URL: https://koto002.creemnews.top/
Submission: On December 26 via api from US — Scanned from US

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 160.251.71.62, located in Hiyoshi, Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is koto002.creemnews.top.
TLS certificate: Issued by R3 on December 24th 2023. Valid for: 3 months.
This is the only time koto002.creemnews.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 160.251.71.62 7506 (INTERQ GM...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.160.22.120 16509 (AMAZON-02)
1 13.230.172.12 16509 (AMAZON-02)
2 54.248.151.34 16509 (AMAZON-02)
18 5
Domain Requested by
9 koto002.creemnews.top koto002.creemnews.top
5 file.mysquadbeyond.com koto002.creemnews.top
2 bq-api.squadbeyond.com assets-v2.article.squadbeyond.com
1 article.squadbeyond.com koto002.creemnews.top
1 assets-v2.article.squadbeyond.com koto002.creemnews.top
18 5

This site contains links to these domains. Also see Links.

Domain
sb-meemo.musthave-magazine.tokyo
Subject Issuer Validity Valid
koto002.creemnews.top
R3
2023-12-24 -
2024-03-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-06 -
2024-02-05
a year crt.sh
assets-v2.article.squadbeyond.com
Amazon RSA 2048 M02
2023-01-31 -
2024-03-01
a year crt.sh
article.squadbeyond.com
R3
2023-12-13 -
2024-03-12
3 months crt.sh
bq-api.squadbeyond.com
Amazon RSA 2048 M02
2023-05-14 -
2024-06-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://koto002.creemnews.top/
Frame ID: 7E6B5A812107A1E27B2E898E85D4468A
Requests: 18 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

18
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

1081 kB
Transfer

1314 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
koto002.creemnews.top/
148 KB
30 KB
Document
General
Full URL
https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
www294.conoha.ne.jp
Software
nginx /
Resource Hash
860adc35560d2c2c2a12a5a67aa87f5885f7cb167609100ab778ab909ba0b11c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 26 Dec 2023 12:02:40 GMT
etag
W/"24e15-60d5088cf0503"
last-modified
Mon, 25 Dec 2023 07:30:04 GMT
server
nginx
x-content-type-options
nosniff
x-nginx-cache
EXPIRED
x-xss-protection
1; mode=block
heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js
koto002.creemnews.top/index_files/
8 KB
3 KB
Script
General
Full URL
https://koto002.creemnews.top/index_files/heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
www294.conoha.ne.jp
Software
nginx /
Resource Hash
825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-nginx-cache
EXPIRED
last-modified
Mon, 25 Dec 2023 07:30:07 GMT
server
nginx
etag
W/"1f6b-60d508903633e"
content-type
application/javascript
x-xss-protection
1; mode=block
application-fca8d9efa05c78924c0cd69ac04e80463c29b4739e17719a703325084eafa398.js
koto002.creemnews.top/index_files/
17 KB
7 KB
Script
General
Full URL
https://koto002.creemnews.top/index_files/application-fca8d9efa05c78924c0cd69ac04e80463c29b4739e17719a703325084eafa398.js
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
www294.conoha.ne.jp
Software
nginx /
Resource Hash
fca8d9efa05c78924c0cd69ac04e80463c29b4739e17719a703325084eafa398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-nginx-cache
EXPIRED
last-modified
Mon, 25 Dec 2023 07:30:10 GMT
server
nginx
etag
W/"437c-60d50892b9c1a"
content-type
application/javascript
x-xss-protection
1; mode=block
polyfill.min.js
koto002.creemnews.top/index_files/
366 B
467 B
Script
General
Full URL
https://koto002.creemnews.top/index_files/polyfill.min.js
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
www294.conoha.ne.jp
Software
nginx /
Resource Hash
97d06bd7b958f09ace94a6d29cafd5aae171dfd97fc384a2164936fc80cae48c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-nginx-cache
EXPIRED
last-modified
Mon, 25 Dec 2023 07:30:05 GMT
server
nginx
etag
W/"16e-60d5088e5a211"
content-type
application/javascript
x-xss-protection
1; mode=block
URI.min.js
koto002.creemnews.top/index_files/
46 KB
17 KB
Script
General
Full URL
https://koto002.creemnews.top/index_files/URI.min.js
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
www294.conoha.ne.jp
Software
nginx /
Resource Hash
e06e99d50dc508617c868615e336f9e0e10dc1c664b84d0d9ef6e516c25383bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-nginx-cache
EXPIRED
last-modified
Mon, 25 Dec 2023 07:30:07 GMT
server
nginx
etag
W/"b853-60d508907b0cd"
content-type
application/javascript
x-xss-protection
1; mode=block
smooth-scroll.min.js
koto002.creemnews.top/index_files/
5 KB
3 KB
Script
General
Full URL
https://koto002.creemnews.top/index_files/smooth-scroll.min.js
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
www294.conoha.ne.jp
Software
nginx /
Resource Hash
78fb1bd09ce33d607f1c7928f1c9fe45af9ba8c2723bfea45c8be5916bbcc50c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-nginx-cache
EXPIRED
last-modified
Mon, 25 Dec 2023 07:30:08 GMT
server
nginx
etag
W/"15de-60d50890c0245"
content-type
application/javascript
x-xss-protection
1; mode=block
85f19730-8971-405d-b0c6-c0d58df34c15.webp
file.mysquadbeyond.com/uploads/article_photo/photo/2151918/
86 KB
87 KB
Image
General
Full URL
https://file.mysquadbeyond.com/uploads/article_photo/photo/2151918/85f19730-8971-405d-b0c6-c0d58df34c15.webp
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:925d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
723c4288a7f576df84133b089ba8dce6a3320c2ee2f28d966450bbee2a7177d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:40 GMT
cf-cache-status
HIT
x-amz-request-id
NJ629Z8JAYTF67YV
age
186496
x-amz-server-side-encryption
AES256
content-length
88342
x-amz-id-2
VWwq/e5q9O1s8RMRJ16GV71Ba6LA7AddvO8FIbhzQ0DopsHg8brVkaG4ivxxfHe69XQxUXiowYY=
last-modified
Fri, 27 Jan 2023 09:24:33 GMT
server
cloudflare
etag
"73469f0283439f3a4e68c376d60e469b"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83b92d1e2d1e31ec-MIA
expires
Wed, 25 Dec 2024 12:02:40 GMT
00852771-db97-42f3-9323-d4e86f009f07.webp
file.mysquadbeyond.com/uploads/article_photo/photo/2150987/
36 KB
37 KB
Image
General
Full URL
https://file.mysquadbeyond.com/uploads/article_photo/photo/2150987/00852771-db97-42f3-9323-d4e86f009f07.webp
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:925d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c0bf14443996c64fdbaac43407f440e379876ba3aaf1c8d7442bbe5bb83fc88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:40 GMT
cf-cache-status
HIT
x-amz-request-id
NJ61W3XKH0GVBFBE
age
186496
x-amz-server-side-encryption
AES256
content-length
36966
x-amz-id-2
lHDMs2Z+yr6dlKVOAO8rjjxNmybd3DoVdwNvBqw1eSh+0sQcjQDuT4qudaaTzrmgJiNNyOWSoGQ=
last-modified
Fri, 27 Jan 2023 06:56:05 GMT
server
cloudflare
etag
"554fddb73fc7f303d1784ea5aee32fc3"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83b92d1e2d2031ec-MIA
expires
Wed, 25 Dec 2024 12:02:40 GMT
lazy.png
koto002.creemnews.top/index_files/
1007 B
1 KB
Image
General
Full URL
https://koto002.creemnews.top/index_files/lazy.png
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
www294.conoha.ne.jp
Software
nginx /
Resource Hash
79c9884ded2e248311f2ae0528679113a3e689434776266fce1ddc702be619a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:41 GMT
x-content-type-options
nosniff
x-nginx-cache
EXPIRED
last-modified
Mon, 25 Dec 2023 07:30:10 GMT
server
nginx
etag
"3ef-60d508930b0e1"
content-type
image/png
accept-ranges
bytes
content-length
1007
x-xss-protection
1; mode=block
linkPopup-c3a9c53e8fecc4bbc4e3a08451043309f957df6aa8540ac6e6d46d53424f814f.js
koto002.creemnews.top/index_files/
105 KB
36 KB
Script
General
Full URL
https://koto002.creemnews.top/index_files/linkPopup-c3a9c53e8fecc4bbc4e3a08451043309f957df6aa8540ac6e6d46d53424f814f.js
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
www294.conoha.ne.jp
Software
nginx /
Resource Hash
c3a9c53e8fecc4bbc4e3a08451043309f957df6aa8540ac6e6d46d53424f814f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-nginx-cache
EXPIRED
last-modified
Mon, 25 Dec 2023 07:30:08 GMT
server
nginx
etag
W/"1a418-60d5089129dac"
content-type
application/javascript
x-xss-protection
1; mode=block
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
koto002.creemnews.top/index_files/
20 KB
20 KB
Script
General
Full URL
https://koto002.creemnews.top/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
www294.conoha.ne.jp
Software
nginx /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://koto002.creemnews.top/
Origin
https://koto002.creemnews.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:41 GMT
x-content-type-options
nosniff
x-nginx-cache
EXPIRED
last-modified
Mon, 25 Dec 2023 07:30:04 GMT
server
nginx
etag
"4e0a-60d5088d3b052"
accept-ranges
bytes
content-length
19978
x-xss-protection
1; mode=block
5f84c1bb-7c73-4448-9432-0a953c40bca6.mp4
file.mysquadbeyond.com/uploads/article_photo/photo/2151708/
762 KB
763 KB
Media
General
Full URL
https://file.mysquadbeyond.com/uploads/article_photo/photo/2151708/5f84c1bb-7c73-4448-9432-0a953c40bca6.mp4
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:925d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a8b4351f61234eb59317064ca02f72ad55b840c7ad3903dab6c2d72fa026f8

Request headers

Referer
https://koto002.creemnews.top/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 26 Dec 2023 12:02:41 GMT
cf-cache-status
HIT
x-amz-request-id
QKXZN0H2MM8M44N6
age
13338
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-780496/780497
Content-Length
780497
x-amz-id-2
p+z5kUkjY9sx3zgj51M38gvl/3KcMcdOZsDWiScErLI/1MxYLEcbHxSdlruOpqCsav5JP7puLdk=
last-modified
Fri, 27 Jan 2023 08:53:06 GMT
server
cloudflare
etag
"801990123cc45408abd0a62d951f939e"
vary
Accept-Encoding
content-type
video/mp4
cache-control
public, max-age=31536000
cf-ray
83b92d1f0e7031ec-MIA
expires
Wed, 25 Dec 2024 12:02:41 GMT
heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js
assets-v2.article.squadbeyond.com/assets/
8 KB
3 KB
Script
General
Full URL
https://assets-v2.article.squadbeyond.com/assets/heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-120.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 12:26:22 GMT
content-encoding
gzip
via
1.1 91e9eebca810fe5496f5fcf7d3800df4.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 07:36:30 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P3
age
4059380
etag
W/"9f8be1c57484cd0e7f90ed237cf3b256"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31557600
x-amz-cf-id
UrIArrU7Sr9IR2cpyIUDPPALs1GI28GnCaXSh3IWKKC6A2MEoMcrdA==
expires
Fri, 09 Feb 2024 13:36:28 GMT
new
article.squadbeyond.com/cookies/
73 B
705 B
Image
General
Full URL
https://article.squadbeyond.com/cookies/new?sb_tu_id=fadf15da-a5cc-43e4-9c12-a1c1e77d3e2d&article_uid=EMuHNbsyelPjVPUUrvaBw
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.230.172.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-172-12.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c5dde73d0dd86b2b496f8ed644c4d94ae720e6dd638324b70f0b9943e6f1ed19
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-runtime
0.002153
date
Tue, 26 Dec 2023 12:02:41 GMT
strict-transport-security
max-age=15768000
referrer-policy
no-referrer-when-downgrade
server
nginx
x-amzn-trace-id
Root=1-658ac0e1-383d926f564be86910ff1e00
content-type
image/png
cache-control
private
content-transfer-encoding
binary
content-disposition
inline; filename="image.png"; filename*=UTF-8''image.png
content-length
73
x-request-id
e317adbf-3fa3-4127-add5-d11c146ee8e1
da72fbfc-3bee-44a9-84d7-fcbc06f6b753.png
file.mysquadbeyond.com/uploads/article_photo/photo/358098/
2 KB
2 KB
Image
General
Full URL
https://file.mysquadbeyond.com/uploads/article_photo/photo/358098/da72fbfc-3bee-44a9-84d7-fcbc06f6b753.png
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:925d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12bb13135aca0761214ff89bf2543d2383239b9bab305181cc3ac486f5ae02a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:41 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Aug 2020 06:49:01 GMT
server
cloudflare
x-amz-request-id
DNA6ZD6T88AE72HN
age
3989813
etag
"d08e825b6f391b23e68f260b175b2967"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83b92d1f3ed231ec-MIA
content-length
1541
x-amz-id-2
Z28Ws5HdLTwDJU+egMhkIfKWopbN01eV8txdFJct7G9TCf7NUF5wnB8mL2yyv9v/J7V8t2D2a1c=
expires
Wed, 25 Dec 2024 12:02:41 GMT
e02db3ff-9a46-4905-8dbc-2256568c9880.webp
file.mysquadbeyond.com/uploads/article_photo/photo/2150952/
70 KB
70 KB
Image
General
Full URL
https://file.mysquadbeyond.com/uploads/article_photo/photo/2150952/e02db3ff-9a46-4905-8dbc-2256568c9880.webp
Requested by
Host: koto002.creemnews.top
URL: https://koto002.creemnews.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:925d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93fb8580f117ae6760c2247eb2c38ea6723a26979289c018914054f6a2fe3176

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:41 GMT
cf-cache-status
HIT
x-amz-request-id
NJ66GYQ4JTYB81FQ
age
186497
x-amz-server-side-encryption
AES256
content-length
71748
x-amz-id-2
h1GV/7TVmcrMT8bY7gM/lNrRIMwjPPBreYjlYALbHwlbyvCob6sGWXw5bmfKL6fgBUbO4OU1DEM=
last-modified
Fri, 27 Jan 2023 06:50:17 GMT
server
cloudflare
etag
"4a4c3d6574c0dd7936cae093b3332ea8"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83b92d20180e31ec-MIA
expires
Wed, 25 Dec 2024 12:02:41 GMT
actions
bq-api.squadbeyond.com/articles/
2 B
479 B
XHR
General
Full URL
https://bq-api.squadbeyond.com/articles/actions?table=visitor_arrivals&articleUid=EMuHNbsyelPjVPUUrvaBw&environment=production&visitor_id=fadf15da-a5cc-43e4-9c12-a1c1e77d3e2d&rows=%257B%2522index%2522%253A%252241%2522%252C%2522y_percent%2522%253A80%252C%2522url%2522%253A%2522https%253A%252F%252Fsb-meemo.musthave-magazine.tokyo%252Farticles%252FEMuHNbsyelPjVPUUrvaBw%253Fsbrd%253D%2522%252C%2522article_uid%2522%253A%2522EMuHNbsyelPjVPUUrvaBw%2522%252C%2522visitor_global_id%2522%253A%25227e059725-af69-44e9-888f-3318fa49995d%2522%252C%2522visitor_id%2522%253A%2522fadf15da-a5cc-43e4-9c12-a1c1e77d3e2d%2522%252C%2522window_width%2522%253A1600%252C%2522window_height%2522%253A1200%252C%2522user_agent%2522%253A%2522Mozilla%252F5.0%2520%28Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%29%2520AppleWebKit%252F537.36%2520%28KHTML%252C%2520like%2520Gecko%29%2520Chrome%252F120.0.6099.109%2520Safari%252F537.36%2522%257D
Requested by
Host: assets-v2.article.squadbeyond.com
URL: https://assets-v2.article.squadbeyond.com/assets/heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.151.34 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-151-34.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:41 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
b8c1f475-e1a8-4d5d-8eab-8aa2e35a7c43
x-runtime
0.000562
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"44136fa355b3678a1146ad16f7e8649e"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
vary
Origin
actions
bq-api.squadbeyond.com/articles/
2 B
478 B
XHR
General
Full URL
https://bq-api.squadbeyond.com/articles/actions?table=widget_vimp_logs&articleUid=EMuHNbsyelPjVPUUrvaBw&environment=production&visitor_id=fadf15da-a5cc-43e4-9c12-a1c1e77d3e2d&rows=%257B%2522widget_id%2522%253A%2522sb-part-1955%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fsb-meemo.musthave-magazine.tokyo%252Farticles%252FEMuHNbsyelPjVPUUrvaBw%253Fsbrd%253D%2522%252C%2522article_uid%2522%253A%2522EMuHNbsyelPjVPUUrvaBw%2522%252C%2522visitor_global_id%2522%253A%25227e059725-af69-44e9-888f-3318fa49995d%2522%252C%2522visitor_id%2522%253A%2522fadf15da-a5cc-43e4-9c12-a1c1e77d3e2d%2522%252C%2522window_width%2522%253A1600%252C%2522window_height%2522%253A1200%252C%2522user_agent%2522%253A%2522Mozilla%252F5.0%2520%28Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%29%2520AppleWebKit%252F537.36%2520%28KHTML%252C%2520like%2520Gecko%29%2520Chrome%252F120.0.6099.109%2520Safari%252F537.36%2522%257D
Requested by
Host: assets-v2.article.squadbeyond.com
URL: https://assets-v2.article.squadbeyond.com/assets/heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.151.34 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-151-34.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://koto002.creemnews.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:02:41 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
0bd5a0f8-5625-4862-ae31-1d9cbe4b6cc4
x-runtime
0.000911
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"44136fa355b3678a1146ad16f7e8649e"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
vary
Origin

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| LazyLoad object| sbqustionCheckedAndChange object| IPv6 object| punycode object| SecondLevelDomains function| URI function| URITemplate function| SmoothScroll string| environment string| sb_global_id string| sb_tu_id string| article_uid string| referrer string| article_url string| team_id

1 Cookies

Domain/Path Name / Value
.mysquadbeyond.com/ Name: __cf_bm
Value: 59QtZ8PcAzeRJ5nGUutkVVw0D8ALzJjchTf3sTdYCiE-1703592160-1-AU+FmaC7K1VYBe+nMIZEZZZP0P8LTPWl2cyCUVp49NkZFN++ygT5BQuKP/J1oqwMk6J+eH+P0Ut4Gi6TSs4+i5c=

1 Console Messages

Source Level URL
Text
security error URL: https://koto002.creemnews.top/
Message:
Refused to execute script from 'https://koto002.creemnews.top/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block