kasumi.moe - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2604:180::8b2a:fea1, located in United States and belongs to RAMNODE, US. The main domain is kasumi.moe.

This is the only time kasumi.moe was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2604:180::8b2... 2604:180::8b2a:fea1	3842 (RAMNODE) (RAMNODE)
2 4	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3

3 2604:180::8b2a:fea1 (United States)

ASN3842 (RAMNODE, US)

kasumi.moe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.196.193 (United States) 2 redirects

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

perfectdark.benri-tool.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	imgur.com 2 redirects i.imgur.com — Cisco Umbrella Rank: 7256	119 KB
3	kasumi.moe kasumi.moe	5 KB
1	benri-tool.net perfectdark.benri-tool.net
6	3

	Domain	Requested by
4	i.imgur.com	2 redirects kasumi.moe
3	kasumi.moe	kasumi.moe
1	perfectdark.benri-tool.net	kasumi.moe
6	3

This site contains links to these domains. Also see Links.

Domain
www21.atwiki.jp
i.imgur.com

Subject Issuer	Validity	Valid
benri-tool.net GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://kasumi.moe/pd/
Frame ID: 73953D98A9AD8395A02A36CABD37ACE8
Requests: 5 HTTP requests in this frame

Frame: https://perfectdark.benri-tool.net/node/nodes.txt
Frame ID: 93AB6D52994CE20280F18348FB2066A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Perfect Dark guide

Page URL History Show full URLs

http://kasumi.moe/pd/ HTTP 307
https://kasumi.moe/pd/ HTTP 307
http://kasumi.moe/pd/ Page URL

Page Statistics

6
Requests

17 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

123 kB
Transfer

127 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www21.atwiki.jp/botubotubotubotu?cmd=upload&act=open&pageid=28&file=Perfect+Dark+v1.22.zip
Title: https://www21.atwiki.jp/botubotubotubotu?cmd=upload&act=open&pageid=28&file=Perfect+Dark+v1.22.zip

Search URL Search Domain Scan URL

URL: http://i.imgur.com/aHmRDRS.png
Title: look like this

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kasumi.moe/pd/ HTTP 307
https://kasumi.moe/pd/ HTTP 307
http://kasumi.moe/pd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://i.imgur.com/Zs67Hyt.png HTTP 301
https://i.imgur.com/Zs67Hyt.png

Request Chain 2

http://i.imgur.com/9OVJ2S7.png HTTP 301
https://i.imgur.com/9OVJ2S7.png

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
kasumi.moe/pd/
Redirect Chain

http://kasumi.moe/pd/
https://kasumi.moe/pd/
http://kasumi.moe/pd/

6 KB
3 KB

130ms
130ms

Document
text/html

2604:180::8b2a:fea1
RAMNODE

General

Check archive.org

Show headers Download Go to

Full URL: http://kasumi.moe/pd/
Protocol: HTTP/1.1
Server: 2604:180::8b2a:fea1 , United States, ASN3842 (RAMNODE, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.29
Resource Hash: 11d88f7c225fd96a8b74af9ddcaf40ba5883e0e63b1d2f4dc0a91d1a89e6c420

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 10 Jun 2024 18:20:18 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/5.5.9-1ubuntu4.29

Redirect headers

Location: http://kasumi.moe/pd/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK style.css
kasumi.moe/htdocs/ 4 KB
2 KB 130ms
130ms Stylesheet
text/css 2604:180::8b2a:fea1
RAMNODE

General

Check archive.org

Show headers Download Go to

Full URL: http://kasumi.moe/htdocs/style.css
Requested by: Host: kasumi.moe
URL: http://kasumi.moe/pd/
Protocol: HTTP/1.1
Server: 2604:180::8b2a:fea1 , United States, ASN3842 (RAMNODE, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 820b2bac484fbb48b3f86efea5b3de5f401487d88304c97adbfa2e6d019d7b91

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://kasumi.moe/pd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Mon, 10 Jun 2024 18:20:18 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Dec 2016 02:07:46 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: keep-alive
Expires: Mon, 24 Jun 2024 18:20:18 GMT

GET
H2

200

Zs67Hyt.png
i.imgur.com/
Redirect Chain

http://i.imgur.com/Zs67Hyt.png
https://i.imgur.com/Zs67Hyt.png

20 KB
20 KB

121ms
41ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Zs67Hyt.png

Requested by

Host: kasumi.moe
URL: http://kasumi.moe/pd/

Protocol

H2

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8cea53852b99d0e9822effc516b201ef82fb8d1b899a414e5746693f98ba45ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://kasumi.moe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Mon, 10 Jun 2024 18:20:18 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 963199
x-amz-cf-pop: IAD55-P2
x-cache: Miss from cloudfront, HIT, HIT
content-length: 20152
x-served-by: cache-iad-kjyo7100092-IAD, cache-fra-etou8220021-FRA
last-modified: Tue, 23 Dec 2014 13:10:35 GMT
server: cat factory 1.0
x-timer: S1718043618.281037,VS0,VE1
etag: "90625100b2b2b0889cad0e949fa13ed0"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Tsa3oUBhwVKzq3l3OGBoJWl20oRu8QUO-ibAij7eY0no3S5ZR5Gjcg==
x-cache-hits: 8, 0

Redirect headers

X-Served-By: cache-fra-etou8220032-FRA
Date: Mon, 10 Jun 2024 18:20:18 GMT
Strict-Transport-Security: max-age=300
Server: cat factory 1.0
X-Timer: S1718043618.161989,VS0,VE0
X-Cache: HIT
Access-Control-Allow-Methods: GET, OPTIONS
Location: https://i.imgur.com/Zs67Hyt.png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H2

200

9OVJ2S7.png
i.imgur.com/
Redirect Chain

http://i.imgur.com/9OVJ2S7.png
https://i.imgur.com/9OVJ2S7.png

97 KB
98 KB

121ms
41ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/9OVJ2S7.png

Requested by

Host: kasumi.moe
URL: http://kasumi.moe/pd/

Protocol

H2

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cf137af01980d3b8054b2e084405d96f705b985d4cd249ec8135164cdd1b9abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://kasumi.moe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Mon, 10 Jun 2024 18:20:18 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2876122
x-amz-cf-pop: PHL50-C1
x-cache: Miss from cloudfront, HIT, HIT
content-length: 99711
x-served-by: cache-iad-kjyo7100113-IAD, cache-fra-etou8220021-FRA
last-modified: Tue, 23 Dec 2014 13:10:38 GMT
server: cat factory 1.0
x-timer: S1718043618.281014,VS0,VE1
etag: "170586693002e6fcc6e1d188de35dee8"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7Pykbp07iol5Qu9PtT6Ff_k5HGUxCh5QFhn1GGMfXdf3dKYLjz0sbw==
x-cache-hits: 28, 0

Redirect headers

X-Served-By: cache-fra-etou8220105-FRA
Date: Mon, 10 Jun 2024 18:20:18 GMT
Strict-Transport-Security: max-age=300
Server: cat factory 1.0
X-Timer: S1718043618.161461,VS0,VE0
X-Cache: HIT
Access-Control-Allow-Methods: GET, OPTIONS
Location: https://i.imgur.com/9OVJ2S7.png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H3 200 nodes.txt
perfectdark.benri-tool.net/node/ Frame 93AB 0
0 962ms
892ms Document
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://perfectdark.benri-tool.net/node/nodes.txt

Requested by

Host: kasumi.moe
URL: http://kasumi.moe/pd/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://kasumi.moe/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 891b5fe669904d62-FRA
content-encoding: gzip
content-type: text/plain
date: Mon, 10 Jun 2024 18:20:19 GMT
expires: Mon, 10 Jun 2024 19:20:18 GMT
last-modified: Mon, 10 Jun 2024 09:37:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPOJnU6iHCChXt5aY%2BiFF7lEmHFabuTHHHtVdbmEZWE3bbk5nZywU%2FHf1pSr%2Bvpeh7%2FSJ%2FKFLZp3IFVcmB5w7GRdXieYqhSEwcEXNubmDKeYIpf0rXMyAh3lfOUi8vghCY0N%2FbQRax1QtNvecg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains;
vary: Accept-Encoding

GET
H/1.1 404
Not Found favicon.ico
kasumi.moe/ 244 B
430 B 130ms
129ms Other
text/html 2604:180::8b2a:fea1
RAMNODE

General

Check archive.org

Show headers Download Go to

Full URL: http://kasumi.moe/favicon.ico
Protocol: HTTP/1.1
Server: 2604:180::8b2a:fea1 , United States, ASN3842 (RAMNODE, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 105da2f27f47cfa05b52fa46c3fa0ee13c0c938be60ea24be1feb9487f244bfe

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://kasumi.moe/pd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Mon, 10 Jun 2024 18:20:19 GMT
Content-Encoding: gzip
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://kasumi.moe/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.imgur.com
kasumi.moe
perfectdark.benri-tool.net
188.114.96.3
199.232.196.193
2604:180::8b2a:fea1
105da2f27f47cfa05b52fa46c3fa0ee13c0c938be60ea24be1feb9487f244bfe
11d88f7c225fd96a8b74af9ddcaf40ba5883e0e63b1d2f4dc0a91d1a89e6c420
820b2bac484fbb48b3f86efea5b3de5f401487d88304c97adbfa2e6d019d7b91
8cea53852b99d0e9822effc516b201ef82fb8d1b899a414e5746693f98ba45ba
cf137af01980d3b8054b2e084405d96f705b985d4cd249ec8135164cdd1b9abe

kasumi.moe Open in urlscan Pro 2604:180::8b2a:fea1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

17 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

123 kBTransfer

127 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

kasumi.moe Open in urlscan Pro
2604:180::8b2a:fea1 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

17 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

123 kB
Transfer

127 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions