Report - altratokyo.com/

Report Overview

Submitted URL
altratokyo.com/
IP
172.67.148.207
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 12:18:58
Access
public
Website Title
Access denied
Final URL
www.altratokyo.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
p17003.cedexis-test.com	unknown	2014-07-09	2022-06-07	2024-04-29	418 B	103 kB	178.79.213.16
ptcfc.com	9736	2017-05-26	2017-02-07	2024-05-07	402 B	103 kB	104.16.80.67
exactly-huge-arachnid.edgecompute.app	unknown	2019-09-26	2022-05-20	2024-03-22	487 B	488 B	151.101.193.51
vdms-ssl.cedexis-test.com	11236	2014-07-09	2018-01-31	2024-05-06	422 B	0 B	0.0.0.0
fastly.cedexis-test.com	11512	2014-07-09	2015-03-12	2024-05-04	420 B	103 kB	151.101.194.6
www.altratokyo.com	unknown	unknown	No data	No data	918 B	10 kB	172.67.148.207
performance.radar.cloudflare.com	unknown	2009-02-17	2022-06-29	2024-05-06	1.6 kB	6.1 kB	104.18.30.78
valid.rpki.cloudflare.com	79201	2009-02-17	2020-04-18	2024-04-24	446 B	103 kB	104.17.230.6
cedexis-test.akamaized.net	20968	2014-03-18	2020-08-26	2024-05-06	415 B	103 kB	23.36.77.25
benchmark.1e100cdn.net	10208	2016-01-26	2016-02-04	2024-05-07	407 B	103 kB	35.190.26.57
stackpath-map3.cedexis-test.com	18581	2014-07-09	2017-08-14	2024-04-29	422 B	0 B	0.0.0.0
invalid.rpki.cloudflare.com	77243	2009-02-17	2020-04-04	2024-04-29	450 B	311 B	103.21.244.8
serverless-benchmarks-rust.compute-pipe.com	120848	2021-12-02	2021-12-07	2024-04-26	491 B	4.0 kB	104.18.1.248
cdnetworks.cedexis-test.com	11219	2014-07-09	2014-10-06	2024-05-07	422 B	103 kB	138.113.133.7
jsdelivr.b-cdn.net	106131	2016-04-25	2021-09-09	2024-04-24	431 B	103 kB	194.242.11.186
p29.cedexis-test.com	11105	2014-07-09	2020-07-30	2024-05-03	409 B	103 kB	143.204.55.123
uniquely-peaceful-hagfish.edgecompute.app	unknown	unknown	2022-05-20	2024-04-18	489 B	481 B	151.101.193.51
serverless-benchmarks-js.compute-pipe.com	120912	2021-12-02	2021-12-08	2024-04-24	488 B	657 B	104.18.0.248
d37vlkgj6jn9t1.cloudfront.net	unknown	2008-04-25	2022-10-25	2024-04-26	479 B	708 B	108.157.232.201
altratokyo.com	unknown	2023-07-19	2023-07-20	2024-03-22	471 B	6.9 kB	172.67.148.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	altratokyo.com	Sinkholed
2024-05-08	medium	altratokyo.com	Sinkholed
2024-05-08	medium	altratokyo.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	www.altratokyo.com/	0 B	2023-03-07	2024-05-20
Pretty URL www.altratokyo.com/ IP 172.67.148.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 00:21:07 Times Seen37847199 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	performance.radar.cloudflare.com/beacon.js	9.8 kB	2024-05-08	2024-05-08
Pretty URL performance.radar.cloudflare.com/beacon.js IP 104.18.30.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 14:19:04 Last Seen2024-05-08 14:19:04 Times Seen2 Hash 1b24f20cf81ab714481d1c0a28d1135b 033f2f58681189a3c53a0401c0c50eb93a3e1bf6 96295a2b972cab63b6f575b7b1c66cfa1a37706bbdb978dc88308a4a63f9e69a Loading...

HTTP Transactions (23)

URL IP Response Size

uniquely-peaceful-hagfish.edgecompute.app/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=48456214

151.101.193.51

200 OK

129 B

URL GET HTTP/2
uniquely-peaceful-hagfish.edgecompute.app/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=48456214
IP
151.101.193.51:443
ASN
#54113 FASTLY

Requested by
https://www.altratokyo.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.edgecompute.app
Fingerprint21:94:65:1A:BE:0D:A6:5A:4B:69:D9:26:A8:95:EA:94:03:21:54:9C
ValiditySat, 27 Jan 2024 15:05:35 GMT - Thu, 27 Feb 2025 15:05:34 GMT

File type
exported SGML document, ASCII text, with no line terminators
Size
129 B (129 bytes)
Hash
c6eb375e67fcd618cb3c72b82bbf9127
2b2bcc86ff9003a917f24c098228a0433f12e276
f25cd9ed1af41e7371c277cac3cb7521a8b753e732e83df71e25da3c71045aaa

HTTP Headers

GET /?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=48456214 HTTP/1.1
Host: uniquely-peaceful-hagfish.edgecompute.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-store
referrer-policy: no-referrer
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
x-test-value: 43
content-type: image/svg+xml
x-served-by: cache-hel1410027-HEL
date: Wed, 08 May 2024 12:18:33 GMT
content-length: 129
X-Firefox-Spdy: h2

serverless-benchmarks-js.compute-pipe.com/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=9748856

104.18.0.248

200 OK

264 B

URL GET HTTP/2
serverless-benchmarks-js.compute-pipe.com/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=9748856
IP
104.18.0.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.altratokyo.com/
Certificate
IssuerLet's Encrypt
Subjectcompute-pipe.com
Fingerprint03:AC:4F:5E:D0:39:81:35:5F:46:01:77:CD:22:4C:6B:BF:AC:DD:19
ValiditySun, 31 Mar 2024 22:11:47 GMT - Sat, 29 Jun 2024 22:11:46 GMT

File type
gzip compressed data, from Unix
Size
264 B (264 bytes)
Hash
fbfb1bd5e68b8ce54db3f6b4a270d0a2
85bbe7bc2b6e44caf2976676168d70b16da68f92
7c2d3e8dd2943439cd251ae371c37e2bc7b133fa9855c53b304558ab1bd6e773

HTTP Headers

GET /?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=9748856 HTTP/1.1
Host: serverless-benchmarks-js.compute-pipe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:34 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
access-control-allow-methods: *
referrer-policy: no-referrer
timing-allow-origin: *
x-test-value: 43
vary: Accept-Encoding
server: cloudflare
cf-ray: 880964a5bddb5699-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.altratokyo.com/favicon.ico

172.67.148.207

200 OK

2.6 kB

URL GET HTTP/3
www.altratokyo.com/favicon.ico
IP
172.67.148.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.altratokyo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectaltratokyo.com
FingerprintC2:B6:71:5A:BB:BA:36:42:2B:B9:CF:95:67:FD:26:E9:AB:71:DC:7C
ValidityTue, 12 Mar 2024 17:27:00 GMT - Mon, 10 Jun 2024 17:26:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3066), with CRLF line terminators
Size
2.6 kB (2620 bytes)
Hash
f908b966f236b5a9d225db7b24dc4825
abc10eefbdf7874b88a3bd9237ce4db2b2a7a0ff
377da488e1185fd80b69091978d3f2b90bc9b52bbddaf042d1cb47ec43e1d9fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.altratokyo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.altratokyo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 12:18:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 08 May 2024 12:18:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AxHYYgiFKMxsZaU9qJc0IykupUaN%2FxF4swhA8E0ntqCg8ZQE2QwkfH792bvmZXYYVenDPkYNtsWbU0Rm89WVapiFt3Mvz3GxUa40BltuT60SqvQ%2BPO3Kby5mlzsXKyi1h1YABB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880964a53bcd7130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

performance.radar.cloudflare.com/beacon.js

104.18.30.78

200 OK

3.8 kB

URL GET HTTP/2
performance.radar.cloudflare.com/beacon.js
IP
104.18.30.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.altratokyo.com/
Certificate
IssuerCloudflare, Inc.
Subjectradar.cloudflare.com
FingerprintEA:39:08:32:55:56:78:80:C7:B3:4A:AA:60:90:9C:BB:AE:11:E7:97
ValidityWed, 21 Jun 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (9759)
Size
3.8 kB (3843 bytes)
Hash
1b24f20cf81ab714481d1c0a28d1135b
033f2f58681189a3c53a0401c0c50eb93a3e1bf6
96295a2b972cab63b6f575b7b1c66cfa1a37706bbdb978dc88308a4a63f9e69a

HTTP Headers

GET /beacon.js HTTP/1.1
Host: performance.radar.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.altratokyo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:34 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0
access-control-allow-headers: *
access-control-allow-methods: *
referrer-policy: no-referrer
timing-allow-origin: *
set-cookie: __cf_bm=I7_mx1npqXufeoMrHOqJ_1RcC745tlggoVuxLpi6usE-1715170714-1.0.1.1-TTMiu88UHO.M_NLo54QWKLEMpmWxvKg8sUVWa3RX4BVtbkMBkHXGORfB01_2c8Ag43gGAsBiO.TK79BkSk3QuQ; path=/; expires=Wed, 08-May-24 12:48:34 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880964a40837b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

serverless-benchmarks-rust.compute-pipe.com/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=74735677

104.18.1.248

200 OK

3.6 kB

URL GET HTTP/2
serverless-benchmarks-rust.compute-pipe.com/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=74735677
IP
104.18.1.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.altratokyo.com/
Certificate
IssuerLet's Encrypt
Subjectcompute-pipe.com
FingerprintAB:3D:88:D9:9A:C3:D9:80:23:7A:7E:F8:71:A6:52:B2:97:B2:24:74
ValiditySun, 31 Mar 2024 20:53:50 GMT - Sat, 29 Jun 2024 20:53:49 GMT

File type
gzip compressed data, from Unix
Size
3.6 kB (3587 bytes)
Hash
9876fdd347cdce5e84eaff5922193f5f
e1e9611e09a5c32b818097d7eef6d2580e6bdda8
09c490203f49806e54b3634c999da481c906768f6640bdd14deceb9fa3771836

HTTP Headers

GET /?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=74735677 HTTP/1.1
Host: serverless-benchmarks-rust.compute-pipe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:35 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
access-control-allow-methods: *
referrer-policy: no-referrer
timing-allow-origin: *
x-test-value: 43
vary: Accept-Encoding
server: cloudflare
cf-ray: 880964a89af456b5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdnetworks.cedexis-test.com/img/17653/r20-100KB.png?r=58161085

138.113.133.7

200 OK

102 kB

URL GET HTTP/1.1
cdnetworks.cedexis-test.com/img/17653/r20-100KB.png?r=58161085
IP
138.113.133.7:443
ASN
#54994 ML-1432-54994

Requested by
https://www.altratokyo.com/
Certificate
IssuerDigiCert Inc
Subjectp36.cedexis-test.com
Fingerprint4D:F2:86:DB:3D:F4:56:AE:4D:78:53:A9:C8:F2:76:24:6E:2A:8F:00
ValidityTue, 02 Apr 2024 00:00:00 GMT - Tue, 01 Apr 2025 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/17653/r20-100KB.png?r=58161085 HTTP/1.1
Host: cdnetworks.cedexis-test.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 12:18:35 GMT
Content-Type: image/png
Content-Length: 102400
Connection: keep-alive
Server: PWS/8.3.1.0.8
Last-Modified: Wed, 07 Sep 2022 08:47:01 GMT
ETag: "63185a85-19000"
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Timing-Allow-Origin: *
Accept-Ranges: bytes
Age: 33066
Via: 1.1 PSygldLON4zd14:8 (W), 1.1 PShlamstdAMS1se91:3 (W)
X-Px: ht PShlamstdAMS1se91AMS
X-Ws-Request-Id: 663b6d9b_PShlamstdAMS1cc96_9609-29960

jsdelivr.b-cdn.net/gh/jimaek/testobjects@0.0.1/r20-100KB.png?r=74162242

194.242.11.186

200 OK

102 kB

URL GET HTTP/2
jsdelivr.b-cdn.net/gh/jimaek/testobjects@0.0.1/r20-100KB.png?r=74162242
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.altratokyo.com/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /gh/jimaek/testobjects@0.0.1/r20-100KB.png?r=74162242 HTTP/1.1
Host: jsdelivr.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:35 GMT
content-type: image/png
content-length: 102400
server: BunnyCDN-NO1-830
cdn-pullzone: 251155
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-expose-headers: *
age: 615305
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
etag: W/"19000-qSJ5YZCh9buzxBDG7FkVAgUN8E4"
cdn-cachedat: 03/24/2024 18:48:37
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.0.1
x-jsd-version-type: version
x-served-by: cache-fra-eddf8230102-FRA
x-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 948549318a08718597c57dfaca88b5ee
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

p17003.cedexis-test.com/img/17003/r20-100KB.png?r=43342767

178.79.213.16

200 OK

102 kB

URL GET HTTP/2
p17003.cedexis-test.com/img/17003/r20-100KB.png?r=43342767
IP
178.79.213.16:443
ASN
#22822 LLNW

Requested by
https://www.altratokyo.com/
Certificate
IssuerDigiCert Inc
Subjectp17003.cedexis-test.com
Fingerprint71:89:83:55:3F:53:56:D6:55:59:A4:14:DA:98:CE:E9:6B:35:47:4A
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/17003/r20-100KB.png?r=43342767 HTTP/1.1
Host: p17003.cedexis-test.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: EdgePrism/5.2.0.0
mime-version: 1.0
content-type: image/png
x-llid: e32e1402e537e7fcc2ae2cac0316be4c
date: Wed, 08 May 2024 12:18:41 GMT
content-length: 102400
x-llnw-info: na
timing-allow-origin: *
access-control-allow-origin: *
cache-control: max-age=2629743, public
x-accel-buffering: no
access-control-allow-methods: GET,HEAD,OPTIONS
x-llnw-dscp: 34
X-Firefox-Spdy: h2

valid.rpki.cloudflare.com/?r=35992741

104.17.230.6

200 OK

103 kB

URL GET HTTP/2
valid.rpki.cloudflare.com/?r=35992741
IP
104.17.230.6:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.altratokyo.com/
Certificate
IssuerLet's Encrypt
Subjectrpki.cloudflare.com
FingerprintFB:56:19:68:E5:E4:0C:75:76:ED:E8:90:4D:1D:83:99:B0:DD:F7:3D
ValidityMon, 15 Apr 2024 02:50:47 GMT - Sun, 14 Jul 2024 02:50:46 GMT

File type
gzip compressed data, from Unix
Size
103 kB (102602 bytes)
Hash
f24ebc71f0d5fea012e8e478e0e8184b
cf9a73d9f2db1458c13e43160567e1f37079e362
08865345147d8507a2875e41315826dd6d8620e164cc14c839f646368273c5c1

HTTP Headers

GET /?r=35992741 HTTP/1.1
Host: valid.rpki.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.altratokyo.com/
Origin: https://www.altratokyo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:42 GMT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QrWWJL34j89y%2F6vJIOv9LJgdHoyRLIaV%2FqeOQIdYHV51ISm90XeyD3V9vAfxF0%2FPs6XqXNvmX5c5v5RRgc2iB0d7cK2qrbpmRRrUzHYz8rdIkgczT18WtNvVOgrO1uvVP1pUxPzXFeSDh8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880964d45a5fb4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ptcfc.com/img/284/r20-100KB.png?r=68310241

104.16.80.67

200 OK

102 kB

URL GET HTTP/2
ptcfc.com/img/284/r20-100KB.png?r=68310241
IP
104.16.80.67:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.altratokyo.com/
Certificate
IssuerLet's Encrypt
Subjectptcfc.com
FingerprintA6:C5:6F:A0:C0:38:D4:0F:0D:64:D3:C5:B2:E7:94:70:64:31:DA:EB
ValiditySat, 13 Apr 2024 23:17:49 GMT - Fri, 12 Jul 2024 23:17:48 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/284/r20-100KB.png?r=68310241 HTTP/1.1
Host: ptcfc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:42 GMT
content-type: image/png
content-length: 102400
timing-allow-origin: *
access-control-expose-headers: *
etag: "5668b8ac-19000"
cache-control: public, max-age=31536000
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 880964d7af61568a-OSL
X-Firefox-Spdy: h2

p29.cedexis-test.com/img/r20-100KB.png?r=35531832

143.204.55.123

200 OK

102 kB

URL GET HTTP/1.1
p29.cedexis-test.com/img/r20-100KB.png?r=35531832
IP
143.204.55.123:443
ASN
#16509 AMAZON-02

Requested by
https://www.altratokyo.com/
Certificate
IssuerDigiCert Inc
Subjectp29.cedexis-test.com
FingerprintDC:90:CA:3A:C3:40:C2:89:5D:28:3C:C5:3F:DC:EC:61:97:C3:3B:B9
ValidityWed, 10 Jan 2024 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/r20-100KB.png?r=35531832 HTTP/1.1
Host: p29.cedexis-test.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 102400
Connection: keep-alive
Server: nginx
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Accept-Ranges: bytes
Date: Thu, 18 Apr 2024 10:50:11 GMT
Cache-Control: max-age=2629743, public
ETag: "63185a62-19000"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: C0ODnLMw9sNpmZH0xG1PTgL_gvBytCYSWmu82b5GSp-QIV-iN3pdIg==
Age: 1733311

cedexis-test.akamaized.net/img/r20-100KB.png?r=99417784

23.36.77.25

200 OK

102 kB

URL GET HTTP/1.1
cedexis-test.akamaized.net/img/r20-100KB.png?r=99417784
IP
23.36.77.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.altratokyo.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/r20-100KB.png?r=99417784 HTTP/1.1
Host: cedexis-test.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 102400
Server: nginx
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
ETag: "63185a62-19000"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=2629743
Expires: Fri, 07 Jun 2024 22:47:46 GMT
Date: Wed, 08 May 2024 12:18:43 GMT
Connection: keep-alive
X-Cache: RequestInfo=3378497917,23.36.77.25,c58e88f,1715170722,38061,1,4940c16

benchmark.1e100cdn.net/r20-100KB.png?r=66236013

35.190.26.57

200 OK

102 kB

URL GET HTTP/2
benchmark.1e100cdn.net/r20-100KB.png?r=66236013
IP
35.190.26.57:443
ASN
#15169 GOOGLE

Requested by
https://www.altratokyo.com/
Certificate
IssuerGoogle Trust Services LLC
Subject1e100cdn.net
Fingerprint9A:E4:52:6C:8D:C7:45:FF:CF:CA:A7:22:AC:21:E0:D0:12:EE:6C:8E
ValidityThu, 14 Mar 2024 23:42:30 GMT - Thu, 13 Jun 2024 00:36:44 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /r20-100KB.png?r=66236013 HTTP/1.1
Host: benchmark.1e100cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 102400
timing-allow-origin: *
via: 1.1 google
date: Fri, 26 Apr 2024 02:43:38 GMT
cache-control: public,max-age=31536000
age: 1071305
etag: "5939ad35-19000"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

performance.radar.cloudflare.com/api/beacon

104.18.30.78

200 OK

15 B

URL OPTIONS HTTP/3
performance.radar.cloudflare.com/api/beacon
IP
104.18.30.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.altratokyo.com/
Certificate
IssuerCloudflare, Inc.
Subjectradar.cloudflare.com
FingerprintEA:39:08:32:55:56:78:80:C7:B3:4A:AA:60:90:9C:BB:AE:11:E7:97
ValidityWed, 21 Jun 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT

File type
JSON text data
Size
15 B (15 bytes)
Hash
e60e0a9845110894b19d227227207fd5
9c4dff4af95346f1fcf0abbf53c78274f86a4b89
5c89330e2abcf8d6ce4e0aa3ed13147c90e8998810e9b9d827d928982cf6210b

HTTP Headers

OPTIONS /api/beacon HTTP/1.1
Host: performance.radar.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-submit-token
Origin: https://www.altratokyo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 12:18:43 GMT
content-type: application/json;charset=UTF-8
content-length: 15
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
timing-allow-origin: *
set-cookie: __cf_bm=xiC3j1XvDcUVCjyMm4CSJEtgcZQ4J3U6sU2x2riLdVI-1715170723-1.0.1.1-RFtKsL2G9rr7k55DisIz3RAym3BAp4rVgJXFcFBvOtOy1dKYE_GnDrptDicgr1zIIvIEUJKP4IY_tBj0fC6NqA; path=/; expires=Wed, 08-May-24 12:48:43 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880964dd6a335688-OSL
alt-svc: h3=":443"; ma=86400

performance.radar.cloudflare.com/api/beacon

104.18.30.78

200 OK

15 B

URL OPTIONS HTTP/3
performance.radar.cloudflare.com/api/beacon
IP
104.18.30.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.altratokyo.com/
Certificate
IssuerCloudflare, Inc.
Subjectradar.cloudflare.com
FingerprintEA:39:08:32:55:56:78:80:C7:B3:4A:AA:60:90:9C:BB:AE:11:E7:97
ValidityWed, 21 Jun 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT

File type
JSON text data
Size
15 B (15 bytes)
Hash
0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

HTTP Headers

POST /api/beacon HTTP/1.1
Host: performance.radar.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
X-Submit-Token: 1715170714-bdbc782b629eee43f04a10c337d066882cf7a501b23e2e0c02f9daa7cf4fd93a
Access-Control-Allow-Origin: *
Content-Length: 6883
Origin: https://www.altratokyo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 12:18:44 GMT
content-type: application/json;charset=UTF-8
content-length: 15
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
timing-allow-origin: *
set-cookie: __cf_bm=09E7pgAZvsErD.KfrYkVOaMWMQHubkZkES0BM84XVW8-1715170724-1.0.1.1-xkl8bKYouHL8dk6bCoe_xnlk0O0oD0Dc7rReOMROw0vzs6EnEPC5q_3vLvLovy3xQOFXJ7cnxqCBBFB1.odXvA; path=/; expires=Wed, 08-May-24 12:48:44 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880964dd9a6b5688-OSL
alt-svc: h3=":443"; ma=86400

www.altratokyo.com/

172.67.148.207

200 OK

6.2 kB

URL User Request GET HTTP/2
www.altratokyo.com/
IP
172.67.148.207:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectaltratokyo.com
FingerprintC2:B6:71:5A:BB:BA:36:42:2B:B9:CF:95:67:FD:26:E9:AB:71:DC:7C
ValidityTue, 12 Mar 2024 17:27:00 GMT - Mon, 10 Jun 2024 17:26:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6477), with no line terminators
Size
6.2 kB (6249 bytes)
Hash
c49ea4cdc7d1f741c6b8ca055eeba5b7
fa48fe349dbf12162cb44adb95dca0dae2d71e4e
336447c27ba4c9c1fb7e3bacd68afa7cf7abab2df0c59b1c8ea6ac01cc4c636f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.altratokyo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhvPYtV3LEypyd4saZQkrBzjogROdvv3SsRVhaEumjFyZMhOv7ihq5NRukjbX42g4gIOUz8FdHJgZ28%2F%2FQqa8SeEHij%2FPDcIhb4pHc8S7GJSTQ8feUSwik5k88zJSyUYw4H4MIA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8809649fbab35693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vdms-ssl.cedexis-test.com/img/16999/r20-100KB.png?r=40028590

0.0.0.0

0 B

URL GET
vdms-ssl.cedexis-test.com/img/16999/r20-100KB.png?r=40028590
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.altratokyo.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/16999/r20-100KB.png?r=40028590 HTTP/1.1
Host: vdms-ssl.cedexis-test.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

stackpath-map3.cedexis-test.com/img/r20-100KB.png?r=26461425

0.0.0.0

0 B

URL GET
stackpath-map3.cedexis-test.com/img/r20-100KB.png?r=26461425
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.altratokyo.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/r20-100KB.png?r=26461425 HTTP/1.1
Host: stackpath-map3.cedexis-test.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fastly.cedexis-test.com/img/20367/r20-100KB.png?r=48961313

151.101.194.6

200 OK

102 kB

URL GET HTTP/1.1
fastly.cedexis-test.com/img/20367/r20-100KB.png?r=48961313
IP
151.101.194.6:443
ASN
#54113 FASTLY

Requested by
https://www.altratokyo.com/
Certificate
IssuerGlobalSign nv-sa
Subjectfastly.cedexis-test.com
Fingerprint28:90:9D:F7:D0:02:9E:28:79:2F:85:A4:D8:65:38:C7:02:02:49:5F
ValidityWed, 03 Apr 2024 19:50:17 GMT - Mon, 05 May 2025 19:50:16 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/20367/r20-100KB.png?r=48961313 HTTP/1.1
Host: fastly.cedexis-test.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 102400
Content-Type: image/png
Server: nginx
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
ETag: "63185a62-19000"
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 08 May 2024 12:18:42 GMT
Age: 1561319
X-Served-By: cache-dfw-kdfw8210038-DFW, cache-hel1410030-HEL
X-Cache: HIT, HIT
X-Cache-Hits: 12106, 5090
X-Timer: S1715170722.383442,VS0,VE0
X-Cedexis-UNI: HEL|{"pop":"HEL","sip":"151.101.194.6","rtt":28550,"min_rtt":25960,"ip_ver":"v4","info_state":"HIT","tls":"TLSv1.3","server_name":"cache-hel1410030"}

d37vlkgj6jn9t1.cloudfront.net/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=56811919

108.157.232.201

200 OK

134 B

URL GET HTTP/2
d37vlkgj6jn9t1.cloudfront.net/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=56811919
IP
108.157.232.201:443
ASN
#16509 AMAZON-02

Requested by
https://www.altratokyo.com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
exported SGML document, ASCII text, with no line terminators
Size
134 B (134 bytes)
Hash
2dc42ab1818e7786c23f73bcdbcd6bab
77badfa90e0b17e293f5bcc61f39e434a8fea702
90bcbc3adcfe4f84bfe0d9dd99d395fd35c2a1b21c3b6bcb8bf9bb7301142d92

HTTP Headers

GET /?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=56811919 HTTP/1.1
Host: d37vlkgj6jn9t1.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 134
server: CloudFront
date: Wed, 08 May 2024 12:18:34 GMT
cache-control: no-store
referrer-policy: no-referrer
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
x-test-value: 43
x-test-version: 2
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 eddbc5f97ff2aa6a4fb8714754b065e0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 9Vc7q3UHjHJRvTivW6mM-VlriHmOLw1POPdSWpWMo21gGDT-2wVjNw==
X-Firefox-Spdy: h2

exactly-huge-arachnid.edgecompute.app/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=18287707

151.101.193.51

200 OK

134 B

URL GET HTTP/2
exactly-huge-arachnid.edgecompute.app/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=18287707
IP
151.101.193.51:443
ASN
#54113 FASTLY

Requested by
https://www.altratokyo.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.edgecompute.app
Fingerprint21:94:65:1A:BE:0D:A6:5A:4B:69:D9:26:A8:95:EA:94:03:21:54:9C
ValiditySat, 27 Jan 2024 15:05:35 GMT - Thu, 27 Feb 2025 15:05:34 GMT

File type
exported SGML document, ASCII text, with no line terminators
Size
134 B (134 bytes)
Hash
2dc42ab1818e7786c23f73bcdbcd6bab
77badfa90e0b17e293f5bcc61f39e434a8fea702
90bcbc3adcfe4f84bfe0d9dd99d395fd35c2a1b21c3b6bcb8bf9bb7301142d92

HTTP Headers

GET /?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=18287707 HTTP/1.1
Host: exactly-huge-arachnid.edgecompute.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-store
referrer-policy: no-referrer
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
x-test-value: 43
content-type: image/svg+xml
x-served-by: cache-hel1410026-HEL
date: Wed, 08 May 2024 12:18:34 GMT
content-length: 134
X-Firefox-Spdy: h2

invalid.rpki.cloudflare.com/?r=67063775

103.21.244.8

200 OK

76 B

URL GET HTTP/2
invalid.rpki.cloudflare.com/?r=67063775
IP
103.21.244.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.altratokyo.com/
Certificate
IssuerLet's Encrypt
Subjectinvalid.rpki.cloudflare.com
Fingerprint4E:57:B7:F1:15:40:21:8E:E0:D4:2D:97:1C:71:0E:DB:49:6D:09:38
ValidityWed, 17 Apr 2024 00:41:54 GMT - Tue, 16 Jul 2024 00:41:53 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
36e8b26839e09c8e61f446f473c65beb
412922e552242562a9e4e8fa1e80a0e41b6a2223
3930f48dea75d9c1f64afcf221b4a0b4e726c1793cbbf92c63b1fc568f70e1a0

HTTP Headers

GET /?r=67063775 HTTP/1.1
Host: invalid.rpki.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.altratokyo.com/
Origin: https://www.altratokyo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 12:18:42 GMT
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 880964d58d95b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

altratokyo.com/

172.67.148.207

301 Moved Permanently

6.2 kB

URL User Request GET HTTP/2
altratokyo.com/
IP
172.67.148.207:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectaltratokyo.com
FingerprintC2:B6:71:5A:BB:BA:36:42:2B:B9:CF:95:67:FD:26:E9:AB:71:DC:7C
ValidityTue, 12 Mar 2024 17:27:00 GMT - Mon, 10 Jun 2024 17:26:59 GMT

File type

Size
6.2 kB (6249 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: altratokyo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 08 May 2024 12:18:33 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.altratokyo.com/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pC3DjmbQ3Y9ki6%2F2C6qkm4lOR9clxBjS9uts1FKdqNDhpTunsGKhjmo7DtKd2IFWwQUCLEJtpZIOG1Yevzzoa3WtnzrXaUwXrd%2FQ28YX%2BajNR6WcGsE5L4kFkoUox%2B8fIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8809649d7fa45693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (23)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP