Report - myaltinn.com/

Report Overview

Submitted URL
myaltinn.com/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-28 12:10:26
Access
public
Website Title
Suspected phishing site | Cloudflare
Final URL
myaltinn.com/
Tags
sinkhole suspicious cloudflare
urlquery detections
Suspicious - Sinkholed / Blocked

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
myaltinn.com	unknown	2023-09-04	2023-09-05	2024-03-14	1.8 kB	40 kB	188.114.96.1
normandy.cdn.mozilla.net	3562	1998-01-31	2017-01-30	2024-03-28	329 B	1.2 kB	35.201.103.21
classify-client.services.mozilla.com	3824	1994-10-18	2019-01-09	2024-03-28	357 B	344 B	34.98.75.36
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-03-27	511 B	1.2 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	myaltinn.com/	0 B	2023-03-07	2024-04-27
Pretty URL myaltinn.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 14:16:50 Times Seen37121373 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	myaltinn.com/	393 B	2023-04-05	2024-04-27
Pretty URL myaltinn.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 04:39:40 Last Seen2024-04-27 13:22:05 Times Seen68112 Hash 34ad0a116707d3b794129a6720af92d7 424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4 d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262 Loading...

	myaltinn.com/	0 B	2023-03-07	2024-04-27
Pretty URL myaltinn.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 14:16:50 Times Seen37121373 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (7)

URL IP Response Size

myaltinn.com/cdn-cgi/styles/cf.errors.css

188.114.96.1

200 OK

30 kB

URL GET HTTP/3
myaltinn.com/cdn-cgi/styles/cf.errors.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://myaltinn.com/
Certificate
IssuerLet's Encrypt
Subjectmyaltinn.com
Fingerprint7F:96:DD:76:9F:9E:A0:2E:2A:49:81:8D:BF:C9:9F:FD:85:93:A4:23
ValidityFri, 01 Mar 2024 12:32:57 GMT - Thu, 30 May 2024 12:32:56 GMT

File type
gzip compressed data, from Unix
Size
30 kB (30194 bytes)
Hash
d8b9a843c6ac135e7d4d487a09c68670
c5d45d26f8a0136b48164f4f9fd4039a4caa9963
f03ff5aa3751bae43bd7605ab0023447e7fede41341fc992219b3b30adda487a

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: myaltinn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myaltinn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 12:10:01 GMT
content-type: text/css
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
etag: W/"65fd6d96-5e44"
server: cloudflare
cf-ray: 86b783beab9ab4fd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 28 Mar 2024 14:10:01 GMT
cache-control: max-age=7200, public
content-encoding: gzip

myaltinn.com/favicon.ico

188.114.96.1

200 OK

2.2 kB

URL GET HTTP/3
myaltinn.com/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://myaltinn.com/
Certificate
IssuerLet's Encrypt
Subjectmyaltinn.com
Fingerprint7F:96:DD:76:9F:9E:A0:2E:2A:49:81:8D:BF:C9:9F:FD:85:93:A4:23
ValidityFri, 01 Mar 2024 12:32:57 GMT - Thu, 30 May 2024 12:32:56 GMT

File type
HTML document, ASCII text, with very long lines (394)
Size
2.2 kB (2165 bytes)
Hash
0e9e2abe1411dde9706d57b17ba929ab
abf9d28c6cd245c03be2306b29b01152f7090a78
5e1138134123a7447e0fce9da827fd1ad8cae39da95166e4e3bcdb04a938cd98

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: myaltinn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myaltinn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 12:10:01 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnTvmtIvZOdROFHrSwhSZpWMQkcLyYSV38eZXRZfBenz1Gts73rBHRyaww7B5iZa246dlE37U45CK0PKN0KLv5cFM2HIXzT5tNVQFBMwN8JenZbwFAOEvfLmgTYXeEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b783beebeab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

normandy.cdn.mozilla.net/api/v1/

35.201.103.21

598 B

URL
normandy.cdn.mozilla.net/api/v1/
IP
35.201.103.21:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON text data
Size
598 B (598 bytes)
Hash
3076f9a5cb273105528b893ff7111e41
b8990c145fe71b9a2410eea41a60a712b43b82bf
69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3

HTTP Headers

GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 598
allow: GET, HEAD, OPTIONS
content-security-policy: frame-src 'none'; form-action 'self'; worker-src 'none'; object-src 'none'; default-src 'self' https://normandy.cdn.mozilla.net/; block-all-mixed-content; base-uri 'none'; report-uri /__cspreport__
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
via: 1.1 google
date: Wed, 27 Mar 2024 23:22:27 GMT
cache-control: public, max-age=86400
content-type: application/json
vary: Accept, Origin
age: 46057
alt-svc: clear
X-Firefox-Spdy: h2

classify-client.services.mozilla.com/api/v1/classify_client/

34.98.75.36

64 B

URL
classify-client.services.mozilla.com/api/v1/classify_client/
IP
34.98.75.36:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON text data
Size
64 B (64 bytes)
Hash
9a320bfe6089a2f7d73112c80e819978
e57ac89bd5cdb4f77b43f5cbd136545f62020288
623a297a8e277fae12d244c262380064bc983a73c13f2978e31835b12c498b0e

HTTP Headers

GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:10:05 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-04-29-22-13-57.chain; p384ecdsa=LikggLaFaBXuNxfx2C2OJVgslRAYVg0VBAHTdHiHYBsT5ZFLqqtd7lfRpeNPAf4TnOOYbbb8fWX6HwQ7bbf_Hcm2rBEzRvRM686JbGx37tXL_HGtkBlZDzXBijeg5_FX
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Thu, 28 Mar 2024 12:09:20 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 59
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

myaltinn.com/

188.114.96.1

200 OK

4.7 kB

URL User Request GET HTTP/2
myaltinn.com/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectmyaltinn.com
Fingerprint7F:96:DD:76:9F:9E:A0:2E:2A:49:81:8D:BF:C9:9F:FD:85:93:A4:23
ValidityFri, 01 Mar 2024 12:32:57 GMT - Thu, 30 May 2024 12:32:56 GMT

File type
HTML document, ASCII text, with very long lines (4966), with no line terminators
Size
4.7 kB (4729 bytes)
Hash
6df8cfb956b1f1f06f6186a95dc29e71
066cc8f9f449e5e3d9982df63690f701c3f1b108
78f753565d998add38d53a9506c090373ae8e912dc7f62804f77d692816785f0

HTTP Headers

GET / HTTP/1.1
Host: myaltinn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 12:10:01 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQeamE%2FuopIurxqh77Q%2Bl0wnpU9nAoP3pAYj5T3SUlcwNfWDAqInI92Kg%2FeYHJW32S6fQmd5aIJUVWgf0ETGAX4M%2B18hMqDaSVXPrAQQmkOW4U6wY5fHg3DTgeV%2FbS0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b783bc5cf95689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

myaltinn.com/cdn-cgi/images/icon-exclamation.png?1376755637

188.114.96.1

200 OK

452 B

URL GET HTTP/3
myaltinn.com/cdn-cgi/images/icon-exclamation.png?1376755637
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://myaltinn.com/
Certificate
IssuerLet's Encrypt
Subjectmyaltinn.com
Fingerprint7F:96:DD:76:9F:9E:A0:2E:2A:49:81:8D:BF:C9:9F:FD:85:93:A4:23
ValidityFri, 01 Mar 2024 12:32:57 GMT - Thu, 30 May 2024 12:32:56 GMT

File type
PNG image data, 54 x 54, 8-bit colormap, non-interlaced
Size
452 B (452 bytes)
Hash
c33de66281e933259772399d10a6afe8
b9f9d500f8814381451011d4dcf59cd2d90ad94f
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: myaltinn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://myaltinn.com/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 12:10:01 GMT
content-type: image/png
content-length: 452
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
etag: "65fd6d96-1c4"
server: cloudflare
cf-ray: 86b783bf0c07b4fd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 28 Mar 2024 14:10:01 GMT
cache-control: max-age=7200, public
accept-ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers