www.kotayamatko.co.bh4r6.com.cn Open in urlscan Pro
47.87.129.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.kotayamatko.co.bh4r6.com.cn/
Submission: On March 02 via api (March 2nd 2023, 4:02:51 am UTC) from JP — Scanned from JP

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 47.87.129.76, located in United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is www.kotayamatko.co.bh4r6.com.cn.

This is the only time www.kotayamatko.co.bh4r6.com.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	47.87.129.76 47.87.129.76	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
4	104.17.108.108 104.17.108.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.207.10 142.250.207.10	15169 (GOOGLE) (GOOGLE)
1	142.251.42.202 142.251.42.202	15169 (GOOGLE) (GOOGLE)
1	142.251.222.3 142.251.222.3	15169 (GOOGLE) (GOOGLE)
8	5

1 47.87.129.76 (United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)

www.kotayamatko.co.bh4r6.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.108.108 (None, )

ASN13335 (CLOUDFLARENET, US)

connect.bitdefender.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.207.10 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.202 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.222.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	bitdefender.net connect.bitdefender.net	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 ajax.googleapis.com — Cisco Umbrella Rank: 306	62 KB
1	gstatic.com fonts.gstatic.com	21 KB
1	bh4r6.com.cn www.kotayamatko.co.bh4r6.com.cn	837 B
8	4

	Domain	Requested by
4	connect.bitdefender.net	www.kotayamatko.co.bh4r6.com.cn connect.bitdefender.net
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	connect.bitdefender.net
1	fonts.googleapis.com	connect.bitdefender.net
1	www.kotayamatko.co.bh4r6.com.cn
8	5

This site contains no links.

Subject Issuer	Validity	Valid
*.bitdefender.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-10` - `2023-11-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.kotayamatko.co.bh4r6.com.cn/
Frame ID: 0457D74CCB82CC9F3E643FBAE585852B
Requests: 1 HTTP requests in this frame

Frame: https://connect.bitdefender.net/page_blocked_ng.html?reason=phishing&source=http%3A%2F%2Fwww.kotayamatko.co.bh4r6.com.cn%2F
Frame ID: B84C39CE01BAD5E62FD78760FCA26A01
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

91 kB
Transfer

211 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.kotayamatko.co.bh4r6.com.cn/ 704 B
837 B 1741ms
241ms Document
text/html 47.87.129.76
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kotayamatko.co.bh4r6.com.cn/
Protocol: HTTP/1.1
Server: 47.87.129.76 , United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: /
Resource Hash: 2c3d12f182896cf742c51e006cf56bb9d327ef1ea37d8c73779e9b95019cc77f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: public, max-age=0
Connection: close
Content-Length: 704
Content-Type: text/html; charset=UTF-8

GET
H2 200 page_blocked_ng.html Show response
connect.bitdefender.net/ Frame B84C 1 KB
2 KB 1626ms
1218ms Document
text/html 104.17.108.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bitdefender.net/page_blocked_ng.html?reason=phishing&source=http%3A%2F%2Fwww.kotayamatko.co.bh4r6.com.cn%2F

Requested by

Host: www.kotayamatko.co.bh4r6.com.cn
URL: http://www.kotayamatko.co.bh4r6.com.cn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.108.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eab643b22262026a999c057562e44e1464727a7ac61f62ba37ed3adea1ac914

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.kotayamatko.co.bh4r6.com.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7a16bef04f5019c5-KIX
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
content-type: text/html
date: Thu, 02 Mar 2023 04:02:45 GMT
expires: Thu, 02 Mar 2023 04:02:44 GMT
last-modified: Mon, 13 Dec 2021 13:43:16 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-security-policy: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
x-content-type-options: nosniff
x-webkit-csp: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame B84C 2 KB
839 B 548ms
94ms Stylesheet
text/css 142.250.207.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant:400,700

Requested by

Host: connect.bitdefender.net
URL: https://connect.bitdefender.net/page_blocked_ng.html?reason=phishing&source=http%3A%2F%2Fwww.kotayamatko.co.bh4r6.com.cn%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f10.1e100.net

Software

ESF /

Resource Hash

0580cb113361669e11bbbf27f3a398c82b8867a0ec74a8db2096a3110967aa80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://connect.bitdefender.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 04:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 04:02:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 04:02:45 GMT

GET
H2 200 page_blocked_ng.css
connect.bitdefender.net/ Frame B84C 1 KB
582 B 60ms
58ms Stylesheet
text/css 104.17.108.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bitdefender.net/page_blocked_ng.css

Requested by

Host: connect.bitdefender.net
URL: https://connect.bitdefender.net/page_blocked_ng.html?reason=phishing&source=http%3A%2F%2Fwww.kotayamatko.co.bh4r6.com.cn%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.108.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc517f64c60c41ec18e43e80924cc9e6a2bc659812960477b4ce66cd6d6f0a4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://connect.bitdefender.net/page_blocked_ng.html?reason=phishing&source=http%3A%2F%2Fwww.kotayamatko.co.bh4r6.com.cn%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
date: Thu, 02 Mar 2023 04:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
cf-cache-status: HIT
content-encoding: gzip
age: 175408
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Dec 2021 13:43:16 GMT
server: cloudflare
etag: W/"61b74df4-52c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7a16bef7feb519c5-KIX
x-webkit-csp: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
expires: Fri, 01 Mar 2024 04:02:45 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.8.2/ Frame B84C 173 KB
61 KB 550ms
88ms Script
text/javascript 142.251.42.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.8.2/angular.min.js

Requested by

Host: connect.bitdefender.net
URL: https://connect.bitdefender.net/page_blocked_ng.html?reason=phishing&source=http%3A%2F%2Fwww.kotayamatko.co.bh4r6.com.cn%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f10.1e100.net

Software

sffe /

Resource Hash

24103af48b9ee0409c9178cd92eba5dc3cdf0c76827b7c265c4f6f681b4dc176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://connect.bitdefender.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62297
x-xss-protection: 0
last-modified: Tue, 27 Oct 2020 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 20:06:46 GMT

GET
H2 200 page_blocked_ng.js Show response
connect.bitdefender.net/ Frame B84C 1 KB
695 B 77ms
76ms Script
application/javascript 104.17.108.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bitdefender.net/page_blocked_ng.js

Requested by

Host: connect.bitdefender.net
URL: https://connect.bitdefender.net/page_blocked_ng.html?reason=phishing&source=http%3A%2F%2Fwww.kotayamatko.co.bh4r6.com.cn%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.108.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64b56dc52b3f53e56539e35e27fdd10c538b93ce436af4e3f1c06eb1145868ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://connect.bitdefender.net/page_blocked_ng.html?reason=phishing&source=http%3A%2F%2Fwww.kotayamatko.co.bh4r6.com.cn%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
date: Thu, 02 Mar 2023 04:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
cf-cache-status: HIT
content-encoding: gzip
age: 175408
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Dec 2021 13:43:16 GMT
server: cloudflare
etag: W/"61b74df4-4f0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7a16bef82eca19c5-KIX
x-webkit-csp: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
expires: Fri, 01 Mar 2024 04:02:45 GMT

GET
H2 200 page_blocked_ng.svg
connect.bitdefender.net/ Frame B84C 11 KB
5 KB 55ms
55ms Image
image/svg+xml 104.17.108.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.bitdefender.net/page_blocked_ng.svg

Requested by

Host: connect.bitdefender.net
URL: https://connect.bitdefender.net/page_blocked_ng.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.108.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a8daa6100a1e8591a4dee9f518a309c98223e575c14b4d3a45d74e0cfcba30e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://connect.bitdefender.net/page_blocked_ng.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
date: Thu, 02 Mar 2023 04:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
cf-cache-status: HIT
content-encoding: gzip
age: 175407
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Dec 2021 13:43:16 GMT
server: cloudflare
etag: W/"61b74df4-2cab"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 7a16befbca1219c5-KIX
x-webkit-csp: default-src 'self'; connect-src 'self' https://nimbus.bitdefender.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://central.bitdefender.com; media-src 'self'; frame-src 'self'; font-src 'self' https://fonts.gstatic.com
expires: Sat, 01 Apr 2023 04:02:45 GMT

GET
H2 200 2sDcZGJYnIjSi6H75xkzaGW5.woff2
fonts.gstatic.com/s/assistant/v18/ Frame B84C 20 KB
21 KB 532ms
76ms Font
font/woff2 142.251.222.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f3.1e100.net

Software

sffe /

Resource Hash

36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bitdefender.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 02:25:17 GMT
x-content-type-options: nosniff
age: 5849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20608
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:46:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 02:25:17 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless string| url object| reason

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.bitdefender.net
fonts.googleapis.com
fonts.gstatic.com
www.kotayamatko.co.bh4r6.com.cn
104.17.108.108
142.250.207.10
142.251.222.3
142.251.42.202
47.87.129.76
0580cb113361669e11bbbf27f3a398c82b8867a0ec74a8db2096a3110967aa80
24103af48b9ee0409c9178cd92eba5dc3cdf0c76827b7c265c4f6f681b4dc176
2c3d12f182896cf742c51e006cf56bb9d327ef1ea37d8c73779e9b95019cc77f
36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026
4eab643b22262026a999c057562e44e1464727a7ac61f62ba37ed3adea1ac914
5a8daa6100a1e8591a4dee9f518a309c98223e575c14b4d3a45d74e0cfcba30e
64b56dc52b3f53e56539e35e27fdd10c538b93ce436af4e3f1c06eb1145868ea
bc517f64c60c41ec18e43e80924cc9e6a2bc659812960477b4ce66cd6d6f0a4f

www.kotayamatko.co.bh4r6.com.cn Open in urlscan Pro 47.87.129.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

91 kBTransfer

211 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

www.kotayamatko.co.bh4r6.com.cn Open in urlscan Pro
47.87.129.76 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

91 kB
Transfer

211 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions