urlscan.io logo urlscan.io
SecurityTrails logo

villv.crd.co Open in urlscan Pro
104.18.37.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://villv.crd.co/
Effective URL: https://villv.crd.co/
Submission: On August 31 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 15 HTTP transactions. The main IP is 104.18.37.69, located in and belongs to CLOUDFLARENET, US. The main domain is villv.crd.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 12th 2024. Valid for: a year.
This is the only time villv.crd.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.18.37.69 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 199.232.192.193 54113 (FASTLY)
1 108.181.20.37 40676 (AS40676)
3 6 2620:100:6050... 19679 (DROPBOX)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 184.105.177.70 6939 (HURRICANE)
2 184.105.177.72 6939 (HURRICANE)
2 192.0.77.3 2635 (AUTOMATTIC)
15 10
3    104.18.37.69 (None, )

ASN13335 (CLOUDFLARENET, US)
villv.crd.co
1    2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    108.181.20.37 (Los Angeles, United States)

ASN40676 (AS40676, US)
files.catbox.moe
6    2620:100:6050:15::a27d:b0f (United States)

ASN19679 (DROPBOX, US)
dl.dropbox.com
dl.dropboxusercontent.com
1    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    184.105.177.70 (United States)

ASN6939 (HURRICANE, US)
PTR: s4.opendrive.com
od.lk
2    184.105.177.72 (United States)

ASN6939 (HURRICANE, US)
PTR: s6.opendrive.com
web.opendrive.com
2    192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
a.tumblr.com
Apex Domain
Subdomains		 Transfer
3 dropboxusercontent.com
dl.dropboxusercontent.com — Cisco Umbrella Rank: 27137
112 KB
3 dropbox.com
dl.dropbox.com — Cisco Umbrella Rank: 64758
1 KB
3 crd.co
villv.crd.co
343 KB
2 tumblr.com
a.tumblr.com — Cisco Umbrella Rank: 670947
16 KB
2 opendrive.com
web.opendrive.com — Cisco Umbrella Rank: 564302
1 od.lk
od.lk — Cisco Umbrella Rank: 369879
508 B
1 gstatic.com
fonts.gstatic.com
14 KB
1 catbox.moe
files.catbox.moe — Cisco Umbrella Rank: 85039
1 MB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7108
625 B
1 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3618
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
6 KB
15 11
Domain Requested by
3 dl.dropboxusercontent.com villv.crd.co
3 dl.dropbox.com 3 redirects
3 villv.crd.co
2 a.tumblr.com villv.crd.co
2 web.opendrive.com villv.crd.co
1 od.lk 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 files.catbox.moe villv.crd.co
1 i.imgur.com villv.crd.co
1 kit.fontawesome.com villv.crd.co
1 fonts.googleapis.com villv.crd.co
15 11
Subject Issuer Validity Valid
crd.co
Cloudflare Inc ECC CA-3		 2024-02-12 -
2024-12-31		 a year crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
catbox.moe
E6		 2024-08-26 -
2024-11-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.tumblr.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-15 -
2024-12-15		 a year crt.sh
*.opendrive.com
Starfield Secure Certificate Authority - G2		 2024-03-26 -
2025-04-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://villv.crd.co/
Frame ID: 29BBD378FD302811E675A89AF3B27E3D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍹

Page URL History Show full URLs

  1. http://villv.crd.co/ HTTP 307
    https://villv.crd.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

15
Requests

73 %
HTTPS

40 %
IPv6

11
Domains

11
Subdomains

10
IPs

2
Countries

1704 kB
Transfer

2883 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://villv.crd.co/ HTTP 307
    https://villv.crd.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://dl.dropbox.com/s/cvba4kh6qm23mru/EmojiFont.ttf HTTP 302
  • https://dl.dropboxusercontent.com/s/cvba4kh6qm23mru/EmojiFont.ttf
Request Chain 8
  • https://dl.dropbox.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf HTTP 302
  • https://dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf
Request Chain 9
  • https://dl.dropbox.com/s/qrdm3wived8sm66/Yipes.ttf HTTP 302
  • https://dl.dropboxusercontent.com/s/qrdm3wived8sm66/Yipes.ttf
Request Chain 11
  • https://od.lk/s/OTVfNTQ0NDg0ODVf/onlymp3.to%20-%20Andora%20-%20Euphoria%20%28feat.%20WaMi%29%20MV%20%E3%80%8E%E3%83%A6%E3%83%BC%E3%83%95%E3%82%A9%E3%83%AA%E3%82%A2%E3%80%8F-WukAfW86zhE-256k-1654256950723.mp3 HTTP 302
  • https://web.opendrive.com/api/v1/download/file.json/OTVfNTQ0NDg0ODVf?temp_key=%A2yr%9A%9D%ED%A3m6%D0%09%DD%A2%B6%B6%D3m%04%BA%98h%AE%26%B6%D3o%1Fy%ABv%D1f%8C%8Bov%D0%C5v%D0M%FC%D3%C1%04%DF%CD%C0%E8M%FC%DC%10%84%DF%CD%FD%E4M%FC%D8%0FD%DF%CD%C0%00M%FC%D8%84%DF%CD%3C%15k%A4%01%F5%BC%EB8D%DB%9E%A4%D7%AEx%DB%9E%BD%E7N%F6%DEjw&inline=1

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
villv.crd.co/
Redirect Chain
  • http://villv.crd.co/
  • https://villv.crd.co/
73 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://villv.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018f40d8160d3e2276770579a19eb477e289896f9e6189428e8f2a59b9630dd2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
8bbcd13449e82ae9-LAX
content-encoding
gzip
content-type
text/html
date
Sat, 31 Aug 2024 11:52:56 GMT
expires
Sat, 31 Aug 2024 11:52:55 GMT
last-modified
Wed, 07 Jun 2023 22:44:05 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://villv.crd.co/
Non-Authoritative-Reason
HttpsUpgrades
truncated
/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d62b3c2c97fa213fd653ab0bbfeb47738fc8ede82b249b47e2358c866c9266d1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
css2
fonts.googleapis.com/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans&family=DM+Serif+Display&family=Tsukimi+Rounded&display=swap
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
92ed6c4f6a7f35fe65611124f1c8b5006f6ef29f633403e47e4421720ca8e970
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://villv.crd.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 31 Aug 2024 11:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 31 Aug 2024 11:52:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 31 Aug 2024 11:52:56 GMT
286ffe3d3f.js
kit.fontawesome.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/286ffe3d3f.js
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://villv.crd.co/
Origin
https://villv.crd.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 11:52:56 GMT
cf-cache-status
MISS
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
vary
Accept-Encoding
cf-ray
8bbcd13808140fc9-LAX
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
content-length
22
x-request-id
F_DOBJWsVsV0GyBzAjgh
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0465bbb2d493675942e9511a1133a7cf7831b35ea7ce7c4117d9056a01ddb8c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
2qleX.jpg
i.imgur.com/ 		194 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/2qleX.jpg
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
2abb805346747376f737df731c09183162c84862cbe3a437d9a6b2e0891a0a0b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://villv.crd.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 11:52:56 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1553986
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront, HIT, HIT
content-length
194
x-served-by
cache-iad-kiad7000111-IAD, cache-lax-kwhp1940039-LAX
last-modified
Thu, 10 Nov 2011 07:12:21 GMT
server
cat factory 1.0
x-timer
S1725105177.776995,VS0,VE1
etag
"232c090ebdd37ae4bc17adb54e1e0344"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wvqo6Ht-i9OLmLCKCXkWBGWnZMPELl9_-gPPTMeHLhRywClqOlVdCA==
x-cache-hits
1477, 0
rt8tzu.png
files.catbox.moe/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.catbox.moe/rt8tzu.png
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.181.20.37 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS
Software
nginx /
Resource Hash
aaa0fb0856ea865d7add78605c8cd00170aa5e19a711d263bcbe1ef907c51874
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

Referer
https://villv.crd.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 11:52:56 GMT
content-security-policy
default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Wed, 07 Jun 2023 22:43:52 GMT
server
nginx
etag
"64810828-12e58d"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
1238413
EmojiFont.ttf
dl.dropboxusercontent.com/s/cvba4kh6qm23mru/
Redirect Chain
  • https://dl.dropbox.com/s/cvba4kh6qm23mru/EmojiFont.ttf
  • https://dl.dropboxusercontent.com/s/cvba4kh6qm23mru/EmojiFont.ttf
25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/cvba4kh6qm23mru/EmojiFont.ttf
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Server
2620:100:6050:15::a27d:b0f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
5732f6b2460af4d4daaac6a3813c15be75f4819553582eaf4be42301ac5c42f6
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://villv.crd.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date
Sat, 31 Aug 2024 11:52:58 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
c245ed9d34374d3bbd977c4ae035f5d9
x-dropbox-response-origin
far_remote
content-disposition
inline; filename="EmojiFont.ttf"; filename*=UTF-8''EmojiFont.ttf
content-length
25692
pragma
public
server
envoy
etag
1633870161819750n
x-server-response-time
329
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex

Redirect headers

content-security-policy
sandbox
date
Sat, 31 Aug 2024 11:52:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
envoy
vary
Accept-Encoding
content-type
text/html; charset=utf8
access-control-allow-origin
*
location
https://dl.dropboxusercontent.com/s/cvba4kh6qm23mru/EmojiFont.ttf
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
no-cache
x-dropbox-response-origin
far_remote
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
a00479acf93e43b7adba59c3d66d68da
SakeMoru-Regular.ttf
dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/
Redirect Chain
  • https://dl.dropbox.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf
  • https://dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf
34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Server
2620:100:6050:15::a27d:b0f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
3553963ce3db0350ae46c61fd3ff5c5ab27eaa7edb7f48a416e0c85478e00743
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://villv.crd.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date
Sat, 31 Aug 2024 11:52:58 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
ad533ee820b54d92981de51132cbd310
x-dropbox-response-origin
far_remote
content-disposition
inline; filename="SakeMoru-Regular.ttf"; filename*=UTF-8''SakeMoru-Regular.ttf
content-length
35164
pragma
public
server
envoy
etag
1638935108836684n
x-server-response-time
389
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex

Redirect headers

content-security-policy
sandbox
date
Sat, 31 Aug 2024 11:52:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
envoy
vary
Accept-Encoding
content-type
text/html; charset=utf8
access-control-allow-origin
*
location
https://dl.dropboxusercontent.com/s/ktlx5w7t8gk42nb/SakeMoru-Regular.ttf
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
no-cache
x-dropbox-response-origin
far_remote
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
b9477d565b004006b3f99fbe3288a14f
Yipes.ttf
dl.dropboxusercontent.com/s/qrdm3wived8sm66/
Redirect Chain
  • https://dl.dropbox.com/s/qrdm3wived8sm66/Yipes.ttf
  • https://dl.dropboxusercontent.com/s/qrdm3wived8sm66/Yipes.ttf
52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/qrdm3wived8sm66/Yipes.ttf
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Server
2620:100:6050:15::a27d:b0f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
e4024870bbc023193d023405a82b6dabf71292d64dce5384f14a4f792a3bd257
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://villv.crd.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date
Sat, 31 Aug 2024 11:52:58 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
40f96bfd4ed34234b531ce7663434935
x-dropbox-response-origin
far_remote
content-disposition
inline; filename="Yipes.ttf"; filename*=UTF-8''Yipes.ttf
content-length
52884
pragma
public
server
envoy
etag
1632115549300851n
x-server-response-time
378
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex

Redirect headers

content-security-policy
sandbox
date
Sat, 31 Aug 2024 11:52:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
envoy
vary
Accept-Encoding
content-type
text/html; charset=utf8
access-control-allow-origin
*
location
https://dl.dropboxusercontent.com/s/qrdm3wived8sm66/Yipes.ttf
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
no-cache
x-dropbox-response-origin
far_remote
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
6495cb79da4743d3a2ccb6c97e0e97ac
rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2
fonts.gstatic.com/s/dmsans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans&family=DM+Serif+Display&family=Tsukimi+Rounded&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a71e519e44faaa2a518544f31c899590cd80076d09814d015b69e64dd9202128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://villv.crd.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 09:09:44 GMT
x-content-type-options
nosniff
age
96194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14116
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 23:59:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 09:09:44 GMT
OTVfNTQ0NDg0ODVf
web.opendrive.com/api/v1/download/file.json/
Redirect Chain
  • https://od.lk/s/OTVfNTQ0NDg0ODVf/onlymp3.to%20-%20Andora%20-%20Euphoria%20%28feat.%20WaMi%29%20MV%20%E3%80%8E%E3%83%A6%E3%83%BC%E3%83%95%E3%82%A9%E3%83%AA%E3%82%A2%E3%80%8F-WukAfW86zhE-256k-1654256...
  • https://web.opendrive.com/api/v1/download/file.json/OTVfNTQ0NDg0ODVf?temp_key=%A2yr%9A%9D%ED%A3m6%D0%09%DD%A2%B6%B6%D3m%04%BA%98h%AE%26%B6%D3o%1Fy%ABv%D1f%8C%8Bov%D0%C5v%D0M%FC%D3%C1%04%DF%CD%C0%E8...
960 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://web.opendrive.com/api/v1/download/file.json/OTVfNTQ0NDg0ODVf?temp_key=%A2yr%9A%9D%ED%A3m6%D0%09%DD%A2%B6%B6%D3m%04%BA%98h%AE%26%B6%D3o%1Fy%ABv%D1f%8C%8Bov%D0%C5v%D0M%FC%D3%C1%04%DF%CD%C0%E8M%FC%DC%10%84%DF%CD%FD%E4M%FC%D8%0FD%DF%CD%C0%00M%FC%D8%84%DF%CD%3C%15k%A4%01%F5%BC%EB8D%DB%9E%A4%D7%AEx%DB%9E%BD%E7N%F6%DEjw&inline=1
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Server
184.105.177.72 , United States, ASN6939 (HURRICANE, US),
Reverse DNS
s6.opendrive.com
Software
/ PHP/7.4.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://villv.crd.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sat, 31 Aug 2024 11:52:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-powered-by
PHP/7.4.33
serverid
s6
content-type
audio/mpeg
access-control-allow-origin
*
content-range
bytes 0-6650924/6650925
cache-control
must-revalidate, post-check=0, pre-check=0, private
content-transfer-encoding
binary
content-disposition
inline; filename*=UTF-8''onlymp3.to%20-%20Andora%20-%20Euphoria%20%28feat.%20WaMi%29%20MV%20%E3%80%8E%E3%83%A6%E3%83%BC%E3%83%95%E3%82%A9%E3%83%AA%E3%82%A2%E3%80%8F-WukAfW86zhE-256k-1654256950723.mp3
accept-ranges
bytes
content-length
6650925
expires
Mon, 30 Sep 2024 11:52:58 GMT

Redirect headers

date
Sat, 31 Aug 2024 11:52:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-powered-by
PHP/7.4.33
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
https://web.opendrive.com/api/v1/download/file.json/OTVfNTQ0NDg0ODVf?temp_key=%A2yr%9A%9D%ED%A3m6%D0%09%DD%A2%B6%B6%D3m%04%BA%98h%AE%26%B6%D3o%1Fy%ABv%D1f%8C%8Bov%D0%C5v%D0M%FC%D3%C1%04%DF%CD%C0%E8M%FC%DC%10%84%DF%CD%FD%E4M%FC%D8%0FD%DF%CD%C0%00M%FC%D8%84%DF%CD%3C%15k%A4%01%F5%BC%EB8D%DB%9E%A4%D7%AEx%DB%9E%BD%E7N%F6%DEjw&inline=1
x-fastcgi-cache
HIT
cache-control
no-cache, max-age=0, s-max-age=0, must-revalidate, no-store
tumblr_ojrn7aGBii1w2e2oyo1.mp3
a.tumblr.com/ 		3 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://a.tumblr.com/tumblr_ojrn7aGBii1w2e2oyo1.mp3
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9e5b749ba2e5d7a16b23b29e357ebd57fe890cbb5e3a7ae9dc0111281ac9617d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://villv.crd.co/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-nc
HIT bur 6
date
Sat, 31 Aug 2024 11:52:58 GMT
strict-transport-security
max-age=31536000; preload
last-modified
Sat, 14 Jan 2017 10:45:11 GMT
server
nginx
etag
"88313cc03bea3998fd2f31b4b49a4518"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
audio/mpeg
access-control-allow-origin
*
Content-Range
bytes 0-2805/2806
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
Content-Length
2806
expires
Thu, 31 Dec 2037 23:55:55 GMT
tumblr_ojrmy55yUN1w2e2oyo1.mp3
a.tumblr.com/ 		13 KB
13 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://a.tumblr.com/tumblr_ojrmy55yUN1w2e2oyo1.mp3
Requested by
Host: villv.crd.co
URL: https://villv.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bfd454a9121919e1d93ae74044bda8ee7ebd090055b8a23e26aec97beab45e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://villv.crd.co/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-nc
HIT bur 5
date
Sat, 31 Aug 2024 11:52:58 GMT
strict-transport-security
max-age=31536000; preload
last-modified
Sat, 14 Jan 2017 10:39:42 GMT
server
nginx
etag
"9ecc97d5355c94365d089a642b8f84a8"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
audio/mpeg
access-control-allow-origin
*
Content-Range
bytes 0-12836/12837
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
Content-Length
12837
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b575d98430085801f1ed76fe219e8f2feea4f9d90cd076c926875f11b01c9c1d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
image01.png
villv.crd.co/assets/images/ 		323 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villv.crd.co/assets/images/image01.png?v=0ed36465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b9a7608ee1f1c7c7690156e708b300e5f78e0761c744a36b3fbd9caf260ee2

Request headers

Referer
https://villv.crd.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 11:52:59 GMT
cf-cache-status
MISS
last-modified
Fri, 02 Jun 2023 09:51:21 GMT
server
cloudflare
etag
"50dff-5fd227ecb33f8"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bbcd14a7cc52ae9-LAX
content-length
331263
expires
Sat, 07 Sep 2024 11:52:59 GMT
favicon.ico
villv.crd.co/ 		637 B
564 B 		Other
General
Check archive.org
Download Go to
Full URL
https://villv.crd.co/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219e5ae2778f7c3e1a9a0609f5f465a4fa58a9cf0655657d9274b3c5bd043671

Request headers

Referer
https://villv.crd.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 11:52:59 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
cache-control
public, max-age=14400
cf-ray
8bbcd14a7cc92ae9-LAX
expires
Sat, 31 Aug 2024 15:52:59 GMT
OTVfNTQ0NDg0ODVf
web.opendrive.com/api/v1/download/file.json/ 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://web.opendrive.com/api/v1/download/file.json/OTVfNTQ0NDg0ODVf?temp_key=%A2yr%9A%9D%ED%A3m6%D0%09%DD%A2%B6%B6%D3m%04%BA%98h%AE%26%B6%D3o%1Fy%ABv%D1f%8C%8Bov%D0%C5v%D0M%FC%D3%C1%04%DF%CD%C0%E8M%FC%DC%10%84%DF%CD%FD%E4M%FC%D8%0FD%DF%CD%C0%00M%FC%D8%84%DF%CD%3C%15k%A4%01%F5%BC%EB8D%DB%9E%A4%D7%AEx%DB%9E%BD%E7N%F6%DEjw&inline=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.105.177.72 , United States, ASN6939 (HURRICANE, US),
Reverse DNS
s6.opendrive.com
Software
/ PHP/7.4.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://villv.crd.co/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=983040-

Response headers

pragma
public
date
Sat, 31 Aug 2024 11:53:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-powered-by
PHP/7.4.33
serverid
s6
content-type
audio/mpeg
access-control-allow-origin
*
Content-Range
bytes 983040-6650924/6650925
cache-control
must-revalidate, post-check=0, pre-check=0, private
content-transfer-encoding
binary
content-disposition
inline; filename*=UTF-8''onlymp3.to%20-%20Andora%20-%20Euphoria%20%28feat.%20WaMi%29%20MV%20%E3%80%8E%E3%83%A6%E3%83%BC%E3%83%95%E3%82%A9%E3%83%AA%E3%82%A2%E3%80%8F-WukAfW86zhE-256k-1654256950723.mp3
accept-ranges
bytes
Content-Length
5667885
expires
Mon, 30 Sep 2024 11:53:03 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5_audiotypes function| createsoundbite object| mouseoversound object| clicksound object| b string| imgurl object| size function| rand function| getSize function| lerp function| heart function| bro function| _scrollToTop

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://kit.fontawesome.com/286ffe3d3f.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://villv.crd.co/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tumblr.com
dl.dropbox.com
dl.dropboxusercontent.com
files.catbox.moe
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
kit.fontawesome.com
od.lk
villv.crd.co
web.opendrive.com
104.18.37.69
108.181.20.37
184.105.177.70
184.105.177.72
192.0.77.3
199.232.192.193
2606:4700:4400::6812:2844
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::2003
2620:100:6050:15::a27d:b0f
018f40d8160d3e2276770579a19eb477e289896f9e6189428e8f2a59b9630dd2
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011
219e5ae2778f7c3e1a9a0609f5f465a4fa58a9cf0655657d9274b3c5bd043671
2abb805346747376f737df731c09183162c84862cbe3a437d9a6b2e0891a0a0b
3553963ce3db0350ae46c61fd3ff5c5ab27eaa7edb7f48a416e0c85478e00743
5732f6b2460af4d4daaac6a3813c15be75f4819553582eaf4be42301ac5c42f6
77b9a7608ee1f1c7c7690156e708b300e5f78e0761c744a36b3fbd9caf260ee2
92ed6c4f6a7f35fe65611124f1c8b5006f6ef29f633403e47e4421720ca8e970
9e5b749ba2e5d7a16b23b29e357ebd57fe890cbb5e3a7ae9dc0111281ac9617d
a71e519e44faaa2a518544f31c899590cd80076d09814d015b69e64dd9202128
aaa0fb0856ea865d7add78605c8cd00170aa5e19a711d263bcbe1ef907c51874
b0465bbb2d493675942e9511a1133a7cf7831b35ea7ce7c4117d9056a01ddb8c
b575d98430085801f1ed76fe219e8f2feea4f9d90cd076c926875f11b01c9c1d
bfd454a9121919e1d93ae74044bda8ee7ebd090055b8a23e26aec97beab45e29
d62b3c2c97fa213fd653ab0bbfeb47738fc8ede82b249b47e2358c866c9266d1
e4024870bbc023193d023405a82b6dabf71292d64dce5384f14a4f792a3bd257