ratatoti.vip
Open in
urlscan Pro
104.27.190.57
Malicious Activity!
Public Scan
Effective URL: http://ratatoti.vip/?pl=651.e896a3f0cb11deaa03e1a4a2f3fe83ef&n=aHR0cDovL2RrLmJpdGNvaW5ld3MtYXBwbC5yYXRhdG90aS52aXAvP...
Submission: On November 05 via automatic, source phishtank
Summary
This is the only time ratatoti.vip was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 8.208.26.229 8.208.26.229 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
1 1 | 172.67.140.217 172.67.140.217 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
31 | 104.27.190.57 104.27.190.57 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
35 | 2 |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
802256.worktraining.link |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
ratatoti.vip
1 redirects
dk.bitcoinews-appl.ratatoti.vip ratatoti.vip |
870 KB |
4 |
gstatic.com
fonts.gstatic.com |
93 KB |
1 |
worktraining.link
1 redirects
802256.worktraining.link |
353 B |
35 | 3 |
Domain | Requested by | |
---|---|---|
31 | ratatoti.vip |
ratatoti.vip
|
4 | fonts.gstatic.com |
ratatoti.vip
|
1 | dk.bitcoinews-appl.ratatoti.vip | 1 redirects |
1 | 802256.worktraining.link | 1 redirects |
35 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
dk.bitcoinews-appl.ratatoti.vip |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gstatic.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://ratatoti.vip/?pl=651.e896a3f0cb11deaa03e1a4a2f3fe83ef&n=aHR0cDovL2RrLmJpdGNvaW5ld3MtYXBwbC5yYXRhdG90aS52aXAvP3Nlc3Npb249NjFjZWU5NjhhMGMxNDVkOTg2OGY5ZWI1OWE3ZmNhNjgmYWZmX2lkPTY3NjMmZnBwPTEmcGl4ZWxzZXR0aW5ncz1kay5iaXRjb2luZXdzLWFwcGwucmF0YXRvdGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Frame ID: 7736090A19C043B9C160B96E1F6FFFA8
Requests: 35 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://802256.worktraining.link/news
HTTP 302
http://dk.bitcoinews-appl.ratatoti.vip/04os HTTP 302
http://ratatoti.vip/?pl=651.e896a3f0cb11deaa03e1a4a2f3fe83ef&n=aHR0cDovL2RrLmJpdGNvaW5ld3MtYXBwb... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://802256.worktraining.link/news
HTTP 302
http://dk.bitcoinews-appl.ratatoti.vip/04os HTTP 302
http://ratatoti.vip/?pl=651.e896a3f0cb11deaa03e1a4a2f3fe83ef&n=aHR0cDovL2RrLmJpdGNvaW5ld3MtYXBwbC5yYXRhdG90aS52aXAvP3Nlc3Npb249NjFjZWU5NjhhMGMxNDVkOTg2OGY5ZWI1OWE3ZmNhNjgmYWZmX2lkPTY3NjMmZnBwPTEmcGl4ZWxzZXR0aW5ncz1kay5iaXRjb2luZXdzLWFwcGwucmF0YXRvdGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ratatoti.vip/ Redirect Chain
|
64 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
ratatoti.vip/prelands/651/css/ |
37 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style-ad.css
ratatoti.vip/prelands/651/css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tidyx-v2.css
ratatoti.vip/prelands/651/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.css
ratatoti.vip/prelands/651/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
ratatoti.vip/prelands/651/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Claudio.jpg
ratatoti.vip/prelands/651/images/ |
69 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mattino-cinque_1.jpg
ratatoti.vip/prelands/651/images/ |
84 KB 85 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mattino-cinque_2.jpg
ratatoti.vip/prelands/651/images/ |
287 KB 288 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
odA9sNLrE86.jpg
ratatoti.vip/prelands/651/images/ |
1006 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
18423978_10210643158807484_4625467277978165616_n.jpg
ratatoti.vip/prelands/651/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
11880513_10153182441573635_6391766102196689121_n.jpg
ratatoti.vip/prelands/651/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
18119267_10155363709609924_958378663814436125_n.jpg
ratatoti.vip/prelands/651/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
16406523_1345882538809440_8201065904356080273_n.jpg
ratatoti.vip/prelands/651/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
16807461_10211764664812826_5680036435541740063_n.jpg
ratatoti.vip/prelands/651/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
11.jpg
ratatoti.vip/prelands/651/images/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
22.jpg
ratatoti.vip/prelands/651/images/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
33.jpg
ratatoti.vip/prelands/651/images/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
44.jpg
ratatoti.vip/prelands/651/images/ |
14 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
55.jpg
ratatoti.vip/prelands/651/images/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
66.jpg
ratatoti.vip/prelands/651/images/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
ratatoti.vip/prelands/651/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getdetector.js
ratatoti.vip/prelands/651/js/ |
216 B 896 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_img3.jpg
ratatoti.vip/prelands/651/images/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_img1.jpg
ratatoti.vip/prelands/651/images/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_img2.jpg
ratatoti.vip/prelands/651/images/ |
120 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
like.png
ratatoti.vip/prelands/651/images/ |
344 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bot_img_1.jpg
ratatoti.vip/prelands/651/images/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bot_img_3.jpg
ratatoti.vip/prelands/651/images/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bot_img_2.jpg
ratatoti.vip/prelands/651/images/ |
47 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bot_img_4.jpg
ratatoti.vip/prelands/651/images/ |
23 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v12/ |
44 KB 23 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v12/ |
45 KB 23 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v12/ |
44 KB 23 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v12/ |
44 KB 23 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery object| d number| month number| day string| output1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ratatoti.vip/ | Name: __cfduid Value: dd452ac2c7cfeda39b1e061cd91fcf9101604615613 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
802256.worktraining.link
dk.bitcoinews-appl.ratatoti.vip
fonts.gstatic.com
ratatoti.vip
104.27.190.57
172.67.140.217
2a00:1450:4001:814::2003
8.208.26.229
08b92ab5e7156044eb19076b98eab77a50d1848972455d27c7b966a293bbec4b
08c10d9bf3024a0774707d52b2307c67c5437a2adf883069b9eb858c40b5adfd
10dbe678a1f5f240dd1a2d22371618e3c2abdb24bf2824e062a4435b364b7ca3
280111f48e27bea0f546a2f17df0d0de29a26311b10e54607a2985e82f8aac36
317af6b5f1f66dae367b7775017e6517b06ee45b21643400083f1bb92d4ea2f4
3a1aba60401394a936ff5a105d7f25fe9587426920302ff5e2a380020c9b1d81
419512a1a9d45f2c31f15e9154f663206e975b5a397840b41599e78cf8ff9acb
47794cb075cbe545981fed312ea3cd000d5293c5c1c1aad31e6c33150bb42284
4c711a0204931da4ae187061dd44f6bd93d33fc91b3e1a46b683afdaa7b79518
4dc3d53812200651f4bf408f67dee4fb4437e7fb07dcdf791f59acf9dd19998b
5b0e76355e5639bbd02653ad09673b3854b9f6eae98f2c5ea755b8864ad3f88a
5c696fe9f64d25c68d52ee5e593c85c6e7334d130ad63407fd963ba9de462b68
5d3cbc68203ed5bcf1b0d13d0c083cb170ae6c320317518def04eb366e314443
5d3f2f13ab076119ff97f724e84a3eda1eecca4d6f2e780c93fa6844a3fcb800
5d9369bdc4929336358bb0174e6b07d0160e478c7bb87c91e51ce4e38998a6e9
66dc995d8af6f17d9e3931e5de51ef935684a6cbf609a2284d723292676802c0
6c1691e11c527f54c2767edbcd339c5cb22ccc2015453ac6c2a129ae7f71fb43
72aed54637c02a7a9f04fdd621299791428a886a5b66d5a7b7af7c0731202903
76945f72a2ae1f7e42c11b1142ffda98b857b3dd1a705d80886446b806a42209
7efbd86cc7b38ff4073967d7ec290934fc421eb2ed25ed3ec1592d79826e610c
8214515fa733b013c83d970b0221f6d520b5542317713151162e8c0b788f9b4a
8310bb8d264496b5286425f245647abf8d6636b775e3ec90ada0ae144046c7e6
886433c8eb26760a3e82c7994ec4aec76ae8aff865b1c256560a6002b5c805ff
8b4a6785da6baca34566580c9502d96aae9b1d9b3c3676472e34dd7d81a59225
923500308cdb456af465e91375aa1bf3d5cbf3879bf0234a413fa80d75cd9028
9324995dff281c278487316c255086daa556d4501bfe5b76cc5de9816093d79f
97ddba02cbc0fda86ea86d85fb3c811b792dada5356ca05b9b374e0eb687313f
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354
ac17b622ac7438b12ce61b5c088669cd7484f951cf7993b56ecc96bfe8842c40
b128faf2db3afc5cda64e3a00f54dd96e2ebf5b7155c77086cbaec430d08bf2c
b2834f1eeea411e738502c91b8109386d1e62ef7b52b271c2d69db5f5b2bcc7c
c81eb6da7027a7033714c1d5f939b9b6a3a85d2c228e5ca329e4a9ec6073fb51
d56d0873e674158d69cb40c0de9a0cd0d1a02511c2b24545dc56824a9f03149a
e2584299a0eedc0526ede43323ba011b6cc5a6d9e5239ba139da4b1e201d6128