2FqcKzhNcQw19nrdY5SNLVCuEL3AYuFuDr4oFeYn0gj6Go%2F6ozaUVi3c7wlvFnR1oWoz9oFPiP%2BqR88lSg2AfNIxYdggRW03sG01irjbUfPWNLR7x0%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 70f5de6988cd904c-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	question-mark.2446fa68.svg ratathesa.tk/us/openseapresale/files/	1 KB 1 KB	33ms 32ms	Image image/svg+xml	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ratathesa.tk/us/openseapresale/files/question-mark.2446fa68.svg Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40696c58debdfdb7cd58856536a7a6a9cdc7ef308a0f4c706553790048dddab6 Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:51 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2125 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Fri, 08 Apr 2022 09:38:38 GMT Server cloudflare ETag W/"6250029e-482" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYa838sdXXAZVJqe6vdKsrhJ7uZ5EHD0RQ1WFjU6gKtCy%2FC%2BqLk4Aej1adzQQuiDTjyYRuaR765FT9Lo0bonRiVe%2BrvIEsZt6sXrxVlpChFM%2FxxoZrokW6HE5EcU6FWzimy7ax7DR87YRiI%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=14400 CF-RAY 70f5de699a989113-FRA
GET H/1.1	200 OK	bulb.c38857e9.svg ratathesa.tk/us/openseapresale/files/	2 KB 1 KB	16ms 15ms	Image image/svg+xml	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ratathesa.tk/us/openseapresale/files/bulb.c38857e9.svg Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c65274307ab7841a16a4a914d5790d1020726a620a1089f5a67dad6fddb80775 Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:51 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2125 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Fri, 08 Apr 2022 09:38:38 GMT Server cloudflare ETag W/"6250029e-67c" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjNL62IpB%2BihpDFaAS1Fibge57UDvOo4M3HeuPNwWn9Z3B%2FvBZGVAeqQzowMuzA6xJSnBotAaHMnjrb7ZM4PQFgy0EBQy%2F8mLG8alFwarU8mzaJXFO7%2BPkG4tKn1JtOP%2BPXYGE%2BkSkoaWFU%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=14400 CF-RAY 70f5de6989669bf4-FRA
GET H/1.1	200 OK	info.a2fe040d.svg ratathesa.tk/us/openseapresale/files/	1 KB 1 KB	436ms 427ms	Image image/svg+xml	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ratathesa.tk/us/openseapresale/files/info.a2fe040d.svg Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c90e5c2c7b2b750b8139738f91591127b20fb5f493040448129e42a407f68a0 Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:52 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 08 Apr 2022 09:38:38 GMT Server cloudflare ETag W/"6250029e-402" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6aeVNSUUnYS53tLn9ZEHAEBsOxs4bvxgUzUaA6p6h3sgrJ9CR5AlT%2BYLteJjKM%2BFPZQ89CMwbp5LH9gkC5ESStOLhrakEa2B3%2FrJAJZOtRQNehSf0ExNrHzYdOastPirJKzMg2SGRfdrCY%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 70f5de699f23923b-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	discord.8f193baa.svg ratathesa.tk/us/openseapresale/files/	5 KB 3 KB	432ms 422ms	Image image/svg+xml	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ratathesa.tk/us/openseapresale/files/discord.8f193baa.svg Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e36947480ea785062b873aa85958be75e4f156115bdec0412c7b8ceba2082b3a Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:52 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Fri, 08 Apr 2022 09:38:38 GMT Server cloudflare ETag W/"6250029e-1321" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRksFjQNhSR8qcz23lLyZiNT2uJ%2FNzqNyujVmMjJH%2BZprnTevwu%2Ft7Ia%2FHXSCsBXEVdWcCu4s8ckq4P8MFR78nUtUJoyb2JdGF%2B%2BcJasOF98v8krfnaNHciZykoAKYXKDVHpEUzTJUjFW%2BQ%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 70f5de699a179171-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	twitter.7c73c4a0.svg ratathesa.tk/us/openseapresale/files/	2 KB 2 KB	441ms 432ms	Image image/svg+xml	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ratathesa.tk/us/openseapresale/files/twitter.7c73c4a0.svg Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76c3e47fce56b81b95a2b24c7e34107aed136ead38a9d319c9d53799704c6b4d Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:52 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Fri, 08 Apr 2022 09:38:38 GMT Server cloudflare ETag W/"6250029e-669" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwmUDxwBUDAiMNm6JV1PqNzzI9c%2FUKOUyq3SFHBPN0gF8R%2FTRSETET%2FRN6ZvosuJqKrYMkqFhQJAFffnoSESYB%2FXHKJb7KFdkRXedoy0QBtVZhH7WwTczUuTjYiZYXJdCO0aG3yeILJ54cY%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 70f5de6999a09b67-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	twitter-light.svg ratathesa.tk/us/openseapresale/files/	1 KB 1 KB	423ms 422ms	Image image/svg+xml	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ratathesa.tk/us/openseapresale/files/twitter-light.svg Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df2ddc3657b0b32d54b559821a84ccd9a196f93612e6a5a6a77c128fa899500e Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:52 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 08 Apr 2022 09:38:39 GMT Server cloudflare ETag W/"6250029f-451" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHFA6dmCsfPFtcl13dm9DT1VDe57Dx%2B8fhMo%2FiFFfnwjUZ6jW0QlJezv2ctgNaRtYmxjHR%2BQgDVnvslIfln9SRbvMAVV81mb17m8Y8nG5Em1TlvDmb8PvV9gCpVh7RnuNLEwIhMBTRAMYSA%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 70f5de69a9969bf4-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	discord-light.svg ratathesa.tk/us/openseapresale/files/	2 KB 2 KB	25ms 13ms	Image image/svg+xml	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ratathesa.tk/us/openseapresale/files/discord-light.svg Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/ Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546 Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:51 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2125 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Fri, 08 Apr 2022 09:38:39 GMT Server cloudflare ETag W/"6250029f-82e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXMOBMwm1F8lpOpWGzCWmxC2%2FNsPy3TSHm4P0dQm6mmrXV7gs%2Fa74SGFzsJNWR1eLwDVG5MwMxh7OvrZMqerBuYPoDwyJGsUEF9cmrQZLGubN8JHtokN%2B6VRKIQLuSbkrsXgqSQ3j5OeBbk%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=14400 CF-RAY 70f5de69cadb9113-FRA
GET H/1.1	200 OK	planet.svg ratathesa.tk/us/openseapresale/img/	0 769 B	465ms 460ms	Image text/html	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ratathesa.tk/us/openseapresale/img/planet.svg Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/files/main.css Protocol HTTP/1.1 Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://ratathesa.tk/us/openseapresale/files/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 13:23:52 GMT Content-Encoding gzip CF-Cache-Status EXPIRED Last-Modified Sun, 22 May 2022 09:15:28 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LaQOfhiuDA1rMNHeLwpYJqlotz9rZrEGkaD1ejUIRXDa%2BKgxtE9IGJPS9BGyBtRwxGjKbN1Pct%2F9Q0x9%2FKeLjIA6ferAIucr0rxbldhV78ENzDEimp05IIghGpcwCBCoIBas5Q2anfEi1g%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 70f5de69b911904c-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H2	200	rP2Cp2ywxg089UriASitCBimCw.woff2 fonts.gstatic.com/s/dmsans/v6/	18 KB 18 KB	34ms 8ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2 Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/files/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://ratathesa.tk/ Origin http://ratathesa.tk accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 01:28:28 GMT x-content-type-options nosniff age 215723 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18244 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:00:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 20 May 2023 01:28:28 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v15/	8 KB 8 KB	36ms 11ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/files/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://ratathesa.tk/ Origin http://ratathesa.tk accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 20 May 2022 07:29:56 GMT x-content-type-options nosniff age 194035 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7832 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:01:48 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 20 May 2023 07:29:56 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v15/	8 KB 8 KB	41ms 15ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/files/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://ratathesa.tk/ Origin http://ratathesa.tk accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 16 May 2022 21:36:14 GMT x-content-type-options nosniff age 488857 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7776 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:01:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 16 May 2023 21:36:14 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v15/	8 KB 8 KB	42ms 17ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: ratathesa.tk URL: http://ratathesa.tk/us/openseapresale/files/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://ratathesa.tk/ Origin http://ratathesa.tk accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 16 May 2022 11:27:22 GMT x-content-type-options nosniff age 525389 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7900 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:02:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 16 May 2023 11:27:22 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| $ function| jQuery function| setImmediate function| clearImmediate object| ethers function| getcookie number| count function| getRandomInRange function| timeDisp function| changeTheme function| writeCookie function| readCookie number| mintnumber number| interval function| foo object| _subid_

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ratathesa.tk/	1970-01-20 03:56:57	Name: mintede Value: 512

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.ethers.io
fonts.gstatic.com
ratathesa.tk
2a00:1450:4001:802::2003
2a00:1450:4001:813::200a
2a06:98c1:3120::a
54.192.231.66
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
2f426ca96f459f9229cf53665db2de4ec82d15ce49f767915378d87f733ccf9a
3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546
40696c58debdfdb7cd58856536a7a6a9cdc7ef308a0f4c706553790048dddab6
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4c41e265716203e2e0df1c5631571d16ad601709b61ecaf90c5d447a89f7992a
5c996bd1654516e4dfcd47681462d20eb3b711bae92f847da4bd04e29f601450
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
76c3e47fce56b81b95a2b24c7e34107aed136ead38a9d319c9d53799704c6b4d
9c90e5c2c7b2b750b8139738f91591127b20fb5f493040448129e42a407f68a0
a679224bb2f24e603d2a6921210bca37d0d3da453c01f206838090902adffeb8
a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
c65274307ab7841a16a4a914d5790d1020726a620a1089f5a67dad6fddb80775
d31b37dff5a974be7525c0acd2f749899f037f93ff56719ad63bdb16c7eb398b
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
df2ddc3657b0b32d54b559821a84ccd9a196f93612e6a5a6a77c128fa899500e
e36947480ea785062b873aa85958be75e4f156115bdec0412c7b8ceba2082b3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855