rakten.amaz-ftx.ga Open in urlscan Pro
109.166.37.42  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response rakten.amaz-ftx.ga/	1 KB 772 B	204ms 4ms	Document text/html	109.166.37.42 M247
General Check archive.org Show headers Download Go to Full URL https://rakten.amaz-ftx.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash 9bd296396d565f492b18f74519b9fcd7e8e8ef9576efa3d8b141e7b3aa1cf414 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Response headers last-modified Wed, 01 Dec 2021 06:35:36 GMT etag "519-5d20fe1ab5e00-gzip" accept-ranges bytes vary Accept-Encoding content-encoding gzip content-length 635 content-type text/html date Wed, 15 Dec 2021 00:33:08 GMT server Apache
GET H2	200	app.f2b4aef7.css rakten.amaz-ftx.ga/css/	2 MB 271 KB	54ms 53ms	Stylesheet text/css	109.166.37.42 M247
General Check archive.org Show headers Download Go to Full URL https://rakten.amaz-ftx.ga/css/app.f2b4aef7.css Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash ce2553779dfb9188ca97c8aba7438c3dec524f7a44d0ec4dec3e7df82f4099a2 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://rakten.amaz-ftx.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 00:33:08 GMT content-encoding gzip last-modified Wed, 01 Dec 2021 06:35:36 GMT server Apache etag "18b701-5d20fe1ab5e00-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	app.c04ed9e7.js Show response rakten.amaz-ftx.ga/js/	1 MB 536 KB	52ms 52ms	Script application/javascript	109.166.37.42 M247
General Check archive.org Show headers Download Go to Full URL https://rakten.amaz-ftx.ga/js/app.c04ed9e7.js Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash e0382284cf5d3f40f34b8ea4f08498996b5956e956f9eaaec2dcfe4fd28395d0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://rakten.amaz-ftx.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 00:33:08 GMT content-encoding gzip last-modified Wed, 01 Dec 2021 06:35:36 GMT server Apache etag "14e83f-5d20fe1ab5e00-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	chunk-vendors.032ccc74.js Show response rakten.amaz-ftx.ga/js/	708 KB 196 KB	47ms 47ms	Script application/javascript	109.166.37.42 M247
General Check archive.org Show headers Download Go to Full URL https://rakten.amaz-ftx.ga/js/chunk-vendors.032ccc74.js Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash 584dce6cdd96a7ebfe6ad33285756cdbd16b2ba294a6785d8be9445bee5a3202 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://rakten.amaz-ftx.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 00:33:08 GMT content-encoding gzip last-modified Wed, 01 Dec 2021 06:35:36 GMT server Apache etag "b1109-5d20fe1ab5e00-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	api_session.php Show response rakten.amaz-ftx.ga/api/	40 B 137 B	728ms 728ms	XHR text/html	109.166.37.42 M247
General Check archive.org Show headers Download Go to Full URL https://rakten.amaz-ftx.ga/api/api_session.php Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/js/chunk-vendors.032ccc74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash 41b97890cfa6087ee5620ae75eba874144eb88adc0e94a52f4b52bb32f98db0c Request headers Accept application/json, text/plain, */* Referer https://rakten.amaz-ftx.ga/ Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 00:33:08 GMT content-encoding gzip server Apache vary Accept-Encoding access-control-allow-methods POST content-type text/html;charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-length 59 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	jump.php Show response rakten.amaz-ftx.ga/api/	2 B 226 B	726ms 726ms	XHR text/html	109.166.37.42 M247
General Check archive.org Show headers Download Go to Full URL https://rakten.amaz-ftx.ga/api/jump.php Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/js/chunk-vendors.032ccc74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488 Request headers Accept application/json, text/plain, */* Referer https://rakten.amaz-ftx.ga/ Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 00:33:08 GMT content-encoding gzip server Apache vary Accept-Encoding access-control-allow-methods * content-type text/html;charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-length 22 expires Thu, 19 Nov 1981 08:52:00 GMT
POST		openvmlogin.php rakten.amaz-ftx.ga/api/	0 0
GET H2	404	style.php rakten.amaz-ftx.ga/rms/nid/	0 0	20ms 20ms	Stylesheet text/html	109.166.37.42 M247
General Check archive.org Show headers Download Go to Full URL https://rakten.amaz-ftx.ga/rms/nid/style.php Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/js/chunk-vendors.032ccc74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://rakten.amaz-ftx.ga/rms/nid/login?service_id=i20&return_url=retargeting/conditioning&scid=wi_myr_log User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 00:33:09 GMT server Apache content-length 265 content-type text/html; charset=iso-8859-1
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a Request headers Accept-Language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada Request headers Accept-Language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	75 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59 Request headers Accept-Language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	bg_btn_red_btm.gif rakten.amaz-ftx.ga/static/assets/images/	442 B 497 B	12ms 11ms	Image image/gif	109.166.37.42 M247
General Check archive.org Show headers Download Go to Show image Full URL https://rakten.amaz-ftx.ga/static/assets/images/bg_btn_red_btm.gif Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/css/app.f2b4aef7.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash 175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://rakten.amaz-ftx.ga/css/app.f2b4aef7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 00:33:09 GMT last-modified Wed, 01 Dec 2021 06:35:36 GMT server Apache accept-ranges bytes etag "1ba-5d20fe1ab5e00" content-length 442 content-type image/gif
GET H2	200	bg_btn_red_top.gif rakten.amaz-ftx.ga/static/assets/images/	2 KB 2 KB	12ms 11ms	Image image/gif	109.166.37.42 M247
General Check archive.org Show headers Download Go to Show image Full URL https://rakten.amaz-ftx.ga/static/assets/images/bg_btn_red_top.gif Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/css/app.f2b4aef7.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash 849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://rakten.amaz-ftx.ga/css/app.f2b4aef7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 00:33:09 GMT last-modified Wed, 01 Dec 2021 06:35:36 GMT server Apache accept-ranges bytes etag "75d-5d20fe1ab5e00" content-length 1885 content-type image/gif
GET H2	200	icon_btn_arrow.gif rakten.amaz-ftx.ga/static/assets/images/	60 B 106 B	12ms 11ms	Image image/gif	109.166.37.42 M247
General Check archive.org Show headers Download Go to Show image Full URL https://rakten.amaz-ftx.ga/static/assets/images/icon_btn_arrow.gif Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/css/app.f2b4aef7.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://rakten.amaz-ftx.ga/css/app.f2b4aef7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 00:33:09 GMT last-modified Wed, 01 Dec 2021 06:35:36 GMT server Apache accept-ranges bytes etag "3c-5d20fe1ab5e00" content-length 60 content-type image/gif
GET H2	200	info.gif rakten.amaz-ftx.ga/static/assets/images/	360 B 408 B	12ms 12ms	Image image/gif	109.166.37.42 M247
General Check archive.org Show headers Download Go to Show image Full URL https://rakten.amaz-ftx.ga/static/assets/images/info.gif Requested by Host: rakten.amaz-ftx.ga URL: https://rakten.amaz-ftx.ga/css/app.f2b4aef7.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.166.37.42 Tokyo, Japan, ASN9009 (M247, GB), Reverse DNS Software Apache / Resource Hash 33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://rakten.amaz-ftx.ga/css/app.f2b4aef7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 00:33:09 GMT last-modified Wed, 01 Dec 2021 06:35:36 GMT server Apache accept-ranges bytes etag "168-5d20fe1ab5e00" content-length 360 content-type image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

rakten.amaz-ftx.ga

URL

https://rakten.amaz-ftx.ga/api/openvmlogin.php

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rakuten (E-commerce)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonp function| _ boolean| __VUE__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rakten.amaz-ftx.ga/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4rj2lol08bc80c5unb3qf34822

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rakten.amaz-ftx.ga/rms/nid/style.php Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rakten.amaz-ftx.ga
rakten.amaz-ftx.ga
109.166.37.42
175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67
33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b
41b97890cfa6087ee5620ae75eba874144eb88adc0e94a52f4b52bb32f98db0c
584dce6cdd96a7ebfe6ad33285756cdbd16b2ba294a6785d8be9445bee5a3202
62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada
6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a
7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59
849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d
9bd296396d565f492b18f74519b9fcd7e8e8ef9576efa3d8b141e7b3aa1cf414
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ce2553779dfb9188ca97c8aba7438c3dec524f7a44d0ec4dec3e7df82f4099a2
d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488
d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6
e0382284cf5d3f40f34b8ea4f08498996b5956e956f9eaaec2dcfe4fd28395d0