www.zousan2.creemnews.top Open in urlscan Pro
160.251.71.62  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.zousan2.creemnews.top/	253 KB 60 KB	1571ms 373ms	Document text/html	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash 63505fab05fb7e792a20ad08342e33f2896bf70847e1b9fd67cf5d06dd159da4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 10 Jan 2024 14:47:47 GMT etag W/"3f538-60bfabc9faced" last-modified Fri, 08 Dec 2023 07:43:14 GMT server nginx x-content-type-options nosniff x-nginx-cache MISS x-xss-protection 1; mode=block
GET H2	200	heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js Show response www.zousan2.creemnews.top/index_files/	8 KB 3 KB	200ms 197ms	Script application/javascript	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.zousan2.creemnews.top/index_files/heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash 825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT content-encoding gzip x-content-type-options nosniff x-nginx-cache MISS last-modified Fri, 08 Dec 2023 07:43:17 GMT server nginx etag W/"1f6b-60bfabccdbde0" content-type application/javascript x-xss-protection 1; mode=block
GET H2	200	application-fca8d9efa05c78924c0cd69ac04e80463c29b4739e17719a703325084eafa398.js Show response www.zousan2.creemnews.top/index_files/	17 KB 7 KB	200ms 198ms	Script application/javascript	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.zousan2.creemnews.top/index_files/application-fca8d9efa05c78924c0cd69ac04e80463c29b4739e17719a703325084eafa398.js Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash fca8d9efa05c78924c0cd69ac04e80463c29b4739e17719a703325084eafa398 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT content-encoding gzip x-content-type-options nosniff x-nginx-cache MISS last-modified Fri, 08 Dec 2023 07:43:18 GMT server nginx etag W/"437c-60bfabce2209e" content-type application/javascript x-xss-protection 1; mode=block
GET H2	200	js Show response www.googletagmanager.com/gtag/	209 KB 75 KB	104ms 47ms	Script application/javascript	2607:f8b0:4006:80c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-791547469 Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2008 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8a3439e0ecf6e4a4a2af145a9cf1a01ff647dcf8d00644bd2aa4465142204cb1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75929 x-xss-protection 0 last-modified Wed, 10 Jan 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 10 Jan 2024 14:47:47 GMT
GET H2	200	polyfill.min.js Show response www.zousan2.creemnews.top/index_files/	366 B 464 B	200ms 199ms	Script application/javascript	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.zousan2.creemnews.top/index_files/polyfill.min.js Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash 97d06bd7b958f09ace94a6d29cafd5aae171dfd97fc384a2164936fc80cae48c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT content-encoding gzip x-content-type-options nosniff x-nginx-cache MISS last-modified Fri, 08 Dec 2023 07:43:16 GMT server nginx etag W/"16e-60bfabcc21582" content-type application/javascript x-xss-protection 1; mode=block
GET H2	200	URI.min.js Show response www.zousan2.creemnews.top/index_files/	46 KB 17 KB	201ms 200ms	Script application/javascript	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.zousan2.creemnews.top/index_files/URI.min.js Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash e06e99d50dc508617c868615e336f9e0e10dc1c664b84d0d9ef6e516c25383bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT content-encoding gzip x-content-type-options nosniff x-nginx-cache MISS last-modified Fri, 08 Dec 2023 07:43:17 GMT server nginx etag W/"b853-60bfabcd061a8" content-type application/javascript x-xss-protection 1; mode=block
GET H2	200	smooth-scroll.min.js Show response www.zousan2.creemnews.top/index_files/	5 KB 3 KB	202ms 201ms	Script application/javascript	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.zousan2.creemnews.top/index_files/smooth-scroll.min.js Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash 78fb1bd09ce33d607f1c7928f1c9fe45af9ba8c2723bfea45c8be5916bbcc50c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT content-encoding gzip x-content-type-options nosniff x-nginx-cache MISS last-modified Fri, 08 Dec 2023 07:43:17 GMT server nginx etag W/"15de-60bfabcd2ee00" content-type application/javascript x-xss-protection 1; mode=block
GET H2	200	f.txt Show response www.zousan2.creemnews.top/index_files/	3 KB 2 KB	196ms 195ms	Script text/plain	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.zousan2.creemnews.top/index_files/f.txt Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash 154eac3ae8cc5f4996b952ea6122011bba514153d8b485066cacb4b6d43b3753 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT content-encoding gzip x-content-type-options nosniff x-nginx-cache MISS last-modified Fri, 08 Dec 2023 07:43:18 GMT server nginx etag W/"a82-60bfabcdb13ef" content-type text/plain; charset=UTF-8 x-xss-protection 1; mode=block
GET H2	200	658d0a0c-3af9-4efc-aa85-c73f99266775.webp file.mysquadbeyond.com/uploads/article_photo/photo/3269274/	61 KB 62 KB	237ms 138ms	Image image/webp	2606:4700::6811:dd1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://file.mysquadbeyond.com/uploads/article_photo/photo/3269274/658d0a0c-3af9-4efc-aa85-c73f99266775.webp Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:dd1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d45fa8d87521e2325b145746fa9afe93c2ea71f7968ce780c50f34c53b6ecee Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT cf-cache-status HIT x-amz-request-id XTFED1RGDB7AFZ4C x-amz-server-side-encryption AES256 content-security-policy-report-only script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Aj6dCB5MNj54NaU.eDPxx16A.H9KriRTgdlblN.Sb10-1704898067-1-Aaq-pBdm38NVvCrg6aNbyrWoxe7gOErDmbv8ZX0CgyGyhp0TYD1d0_OgKNJU0AIvHRZFiwG12I_Op7blBlyTYU1_ed-u7JUO-Ii1IuOLtTda2-N1Jhet3jmC25bFSj15J8l_a1toSlQ_-EC5fisg9nfrHpwI9jxPFiBfJGEFolzC; report-to cf-csp-endpoint content-length 62202 x-amz-id-2 Y7GTFuP+qy8zxoboiwSaCX6zTqqwC+6VBy7U2HA9LRF+YA1nUajxp+CSBUXPo/guzc/BevrhxvNe0MXTnaGztA== last-modified Thu, 16 Nov 2023 11:57:48 GMT server cloudflare etag "a852371ebbd6a37d15a11b024a0e5952" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Aj6dCB5MNj54NaU.eDPxx16A.H9KriRTgdlblN.Sb10-1704898067-1-Aaq-pBdm38NVvCrg6aNbyrWoxe7gOErDmbv8ZX0CgyGyhp0TYD1d0_OgKNJU0AIvHRZFiwG12I_Op7blBlyTYU1_ed-u7JUO-Ii1IuOLtTda2-N1Jhet3jmC25bFSj15J8l_a1toSlQ_-EC5fisg9nfrHpwI9jxPFiBfJGEFolzC"}],"group":"cf-csp-endpoint","max_age":86400} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8435b79ab8b34bcc-BUF expires Thu, 09 Jan 2025 14:47:47 GMT
GET H2	200	f10bc04e-2bcf-4d4d-84f6-397db13c4328.avif file.mysquadbeyond.com/uploads/article_photo/photo/2896737/	26 KB 27 KB	140ms 41ms	Image image/avif	2606:4700::6811:dd1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://file.mysquadbeyond.com/uploads/article_photo/photo/2896737/f10bc04e-2bcf-4d4d-84f6-397db13c4328.avif Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:dd1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f56fa6722b3ae083a6404ff73d1065b523acb8cf9268cc0eb8fd39253f295ce2 Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT cf-cache-status HIT x-amz-request-id 6MTNJ4XWJB9GQTAC age 2769198 x-amz-server-side-encryption AES256 content-length 26630 x-amz-id-2 cuodw7Xz/IrCa3BETECQAtw7xCDRfWCsER2f/WxPZNCeKo9YhlRElVqfoQUMFYEhTEcWzOs4o+i6TzEi0wf/DA== last-modified Sat, 12 Aug 2023 04:29:47 GMT server cloudflare etag "b8c0a9b9ad6830983c28ee952acab5ca" vary Accept-Encoding content-type image/avif cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8435b79ab8b24bcc-BUF expires Thu, 09 Jan 2025 14:47:47 GMT
GET H2	200	lazy.png www.zousan2.creemnews.top/index_files/	1007 B 1 KB	188ms 188ms	Image image/png	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://www.zousan2.creemnews.top/index_files/lazy.png Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash 79c9884ded2e248311f2ae0528679113a3e689434776266fce1ddc702be619a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT x-content-type-options nosniff x-nginx-cache MISS last-modified Fri, 08 Dec 2023 07:43:19 GMT server nginx etag "3ef-60bfabce3d61e" content-type image/png accept-ranges bytes content-length 1007 x-xss-protection 1; mode=block
GET H2	200	linkPopup-c3a9c53e8fecc4bbc4e3a08451043309f957df6aa8540ac6e6d46d53424f814f.js Show response www.zousan2.creemnews.top/index_files/	105 KB 36 KB	196ms 194ms	Script application/javascript	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.zousan2.creemnews.top/index_files/linkPopup-c3a9c53e8fecc4bbc4e3a08451043309f957df6aa8540ac6e6d46d53424f814f.js Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash c3a9c53e8fecc4bbc4e3a08451043309f957df6aa8540ac6e6d46d53424f814f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT content-encoding gzip x-content-type-options nosniff x-nginx-cache MISS last-modified Fri, 08 Dec 2023 07:43:18 GMT server nginx etag W/"1a418-60bfabcd8be47" content-type application/javascript x-xss-protection 1; mode=block
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response www.zousan2.creemnews.top/index_files/	20 KB 20 KB	197ms 197ms	Script text/plain	160.251.71.62 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://www.zousan2.creemnews.top/index_files/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.251.71.62 Hiyoshi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS www294.conoha.ne.jp Software nginx / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.zousan2.creemnews.top/ Origin https://www.zousan2.creemnews.top accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT x-content-type-options nosniff x-nginx-cache MISS last-modified Fri, 08 Dec 2023 07:43:17 GMT server nginx etag "4e12-60bfabcca7609" accept-ranges bytes content-length 19986 x-xss-protection 1; mode=block
GET H2	206	fb78d738-f3c4-4567-86b1-cae7d4587c36.mp4 file.mysquadbeyond.com/uploads/article_photo/photo/3269273/	386 KB 387 KB	40ms 39ms	Media video/mp4	2606:4700::6811:dd1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://file.mysquadbeyond.com/uploads/article_photo/photo/3269273/fb78d738-f3c4-4567-86b1-cae7d4587c36.mp4 Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:dd1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fd81a427171e70484ecd226f653a9fd1e26b4f6b5e490f142fbbf542e36022d Request headers Referer https://www.zousan2.creemnews.top/ Accept-Encoding identity;q=1, *;q=0 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Range bytes=0- Response headers date Wed, 10 Jan 2024 14:47:47 GMT cf-cache-status HIT x-amz-request-id TZ63SWBAFCAFYJKP age 2703027 x-amz-server-side-encryption AES256 Content-Range bytes 0-395134/395135 Content-Length 395135 x-amz-id-2 B7rUFDq+T4hbqHB81HgG5NVThjASnvvuCFhGa5LfKaJDI6MK5SUaVXDCh0NMNof4l8AzgE1rX5Y= last-modified Thu, 16 Nov 2023 11:57:24 GMT server cloudflare etag "2f58c3e833f27728566a925b80b38934" vary Accept-Encoding content-type video/mp4 cache-control public, max-age=31536000 cf-ray 8435b79bc9e34bcc-BUF expires Thu, 09 Jan 2025 14:47:47 GMT
GET H2	200	heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js Show response assets-v2.article.squadbeyond.com/assets/	8 KB 3 KB	483ms 150ms	Script application/javascript	108.158.137.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-v2.article.squadbeyond.com/assets/heatmap-825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500.js Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.158.137.15 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-158-137-15.gig51.r.cloudfront.net Software AmazonS3 / Resource Hash 825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500 Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 25 Aug 2023 04:40:07 GMT content-encoding br via 1.1 d9ca07fd942f295f5e7d804e1b4b4558.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 07:36:30 GMT server AmazonS3 x-amz-cf-pop GIG51-P2 age 11959662 etag W/"9f8be1c57484cd0e7f90ed237cf3b256" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31557600 x-amz-cf-id 3CopNoG9Xr6LXlXqbE4q2s4zus5bo-hojofaB0CnMXhH7GUm_9bVFQ== expires Fri, 09 Feb 2024 13:36:28 GMT
GET H2	200	new article.squadbeyond.com/cookies/	73 B 704 B	689ms 213ms	Image image/png	13.230.172.12 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://article.squadbeyond.com/cookies/new?sb_tu_id=07e49a19-0d09-4839-80f9-f3d09fc5b059&article_uid=TX_SAdqr_OuxOdtOhQ Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.230.172.12 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-230-172-12.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash c5dde73d0dd86b2b496f8ed644c4d94ae720e6dd638324b70f0b9943e6f1ed19 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers x-runtime 0.002672 date Wed, 10 Jan 2024 14:47:48 GMT strict-transport-security max-age=15768000 referrer-policy no-referrer-when-downgrade server nginx x-amzn-trace-id Root=1-659eae14-6003b4846870e50009ae48d6 content-type image/png cache-control private content-transfer-encoding binary content-disposition inline; filename="image.png"; filename*=UTF-8''image.png content-length 73 x-request-id 61dc06ca-2e11-4d50-ac45-5127a782bbcd
GET H2	200	3b791ca5-65ce-406e-a14a-8c205c699ea7.avif file.mysquadbeyond.com/uploads/article_photo/photo/2896738/	38 KB 38 KB	44ms 44ms	Image image/avif	2606:4700::6811:dd1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://file.mysquadbeyond.com/uploads/article_photo/photo/2896738/3b791ca5-65ce-406e-a14a-8c205c699ea7.avif Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:dd1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e66825a4d0d466302b080b1e1c866b71b8a28093014c0f3c57cf75fad79198a7 Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:47 GMT cf-cache-status HIT x-amz-request-id XT2EVZP5Z74W5538 age 2769198 x-amz-server-side-encryption AES256 content-length 39098 x-amz-id-2 dB2O/OWR+NRxyvp5T0Dw7uj1BeHGhBmXcw8hmR+RDb/h1q+YDNI0DnqBgo2gD0O/fU3aItLfYc4= last-modified Sat, 12 Aug 2023 04:29:54 GMT server cloudflare etag "0d5eaf66a9b9725b1b0f0bf55ec39312" vary Accept-Encoding content-type image/avif cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8435b79bfa244bcc-BUF expires Thu, 09 Jan 2025 14:47:47 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/791547469/	2 KB 2 KB	100ms 43ms	Script text/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/791547469/?random=1704898067897&cv=11&fst=1704898067897&bg=ffffff&guid=ON&async=1&gtm=45be4180v897898703&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zousan2.creemnews.top%2F&hn=www.googleadservices.com&frm=0&auid=546240464.1704898068&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2e9f66da13ab68ebd99e30f7b9eb06daa1314246a660f0cb0f5d00168cb1f1b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jan 2024 14:47:47 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1227 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/791547469/	42 B 455 B	137ms 58ms	Image image/gif	2607:f8b0:4020:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/791547469/?random=1704898067897&cv=11&fst=1704895200000&bg=ffffff&guid=ON&async=1&gtm=45be4180v897898703&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zousan2.creemnews.top%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_FdNHqjhCrKdVDfU6p6DfUBCk49mipQ&random=3038101309&rmt_tld=0&ipr=y Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Wed, 10 Jan 2024 14:47:48 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	actions Show response bq-api.squadbeyond.com/articles/	2 B 479 B	642ms 206ms	XHR application/json	18.182.100.155 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bq-api.squadbeyond.com/articles/actions?table=visitor_arrivals&articleUid=TX_SAdqr_OuxOdtOhQ&environment=production&visitor_id=07e49a19-0d09-4839-80f9-f3d09fc5b059&rows=%257B%2522index%2522%253A%252231%2522%252C%2522y_percent%2522%253A51%252C%2522url%2522%253A%2522https%253A%252F%252Fsb-sexsex.discover-news.tokyo%252Farticles%252FTX_SAdqr_OuxOdtOhQ%253Fsbrd%253D%2522%252C%2522article_uid%2522%253A%2522TX_SAdqr_OuxOdtOhQ%2522%252C%2522visitor_global_id%2522%253A%252213b91872-7acb-4d7a-96a8-28a853222bb2%2522%252C%2522visitor_id%2522%253A%252207e49a19-0d09-4839-80f9-f3d09fc5b059%2522%252C%2522window_width%2522%253A1600%252C%2522window_height%2522%253A1200%252C%2522user_agent%2522%253A%2522Mozilla%252F5.0%2520%28Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%29%2520AppleWebKit%252F537.36%2520%28KHTML%252C%2520like%2520Gecko%29%2520Chrome%252F120.0.6099.216%2520Safari%252F537.36%2522%257D Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.182.100.155 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-182-100-155.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.zousan2.creemnews.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:47:48 GMT x-content-type-options nosniff x-permitted-cross-domain-policies none x-xss-protection 1; mode=block x-request-id 64c3a1c7-28e3-4503-abf5-c5f59a0362a6 x-runtime 0.000565 referrer-policy strict-origin-when-cross-origin server nginx etag W/"44136fa355b3678a1146ad16f7e8649e" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8 vary Origin
GET H2	200	nr-spa-1.248.0.min.js Show response js-agent.newrelic.com/	87 KB 29 KB	59ms 17ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1.248.0.min.js Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Referer https://www.zousan2.creemnews.top/ Origin https://www.zousan2.creemnews.top accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers x-amz-version-id WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi content-encoding br via 1.1 varnish date Wed, 10 Jan 2024 14:47:48 GMT strict-transport-security max-age=300 x-amz-request-id 54GC1S4NGHFTCYWG x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 29446 x-amz-id-2 NLt+ALUZk6/58DTkaRvLa64bijE10emc3v/ggXCB8nYjeMuWumoC0HglTfHRalJZ1YuEO7EHYio= x-served-by cache-yyz4573-YYZ last-modified Thu, 16 Nov 2023 17:54:54 GMT server AmazonS3 x-timer S1704898069.549647,VS0,VE0 etag "9aea0ff91a800a354637269e96e31dac" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 63
POST H/1.1	200	521e60c03b Show response bam.nr-data.net/1/	40 B 405 B	153ms 89ms	XHR text/plain	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/521e60c03b?a=1072097605&v=1.248.0&to=el8LRhFfWFQDFExVUWZEAEEXQxtLDgkU&rst=2845&ck=0&s=c13300b9b1bc4467&ref=https://www.zousan2.creemnews.top/&af=err,xhr,stn,ins,spa&ap=175&be=1571&fe=1189&dc=630&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1704898065738,%22n%22:0,%22f%22:0,%22dn%22:748,%22dne%22:748,%22c%22:748,%22s%22:935,%22ce%22:1198,%22rq%22:1199,%22rp%22:1572,%22rpe%22:1768,%22di%22:2200,%22ds%22:2201,%22de%22:2201,%22dc%22:2758,%22l%22:2758,%22le%22:2760%7D,%22navigation%22:%7B%7D%7D&fp=2076&fcp=2076 Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f Request headers Referer https://www.zousan2.creemnews.top/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 content-type text/plain Response headers date Wed, 10 Jan 2024 14:47:48 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/plain access-control-allow-origin https://www.zousan2.creemnews.top access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive Content-Length 40 x-served-by cache-yyz4552-YYZ
POST H/1.1	200	521e60c03b Show response bam.nr-data.net/events/1/	24 B 344 B	85ms 84ms	XHR image/gif	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/events/1/521e60c03b?a=1072097605&v=1.248.0&to=el8LRhFfWFQDFExVUWZEAEEXQxtLDgkU&rst=3011&ck=0&s=c13300b9b1bc4467&ref=https://www.zousan2.creemnews.top/ Requested by Host: www.zousan2.creemnews.top URL: https://www.zousan2.creemnews.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://www.zousan2.creemnews.top/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 content-type text/plain Response headers date Wed, 10 Jan 2024 14:47:48 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type image/gif access-control-allow-origin https://www.zousan2.creemnews.top access-control-allow-credentials true Connection keep-alive Content-Length 24 x-served-by cache-yyz4552-YYZ

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.248.0.PROD object| newrelic function| LazyLoad function| gtag object| dataLayer object| IPv6 object| punycode object| SecondLevelDomains function| URI function| URITemplate function| SmoothScroll object| sbAncChoices string| environment string| sb_global_id string| sb_tu_id string| article_uid string| referrer string| article_url string| team_id object| google_tag_manager object| google_tag_data object| GooglebQhCsO

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mysquadbeyond.com/	1970-01-20 17:34:59	Name: __cf_bm Value: AXYXc5zIx0hdJ52a029bG3BdO9G5dFCQGD9LUKqmbLQ-1704898067-1-AYGgsJ+ZXWOgPhc7y8kJ2gI/LaGo8i0bTSNh9J1e6Nr1wbD3uft0TOhlb0GuKB904rgj66osWn6GQYdtH6zaLS4=
			.creemnews.top/	1970-01-20 19:44:34	Name: _gcl_au Value: 1.1.546240464.1704898068
			.doubleclick.net/	1970-01-20 17:34:58	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.zousan2.creemnews.top/ Message: Refused to execute script from 'https://www.zousan2.creemnews.top/index_files/f.txt' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://www.zousan2.creemnews.top/ Message: Refused to execute script from 'https://www.zousan2.creemnews.top/index_files/v84a3a4012de94ce1a686ba8c167c359c1696973893317' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

article.squadbeyond.com
assets-v2.article.squadbeyond.com
bam.nr-data.net
bq-api.squadbeyond.com
file.mysquadbeyond.com
googleads.g.doubleclick.net
js-agent.newrelic.com
www.google.com
www.googletagmanager.com
www.zousan2.creemnews.top
108.158.137.15
13.230.172.12
151.101.66.137
160.251.71.62
162.247.243.29
18.182.100.155
2606:4700::6811:dd1f
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2008
2607:f8b0:4020:807::2004
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
154eac3ae8cc5f4996b952ea6122011bba514153d8b485066cacb4b6d43b3753
2e9f66da13ab68ebd99e30f7b9eb06daa1314246a660f0cb0f5d00168cb1f1b4
3d45fa8d87521e2325b145746fa9afe93c2ea71f7968ce780c50f34c53b6ecee
3fd81a427171e70484ecd226f653a9fd1e26b4f6b5e490f142fbbf542e36022d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
63505fab05fb7e792a20ad08342e33f2896bf70847e1b9fd67cf5d06dd159da4
78fb1bd09ce33d607f1c7928f1c9fe45af9ba8c2723bfea45c8be5916bbcc50c
79c9884ded2e248311f2ae0528679113a3e689434776266fce1ddc702be619a5
825730641f21881879fc687c9b0b530c21479d2ffba81266dec19d1e50172500
8a3439e0ecf6e4a4a2af145a9cf1a01ff647dcf8d00644bd2aa4465142204cb1
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
97d06bd7b958f09ace94a6d29cafd5aae171dfd97fc384a2164936fc80cae48c
c3a9c53e8fecc4bbc4e3a08451043309f957df6aa8540ac6e6d46d53424f814f
c5dde73d0dd86b2b496f8ed644c4d94ae720e6dd638324b70f0b9943e6f1ed19
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
e06e99d50dc508617c868615e336f9e0e10dc1c664b84d0d9ef6e516c25383bb
e66825a4d0d466302b080b1e1c866b71b8a28093014c0f3c57cf75fad79198a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56fa6722b3ae083a6404ff73d1065b523acb8cf9268cc0eb8fd39253f295ce2
fca8d9efa05c78924c0cd69ac04e80463c29b4739e17719a703325084eafa398