creamsicle.ju.mp Open in urlscan Pro
104.18.32.215 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://creamsicle.ju.mp/
Effective URL:
https://creamsicle.ju.mp/
Submission: On June 23 via api (June 23rd 2024, 3:19:59 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 14 HTTP transactions. The main IP is 104.18.32.215, located in and belongs to CLOUDFLARENET, US. The main domain is creamsicle.ju.mp.
TLS certificate: Issued by GTS CA 1P5 on May 14th 2024. Valid for: 3 months.

This is the only time creamsicle.ju.mp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.18.32.215 104.18.32.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.102.19 18.66.102.19	16509 (AMAZON-02) (AMAZON-02)
3 6	2620:100:6022... 2620:100:6022:15::a27d:420f	19679 (DROPBOX) (DROPBOX)
1	108.181.20.37 108.181.20.37	40676 (AS40676) (AS40676)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
14	7

7 104.18.32.215 (None, )

ASN13335 (CLOUDFLARENET, US)

creamsicle.ju.mp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-19.fra56.r.cloudfront.net

cdn.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:100:6022:15::a27d:420f (United States) 3 redirects

ASN19679 (DROPBOX, US)

dl.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dl.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.181.20.37 (Los Angeles, United States)

ASN40676 (AS40676, US)

files.catbox.moe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

static.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ju.mp creamsicle.ju.mp	1 MB
3	dropboxusercontent.com dl.dropboxusercontent.com — Cisco Umbrella Rank: 20110	119 KB
3	dropbox.com 3 redirects dl.dropbox.com — Cisco Umbrella Rank: 63023	689 B
1	tumblr.com static.tumblr.com — Cisco Umbrella Rank: 83286	1 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469	34 KB
1	catbox.moe files.catbox.moe — Cisco Umbrella Rank: 160519
1	glitch.me cdn.glitch.me — Cisco Umbrella Rank: 226424	14 KB
14	7

	Domain	Requested by
7	creamsicle.ju.mp	creamsicle.ju.mp
3	dl.dropboxusercontent.com	creamsicle.ju.mp
3	dl.dropbox.com	3 redirects
1	static.tumblr.com	creamsicle.ju.mp
1	ajax.googleapis.com	creamsicle.ju.mp
1	files.catbox.moe	creamsicle.ju.mp
1	cdn.glitch.me	creamsicle.ju.mp
14	7

This site contains links to these domains. Also see Links.

Domain
www.youtube.com

Subject Issuer	Validity	Valid
ju.mp GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
*.catbox.moe R3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-15` - `2024-12-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://creamsicle.ju.mp/
Frame ID: 81925349AAF2B42E8B1437341C95CE29
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

summer card

Page URL History Show full URLs

http://creamsicle.ju.mp/ HTTP 307
https://creamsicle.ju.mp/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

79 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

1246 kB
Transfer

1559 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=A7M7DlepJPY
Title: leave you at the back of the earth

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=P2KRg60WPvE
Title: jumpin' over!

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=_nqZc0KOc1U
Title: worst regret

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=2INYgH-Gcjk
Title: zero talking

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://creamsicle.ju.mp/ HTTP 307
https://creamsicle.ju.mp/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://dl.dropbox.com/s/2gy98czcm036a4c/Glitten-Regular.otf HTTP 302
https://dl.dropboxusercontent.com/s/2gy98czcm036a4c/Glitten-Regular.otf

Request Chain 10

https://dl.dropbox.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf HTTP 302
https://dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf

Request Chain 11

https://dl.dropbox.com/s/miph32gnut3atwk/bmstamp.TTF HTTP 302
https://dl.dropboxusercontent.com/s/miph32gnut3atwk/bmstamp.TTF

14 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
creamsicle.ju.mp/
Redirect Chain

http://creamsicle.ju.mp/
https://creamsicle.ju.mp/

111 KB
18 KB

594ms
470ms

Document
text/html

104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creamsicle.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40a436797c5a73f6efc6ae1c89d27e7d1e4d7aaf0f224d9b5b7a49235f40dded

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 898575706e1cbf3c-WAW
content-encoding: gzip
content-type: text/html
date: Sun, 23 Jun 2024 15:19:51 GMT
expires: Sun, 23 Jun 2024 15:19:51 GMT
last-modified: Sun, 23 Jun 2024 14:26:24 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://creamsicle.ju.mp/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bg.jpg
creamsicle.ju.mp/assets/images/ 507 KB
507 KB 654ms
653ms Image
image/jpeg 104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creamsicle.ju.mp/assets/images/bg.jpg?v=f7e63779
Requested by: Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4121ed57e03108a74b24d84154116e1b2fbc1bc020df301b1461dd15af7a4134

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://creamsicle.ju.mp/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 15:19:52 GMT
cf-cache-status: MISS
last-modified: Sun, 02 Jun 2024 01:01:55 GMT
server: cloudflare
etag: "7ea64-619ddc34bf1e8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 898575739adcbf3c-WAW
content-length: 518756
expires: Sun, 30 Jun 2024 15:19:52 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df1df4521252b77b610ca6ed4263c3ee596ddfd4d9887d50d9d744bcd4f7d55b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6a82e1f7.png
creamsicle.ju.mp/assets/images/gallery01/ 17 KB
17 KB 561ms
561ms Image
image/png 104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creamsicle.ju.mp/assets/images/gallery01/6a82e1f7.png?v=f7e63779
Requested by: Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d257694ac72ee5c4a68ffb9199bfbd862a6a8602926736083230283867a0ce9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://creamsicle.ju.mp/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 15:19:52 GMT
cf-cache-status: MISS
last-modified: Sun, 02 Jun 2024 01:16:18 GMT
server: cloudflare
etag: "427f-619ddf6c71160"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89857573bb04bf3c-WAW
content-length: 17023
expires: Sun, 30 Jun 2024 15:19:52 GMT

GET
H2 200 61747d4c.png
creamsicle.ju.mp/assets/images/gallery01/ 15 KB
16 KB 513ms
513ms Image
image/png 104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creamsicle.ju.mp/assets/images/gallery01/61747d4c.png?v=f7e63779
Requested by: Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d475a56e8503dbf47a2d4a66e7ddc00c81069d01306e25b274b044ca38e957

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://creamsicle.ju.mp/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 15:19:52 GMT
cf-cache-status: MISS
last-modified: Sun, 02 Jun 2024 01:16:18 GMT
server: cloudflare
etag: "3df5-619ddf6c74810"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89857573bb08bf3c-WAW
content-length: 15861
expires: Sun, 30 Jun 2024 15:19:52 GMT

GET
H2 200 c318bc91.png
creamsicle.ju.mp/assets/images/gallery01/ 16 KB
16 KB 521ms
520ms Image
image/png 104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creamsicle.ju.mp/assets/images/gallery01/c318bc91.png?v=f7e63779
Requested by: Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0054b98d8deded8b09ea19868bcd78f17738dc5b4e146bf394c496630c404ec7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://creamsicle.ju.mp/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 15:19:52 GMT
cf-cache-status: MISS
last-modified: Sun, 02 Jun 2024 01:16:18 GMT
server: cloudflare
etag: "4009-619ddf6c776f0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89857573bb0dbf3c-WAW
content-length: 16393
expires: Sun, 30 Jun 2024 15:19:52 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d90b97ef1a394f460b29336be4ad8bb89df2792012acb1bdadb1efcdfb9ee58

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 347 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e454bd77b1ac20daa25a0fa9f2811ba4329132b1d090e57b09ae118e9a161912

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H/1.1 200
OK MS%20Sans%20Serif.ttf
cdn.glitch.me/9bbfdfb3-4bfa-4c39-8743-5621c8b9df21/ 14 KB
14 KB 155ms
46ms Font
binary/octet-stream 18.66.102.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.glitch.me/9bbfdfb3-4bfa-4c39-8743-5621c8b9df21/MS%20Sans%20Serif.ttf

Requested by

Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-19.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d4a95d0594b3eca2b87a6db0c867f49717ca6f0b2bcf003e77cc3294be8922da

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://creamsicle.ju.mp/
Origin: https://creamsicle.ju.mp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 06 Jan 2024 13:09:24 GMT
Via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Sun, 19 Dec 2021 20:13:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 14609428
ETag: "f27c0623725cfeedb024d1883e5f1bce"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 14280
X-Amz-Cf-Id: I1FCUU0IzMRqHZ8206qPy1tNty5YPBhxZltC1y6_4kPZR9RTYwXrPg==

GET
H2

200

Glitten-Regular.otf
dl.dropboxusercontent.com/s/2gy98czcm036a4c/
Redirect Chain

https://dl.dropbox.com/s/2gy98czcm036a4c/Glitten-Regular.otf
https://dl.dropboxusercontent.com/s/2gy98czcm036a4c/Glitten-Regular.otf

53 KB
53 KB

570ms
538ms

Font
application/octet-stream

2620:100:6022:15::a27d:420f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/2gy98czcm036a4c/Glitten-Regular.otf

Requested by

Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/

Protocol

Server

2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

570b02f6d4a58fbc73461d320e41b25df2f48ff146df925d4e3bcd8c15688ebc

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://creamsicle.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Sun, 23 Jun 2024 15:19:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 5c48a3e3a6fb47f29ec3100e4c17bcef
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="Glitten-Regular.otf"; filename*=UTF-8''Glitten-Regular.otf
content-length: 53988
pragma: public
server: envoy
etag: 1662563102269734n
x-server-response-time: 385
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Sun, 23 Jun 2024 15:19:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: envoy
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/2gy98czcm036a4c/Glitten-Regular.otf
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: bc7bcdd7b11d454d873c79b3fdce95c5

GET
H2

200

SakeMoru-Regular.ttf
dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/
Redirect Chain

https://dl.dropbox.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf
https://dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf

34 KB
35 KB

453ms
453ms

Font
application/octet-stream

2620:100:6022:15::a27d:420f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf

Requested by

Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/

Protocol

Server

2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

3553963ce3db0350ae46c61fd3ff5c5ab27eaa7edb7f48a416e0c85478e00743

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://creamsicle.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Sun, 23 Jun 2024 15:19:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 168c154d053045049341a374a192c74d
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="SakeMoru-Regular.ttf"; filename*=UTF-8''SakeMoru-Regular.ttf
content-length: 35164
pragma: public
server: envoy
etag: 1638935108836684n
x-server-response-time: 290
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Sun, 23 Jun 2024 15:19:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: envoy
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: 75c9a256f3b7439dad51cbe19a2e87c6

GET
H2

200

bmstamp.TTF
dl.dropboxusercontent.com/s/miph32gnut3atwk/
Redirect Chain

https://dl.dropbox.com/s/miph32gnut3atwk/bmstamp.TTF
https://dl.dropboxusercontent.com/s/miph32gnut3atwk/bmstamp.TTF

31 KB
31 KB

705ms
677ms

Font
application/octet-stream

2620:100:6022:15::a27d:420f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/miph32gnut3atwk/bmstamp.TTF

Requested by

Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/

Protocol

Server

2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

988283c32daf0c337cd586799a11e15645b3568b848ca987f9624c5d0495c966

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://creamsicle.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Sun, 23 Jun 2024 15:19:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 1ecc7f6fcde84f18841b994c5e7e9d6b
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="bmstamp.TTF"; filename*=UTF-8''bmstamp.TTF
content-length: 31948
pragma: public
server: envoy
etag: 1651311422590712n
x-server-response-time: 488
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Sun, 23 Jun 2024 15:19:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: envoy
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/miph32gnut3atwk/bmstamp.TTF
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: 15395a991e144ddc888581e2e0c2195b

GET
H2 206 6zlcr9.mp3
files.catbox.moe/ 160 KB
0 909ms
353ms Media
audio/mpeg 108.181.20.37
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://files.catbox.moe/6zlcr9.mp3

Requested by

Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.20.37 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://creamsicle.ju.mp/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 15:19:52 GMT
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options: nosniff
last-modified: Mon, 03 Jun 2024 20:28:40 GMT
server: nginx
etag: "665e2778-28976d"
access-control-allow-methods: GET, HEAD
content-type: audio/mpeg
access-control-allow-origin: *
Content-Range: bytes 0-2660204/2660205
Content-Length: 2660205

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7/ 93 KB
34 KB 140ms
40ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js

Requested by

Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://creamsicle.ju.mp/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 13:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jun 2025 13:28:23 GMT

GET
H2 200 glenplayer02.js Show response
static.tumblr.com/gtjt4bo/QRmphdsdv/ 874 B
1 KB 149ms
38ms Script
text/javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/gtjt4bo/QRmphdsdv/glenplayer02.js

Requested by

Host: creamsicle.ju.mp
URL: https://creamsicle.ju.mp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

e3ac527cd57cc7de7204d4a7c5bd7a2bc8407ed8bbab28c914e216312d1896d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://creamsicle.ju.mp/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 15:19:51 GMT
strict-transport-security: max-age=31536000; preload
alt-svc: h3=":443"; ma=86400
content-length: 874
x-nc: HIT hhn 1
last-modified: Mon, 29 Oct 2018 22:13:08 GMT
server: nginx
etag: "0c72d69900626725bd7d730e5d46a141"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image01.png
creamsicle.ju.mp/assets/images/ 502 KB
503 KB 677ms
676ms Image
image/png 104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creamsicle.ju.mp/assets/images/image01.png?v=f7e63779
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bee935f73df4570abcbae64a7dad0f3aa27401b20a8b9754c15086716403d1b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://creamsicle.ju.mp/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 15:19:53 GMT
cf-cache-status: MISS
last-modified: Sun, 02 Jun 2024 00:50:18 GMT
server: cloudflare
etag: "7d84f-619dd99cb72d0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8985757b4ea7bf3c-WAW
content-length: 514127
expires: Sun, 30 Jun 2024 15:19:53 GMT

GET
H2 404 favicon.ico
creamsicle.ju.mp/ 637 B
560 B 437ms
436ms Other
text/html 104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creamsicle.ju.mp/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 219e5ae2778f7c3e1a9a0609f5f465a4fa58a9cf0655657d9274b3c5bd043671

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://creamsicle.ju.mp/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 15:19:53 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=14400
cf-ray: 8985757b5ebbbf3c-WAW
expires: Sun, 23 Jun 2024 19:19:53 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://creamsicle.ju.mp/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.glitch.me
creamsicle.ju.mp
dl.dropbox.com
dl.dropboxusercontent.com
files.catbox.moe
static.tumblr.com
104.18.32.215
108.181.20.37
18.66.102.19
192.0.77.40
2620:100:6022:15::a27d:420f
2a00:1450:4001:813::200a
0054b98d8deded8b09ea19868bcd78f17738dc5b4e146bf394c496630c404ec7
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011
219e5ae2778f7c3e1a9a0609f5f465a4fa58a9cf0655657d9274b3c5bd043671
2bee935f73df4570abcbae64a7dad0f3aa27401b20a8b9754c15086716403d1b
3553963ce3db0350ae46c61fd3ff5c5ab27eaa7edb7f48a416e0c85478e00743
3d90b97ef1a394f460b29336be4ad8bb89df2792012acb1bdadb1efcdfb9ee58
40a436797c5a73f6efc6ae1c89d27e7d1e4d7aaf0f224d9b5b7a49235f40dded
4121ed57e03108a74b24d84154116e1b2fbc1bc020df301b1461dd15af7a4134
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
570b02f6d4a58fbc73461d320e41b25df2f48ff146df925d4e3bcd8c15688ebc
67d475a56e8503dbf47a2d4a66e7ddc00c81069d01306e25b274b044ca38e957
8d257694ac72ee5c4a68ffb9199bfbd862a6a8602926736083230283867a0ce9
988283c32daf0c337cd586799a11e15645b3568b848ca987f9624c5d0495c966
d4a95d0594b3eca2b87a6db0c867f49717ca6f0b2bcf003e77cc3294be8922da
df1df4521252b77b610ca6ed4263c3ee596ddfd4d9887d50d9d744bcd4f7d55b
e3ac527cd57cc7de7204d4a7c5bd7a2bc8407ed8bbab28c914e216312d1896d9
e454bd77b1ac20daa25a0fa9f2811ba4329132b1d090e57b09ae118e9a161912

creamsicle.ju.mp Open in urlscan Pro 104.18.32.215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

79 %HTTPS

33 %IPv6

7 Domains

7 Subdomains

7 IPs

3 Countries

1246 kBTransfer

1559 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

creamsicle.ju.mp Open in urlscan Pro
104.18.32.215 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

79 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

1246 kB
Transfer

1559 kB
Size

0
Cookies

14 HTTP transactions
4 data transactions