tokuromu.neocities.org

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2620:2:6000::a:1, located in United States and belongs to NEOCITIES, US. The main domain is tokuromu.neocities.org.
TLS certificate: Issued by R3 on September 30th 2023. Valid for: 3 months.

This is the only time tokuromu.neocities.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2620:2:6000::a:1 2620:2:6000::a:1	395409 (NEOCITIES) (NEOCITIES)
3	2606:4700:303... 2606:4700:3034::6815:5f45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:41d0:700... 2001:41d0:700:3168::	16276 (OVH) (OVH)
5	3

1 2620:2:6000::a:1 (United States)

ASN395409 (NEOCITIES, US)

tokuromu.neocities.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::6815:5f45 (United States)

ASN13335 (CLOUDFLARENET, US)

youareanidiot.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:700:3168:: (France)

ASN16276 (OVH, FR)

eu-central.storage.cloudconvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	youareanidiot.cc youareanidiot.cc — Cisco Umbrella Rank: 673800	5 KB
1	cloudconvert.com eu-central.storage.cloudconvert.com — Cisco Umbrella Rank: 185762
1	neocities.org tokuromu.neocities.org	8 KB
5	3

	Domain	Requested by
3	youareanidiot.cc	tokuromu.neocities.org
1	eu-central.storage.cloudconvert.com	tokuromu.neocities.org
1	tokuromu.neocities.org
5	3

This site contains no links.

Subject Issuer	Validity	Valid
neocities.org R3	`2023-09-30` - `2023-12-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-26`	a year	crt.sh
eu-central.storage.cloudconvert.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tokuromu.neocities.org/lol
Frame ID: 33FBA8FC2CB4DF5B4282DC6D772F1829
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BIG SHOT!

Detected technologies

math.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

math(?:\.min)?\.js

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

13 kB
Transfer

236 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lol Show response
tokuromu.neocities.org/ 56 KB
8 KB 352ms
132ms Document
text/html 2620:2:6000::a:1
NEOCITIES

General

Check archive.org

Show headers Download Go to

Full URL

https://tokuromu.neocities.org/lol

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2620:2:6000::a:1 , United States, ASN395409 (NEOCITIES, US),

Reverse DNS

Software

neocities /

Resource Hash

26d5a9acdd89d132008a49cd3e19b3351619d4cffde244af4fa376bf63d1a088

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-security-policy: upgrade-insecure-requests; default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: *
content-type: text/html
date: Mon, 09 Oct 2023 01:41:31 GMT
etag: W/"6522dbe8-e031"
last-modified: Sun, 08 Oct 2023 16:42:16 GMT
server: neocities
strict-transport-security: max-age=63072000; includeSubDomains; preload
upgrade-insecure-requests: 1
vary: Accept-Encoding
x-cached: HIT
x-ipfs-path: /ipns/tokuromu.neocities.org
x-neocities-cdn: cdn-ord

GET
H2 200 styles.css
youareanidiot.cc/styles/ 2 KB
3 KB 310ms
15ms Stylesheet
text/css 2606:4700:3034::6815:5f45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://youareanidiot.cc/styles/styles.css

Requested by

Host: tokuromu.neocities.org
URL: https://tokuromu.neocities.org/lol

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5f45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fa264b7e5e4758facd452a22af99a6a5a3fc9c877a597b03be5756b206bd12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tokuromu.neocities.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 01:41:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130816
alt-svc: h3=":443"; ma=86400
content-length: 2100
last-modified: Wed, 13 Sep 2023 10:48:59 GMT
server: cloudflare
etag: "6501939b-834"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVRAI4DpKgd%2BfvhSyxNjJrCR3Bu0fa7ENLIyNAZKoe1PEJjuY%2BuViaCOn4u5s448THxySt5wx0k9m2Ck%2F%2FGjoQn7rtpWW6sURdnMMWjjR%2F9oSGLS1B7zuXQeQKpAoMRZeXDAFYLzZBjpd2tYZDOO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
cf-ray: 8132ebfc7fd05da0-FRA

GET
H2 200 math.js Show response
youareanidiot.cc/scripts/ 1 KB
2 KB 315ms
20ms Script
application/javascript 2606:4700:3034::6815:5f45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://youareanidiot.cc/scripts/math.js

Requested by

Host: tokuromu.neocities.org
URL: https://tokuromu.neocities.org/lol

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5f45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a68a5e6ad9128312249540e6fff8a369b953fcf8cd668a64b357e659b37b817

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tokuromu.neocities.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 01:41:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2207575
alt-svc: h3=":443"; ma=86400
content-length: 1200
last-modified: Tue, 29 Aug 2023 23:32:20 GMT
server: cloudflare
etag: "64ee8004-4b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FpAfbgb5McVpv%2BN%2F1yI2CJCLqhlujfnyktIq%2FRAx3AmVrs%2Bb5%2FzfFxbvjuHrBjshHw6s%2BsPxOsql%2FIpMkx8MN6Hy2UtgrhX7UefNMqcr89CSSezv25qu0bc1tmK%2BKj9dEvbs3oktVPg%2FyHm4QmW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
cf-ray: 8132ebfc7fd25da0-FRA

GET
H2 200 lol.js Show response
youareanidiot.cc/scripts/ 503 B
863 B 310ms
15ms Script
application/javascript 2606:4700:3034::6815:5f45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://youareanidiot.cc/scripts/lol.js

Requested by

Host: tokuromu.neocities.org
URL: https://tokuromu.neocities.org/lol

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5f45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a64245f6e396f1f026efc23d0d8c454edaedf2c8074167945b92802eee05fce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tokuromu.neocities.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 01:41:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2200987
alt-svc: h3=":443"; ma=86400
content-length: 503
last-modified: Tue, 29 Aug 2023 23:08:52 GMT
server: cloudflare
etag: "64ee7a84-1f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEQmQMJZMdhWoFUwYwTT%2BD2HiHFQ9JGiwnk70fWlx7ac1y8RGyOqlu%2Bd78X1vzeiReFZb4%2FH%2FmQPEIrxejui42n0eDTWVz1hWMiK9qY%2FGAoFRR0aOZRMVKBBjXg4fRiL0EBvmVFy6TF6PIX%2B0mTi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
cf-ray: 8132ebfc7fd35da0-FRA

GET
H2 206 Deltarune%20Chapter%202%20OST_%2038%20-%20Deal%20Gone%20Wrong.mp3
eu-central.storage.cloudconvert.com/tasks/a80babe0-7911-4722-b17b-e8a465cfa175/ 176 KB
0 236ms
138ms Media
audio/mpeg 2001:41d0:700:3168::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-central.storage.cloudconvert.com/tasks/a80babe0-7911-4722-b17b-e8a465cfa175/Deltarune%20Chapter%202%20OST_%2038%20-%20Deal%20Gone%20Wrong.mp3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=cloudconvert-production%2F20231008%2Ffra%2Fs3%2Faws4_request&X-Amz-Date=20231008T163231Z&X-Amz-Expires=86400&X-Amz-Signature=2a7e8d4c59386b9ed700304d8a961974b6957b1843bad7639562ccfd3473eb2e&X-Amz-SignedHeaders=host&response-content-disposition=inline%3B%20filename%3D%22Deltarune%20Chapter%202%20OST_%2038%20-%20Deal%20Gone%20Wrong.mp3%22&response-content-type=audio%2Fmpeg&x-id=GetObject
Requested by: Host: tokuromu.neocities.org
URL: https://tokuromu.neocities.org/lol
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:700:3168:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://tokuromu.neocities.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 09 Oct 2023 01:41:32 GMT
x-amz-expiration: expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="DeleteDaily"
last-modified: Sun, 08 Oct 2023 16:32:31 GMT
server: nginx
x-amz-request-id: tx000008866c54884ab77e9-0065235a4c-9fc9b-fra
etag: "d18fe6b288b8966a53970c54a599a59e"
content-type: audio/mpeg
Content-Range: bytes 0-769681/769682
x-rgw-object-type: Normal
content-disposition: inline; filename="Deltarune Chapter 2 OST_ 38 - Deal Gone Wrong.mp3"
accept-ranges: bytes
Content-Length: 769682

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eu-central.storage.cloudconvert.com
tokuromu.neocities.org
youareanidiot.cc
2001:41d0:700:3168::
2606:4700:3034::6815:5f45
2620:2:6000::a:1
26d5a9acdd89d132008a49cd3e19b3351619d4cffde244af4fa376bf63d1a088
6fa264b7e5e4758facd452a22af99a6a5a3fc9c877a597b03be5756b206bd12c
7a68a5e6ad9128312249540e6fff8a369b953fcf8cd668a64b357e659b37b817
a64245f6e396f1f026efc23d0d8c454edaedf2c8074167945b92802eee05fce3

tokuromu.neocities.org Open in urlscan Pro 2620:2:6000::a:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

13 kBTransfer

236 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

tokuromu.neocities.org Open in urlscan Pro
2620:2:6000::a:1 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

13 kB
Transfer

236 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions