urlscan.io logo urlscan.io
SecurityTrails logo

kazuscara.crd.co Open in urlscan Pro
104.18.37.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kazuscara.crd.co/
Effective URL: https://kazuscara.crd.co/
Submission: On November 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 14 HTTP transactions. The main IP is 104.18.37.69, located in and belongs to CLOUDFLARENET, US. The main domain is kazuscara.crd.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 12th 2023. Valid for: a year.
This is the only time kazuscara.crd.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 104.18.37.69 13335 (CLOUDFLAR...)
2 96.43.128.66 19969 (JOESDATAC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.40 2635 (AUTOMATTIC)
3 6 2620:100:6022... 19679 (DROPBOX)
2 172.64.155.41 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 9
3    104.18.37.69 (None, )

ASN13335 (CLOUDFLARENET, US)
kazuscara.crd.co
2    96.43.128.66 (United States)

ASN19969 (JOESDATACENTER, US)
cur.cursors-4u.net
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
static.tumblr.com
6    2620:100:6022:15::a27d:420f (United States)

ASN19679 (DROPBOX, US)
dl.dropbox.com
dl.dropboxusercontent.com
2    172.64.155.41 (United States)

ASN13335 (CLOUDFLARENET, US)
gardenia.ju.mp
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
doc-04-ag-docs.googleusercontent.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
3 dropboxusercontent.com
dl.dropboxusercontent.com — Cisco Umbrella Rank: 17061
28 KB
3 dropbox.com
dl.dropbox.com — Cisco Umbrella Rank: 58158
910 B
3 crd.co
kazuscara.crd.co
122 KB
2 ju.mp
gardenia.ju.mp
14 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
fonts.googleapis.com — Cisco Umbrella Rank: 31
94 KB
2 cursors-4u.net
cur.cursors-4u.net — Cisco Umbrella Rank: 649260
6 KB
1 gstatic.com
fonts.gstatic.com
20 KB
1 googleusercontent.com
doc-04-ag-docs.googleusercontent.com — Cisco Umbrella Rank: 689704
1 google.com
drive.google.com — Cisco Umbrella Rank: 318
1 KB
1 tumblr.com
static.tumblr.com — Cisco Umbrella Rank: 52479
16 KB
14 10
Domain Requested by
3 dl.dropboxusercontent.com kazuscara.crd.co
3 dl.dropbox.com 3 redirects
3 kazuscara.crd.co 1 redirects kazuscara.crd.co
2 gardenia.ju.mp kazuscara.crd.co
2 cur.cursors-4u.net kazuscara.crd.co
1 fonts.gstatic.com fonts.googleapis.com
1 doc-04-ag-docs.googleusercontent.com kazuscara.crd.co
1 drive.google.com 1 redirects
1 static.tumblr.com kazuscara.crd.co
1 fonts.googleapis.com kazuscara.crd.co
1 ajax.googleapis.com kazuscara.crd.co
14 11

This site contains links to these domains. Also see Links.

Domain
www.cursors-4u.com
twitter.com
discord.gg
dni-criteria.carrd.co
Subject Issuer Validity Valid
crd.co
Cloudflare Inc ECC CA-3		 2023-03-12 -
2024-03-11		 a year crt.sh
ani.cursors-4u.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.tumblr.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-17 -
2024-02-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://kazuscara.crd.co/
Frame ID: CB7CB49546841DE7C36C4B2BB02944F8
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

cecil

Page URL History Show full URLs

  1. http://kazuscara.crd.co/ HTTP 301
    https://kazuscara.crd.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

71 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

9
IPs

3
Countries

300 kB
Transfer

520 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kazuscara.crd.co/ HTTP 301
    https://kazuscara.crd.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://dl.dropbox.com/s/vyffmps0ly6ikf4/glenplayer06.js HTTP 302
  • https://dl.dropboxusercontent.com/s/vyffmps0ly6ikf4/glenplayer06.js
Request Chain 9
  • https://dl.dropbox.com/s/xo075bh6tbd4f7d/CP.ttf HTTP 302
  • https://dl.dropboxusercontent.com/s/xo075bh6tbd4f7d/CP.ttf
Request Chain 10
  • https://drive.google.com/uc?export=download&id=1XmAx_d5_XHq7j7csU-UpDgkHb10q6qg6 HTTP 303
  • https://doc-04-ag-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/k0ptmge3k07q64bfc7n7iafu5ujmnp48/1698876525000/00336830571657024458/*/1XmAx_d5_XHq7j7csU-UpDgkHb10q6qg6?e=download&uuid=e2bc4dd0-d12c-4770-9345-68dc678ec5d4
Request Chain 11
  • https://dl.dropbox.com/s/bzbc64oij7f3gse/vinyl-svg.html HTTP 302
  • https://dl.dropboxusercontent.com/s/bzbc64oij7f3gse/vinyl-svg.html

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kazuscara.crd.co/
Redirect Chain
  • http://kazuscara.crd.co/
  • https://kazuscara.crd.co/
46 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kazuscara.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a88c2346094187a65c47a38347a7bbca98ca8ae065359849ae9eddd4a34fe78

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
81f775fbce0e37da-FRA
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 22:09:13 GMT
expires
Wed, 01 Nov 2023 22:09:13 GMT
last-modified
Thu, 26 Oct 2023 02:07:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
81f775f9ea3d6913-FRA
Cache-Control
max-age=0
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 01 Nov 2023 22:09:13 GMT
Expires
Wed, 01 Nov 2023 22:09:13 GMT
Location
https://kazuscara.crd.co/
Server
cloudflare
Transfer-Encoding
chunked
cursor.png
cur.cursors-4u.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.cursors-4u.net/cursor.png
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9f4185f44c07da894dee2b3f016585769af454b43bd06376e13804d88cfc3a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 22:09:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2013 17:33:08 GMT
Server
nginx/1.16.1
ETag
W/"512e4354-4d5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:27:28 GMT
x-content-type-options
nosniff
age
13305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94840
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 18:27:28 GMT
css
fonts.googleapis.com/ 		1 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45c208888238dc9529e14c13a36b63cbc0faabcbc256137e8dcfb5547ce6cbd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Nov 2023 22:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 20:29:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Nov 2023 22:09:13 GMT
feathericons.js
static.tumblr.com/2pnwama/DLppehqvd/ 		63 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/2pnwama/DLppehqvd/feathericons.js
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
996faa1e43fea0697991446f5eaaa57c6246d4b00e0bfed5234494a3511d1f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Wed, 01 Nov 2023 22:09:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload
last-modified
Mon, 03 Sep 2018 17:50:02 GMT
server
nginx
etag
W/"7a037081c08b58d9227edc0af84f9455"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
glenplayer06.js
dl.dropboxusercontent.com/s/vyffmps0ly6ikf4/
Redirect Chain
  • https://dl.dropbox.com/s/vyffmps0ly6ikf4/glenplayer06.js
  • https://dl.dropboxusercontent.com/s/vyffmps0ly6ikf4/glenplayer06.js
1 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/vyffmps0ly6ikf4/glenplayer06.js
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Server
2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
16be6d35670e8a5c0ee21baa8be263017b1fc8a1d8e0c195dff9d071bb33d49d
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date
Wed, 01 Nov 2023 22:09:14 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
3a60a1633f544246bea77b09a9286576
x-dropbox-response-origin
far_remote
content-disposition
inline; filename="glenplayer06.js"; filename*=UTF-8''glenplayer06.js
pragma
public
server
envoy
x-server-response-time
372
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex

Redirect headers

content-security-policy
sandbox
date
Wed, 01 Nov 2023 22:09:13 GMT
content-encoding
gzip
accept-encoding
identity,gzip
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://dl.dropboxusercontent.com/s/vyffmps0ly6ikf4/glenplayer06.js
x-dropbox-request-id
769895d230564e5c979b68882ba6a577
cache-control
no-cache
x-dropbox-response-origin
far_remote
x-robots-tag
noindex, nofollow, noimageindex
image01.jpg
kazuscara.crd.co/assets/images/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kazuscara.crd.co/assets/images/image01.jpg?v=90617a57
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60205d68142949f8fa176f3a0e6b47ed37b5aa8d5ae9092cccf5a6350fb8420f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 22:09:14 GMT
cf-cache-status
MISS
last-modified
Wed, 25 Oct 2023 19:47:10 GMT
server
cloudflare
etag
"1bba8-6088fb89263b8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81f775fe0fa437da-FRA
content-length
113576
expires
Wed, 08 Nov 2023 22:09:14 GMT
79dcdcbf_original.png
gardenia.ju.mp/assets/images/gallery03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gardenia.ju.mp/assets/images/gallery03/79dcdcbf_original.png?v=4aad6e15
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef2502013a1cf23eaeae5ee872c2b04481f4066a494cc3653c131c55ea82490

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 22:09:14 GMT
cf-cache-status
MISS
last-modified
Fri, 09 Sep 2022 03:40:25 GMT
server
cloudflare
etag
"1c6c-5e8364e75fe78"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81f775fedc343639-FRA
content-length
7276
expires
Wed, 08 Nov 2023 22:09:14 GMT
oth665.cur
cur.cursors-4u.net/others/oth-7/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.cursors-4u.net/others/oth-7/oth665.cur
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
cc54b2248c01794e483aacae988ff358ce86cf980ca89face44ed92e742b1535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 22:09:14 GMT
Last-Modified
Wed, 27 Feb 2013 18:26:50 GMT
Server
nginx/1.16.1
ETag
"512e4fea-10be"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286
79dcdcbf_original.png
gardenia.ju.mp/assets/images/gallery03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gardenia.ju.mp/assets/images/gallery03/79dcdcbf_original.png?v=4aad6e15
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef2502013a1cf23eaeae5ee872c2b04481f4066a494cc3653c131c55ea82490

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 22:09:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 03:40:25 GMT
server
cloudflare
age
0
etag
"1c6c-5e8364e75fe78"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81f776026f0e3639-FRA
content-length
7276
expires
Wed, 08 Nov 2023 22:09:14 GMT
CP.ttf
dl.dropboxusercontent.com/s/xo075bh6tbd4f7d/
Redirect Chain
  • https://dl.dropbox.com/s/xo075bh6tbd4f7d/CP.ttf
  • https://dl.dropboxusercontent.com/s/xo075bh6tbd4f7d/CP.ttf
25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/xo075bh6tbd4f7d/CP.ttf
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Server
2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
a202bcfaa3049864faeeec96fae64565437414e3ae2210e180385b0c5253051a
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date
Wed, 01 Nov 2023 22:09:15 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
07d2a52315244c80b64195f912af373b
x-dropbox-response-origin
far_remote
content-disposition
inline; filename="CP.ttf"; filename*=UTF-8''CP.ttf
content-length
25632
pragma
public
server
envoy
etag
1624055441659326n
x-server-response-time
313
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex

Redirect headers

content-security-policy
sandbox
date
Wed, 01 Nov 2023 22:09:14 GMT
content-encoding
gzip
accept-encoding
identity,gzip
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://dl.dropboxusercontent.com/s/xo075bh6tbd4f7d/CP.ttf
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
no-cache
x-dropbox-response-origin
far_remote
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
5eee2d4cb0dc43af9aa5675b74d41c55
1XmAx_d5_XHq7j7csU-UpDgkHb10q6qg6
doc-04-ag-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/k0ptmge3k07q64bfc7n7iafu5ujmnp48/1698876525000/00336830571657024458/*/
Redirect Chain
  • https://drive.google.com/uc?export=download&id=1XmAx_d5_XHq7j7csU-UpDgkHb10q6qg6
  • https://doc-04-ag-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/k0ptmge3k07q64bfc7n7iafu5ujmnp48/1698876525000/00336830571657024458/*/1XmAx_d5_XHq7j7csU-UpDgkHb10q6qg6?e...
139 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://doc-04-ag-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/k0ptmge3k07q64bfc7n7iafu5ujmnp48/1698876525000/00336830571657024458/*/1XmAx_d5_XHq7j7csU-UpDgkHb10q6qg6?e=download&uuid=e2bc4dd0-d12c-4770-9345-68dc678ec5d4
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 22:09:15 GMT
x-content-type-options
nosniff
x-guploader-uploadid
ABPtcPop3pav-YJ34-Uz2rIr4-Pm3QA7O9TDEiRC1F6UjjI-vKzM9TF_o0Y0-tURR8vffxJn1j2LdYasFG1jPLQGC8oZGH0nX-NB
Content-Range
bytes 0-9410487/9410488
content-disposition
attachment; filename="yt1s.com - __ Vivid BAD SQUAD MEIKO_320kbps.mp3"; filename*=UTF-8''yt1s.com%20-%20%E6%9C%88%E5%85%89%20Vivid%20BAD%20SQUAD%20MEIKO_320kbps.mp3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
9410488
last-modified
Sun, 22 Oct 2023 23:15:55 GMT
server
UploadServer
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
x-goog-hash
crc32c=C6W+HQ==
cache-control
private, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, X-Google-EOM, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-353267353-bin, x-goog-ext-353267353-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-359275022-bin, x-goog-ext-328800237-jspb, x-goog-ext-202735639-bin, x-goog-ext-223435598-bin, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, x-goog-maps-api-salt, x-goog-maps-api-signature, x-goog-maps-client-id, X-Goog-Api-Key, x-goog-spanner-database-role, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Android-Cert, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-OidcIdToken, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token, x-rfui-request-context
expires
Wed, 01 Nov 2023 22:09:15 GMT

Redirect headers

date
Wed, 01 Nov 2023 22:09:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-gdUxJrhdPxpmfL7ab4xHbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-04-ag-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/k0ptmge3k07q64bfc7n7iafu5ujmnp48/1698876525000/00336830571657024458/*/1XmAx_d5_XHq7j7csU-UpDgkHb10q6qg6?e=download&uuid=e2bc4dd0-d12c-4770-9345-68dc678ec5d4
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
vinyl-svg.html
dl.dropboxusercontent.com/s/bzbc64oij7f3gse/
Redirect Chain
  • https://dl.dropbox.com/s/bzbc64oij7f3gse/vinyl-svg.html
  • https://dl.dropboxusercontent.com/s/bzbc64oij7f3gse/vinyl-svg.html
2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/bzbc64oij7f3gse/vinyl-svg.html
Requested by
Host: kazuscara.crd.co
URL: https://kazuscara.crd.co/
Protocol
H2
Server
2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
0993863a070cc3c86614def46d45b94087c47908967ca06cd0ffc20c8a153cd5
Security Headers
Name Value
Content-Security-Policy sandbox, report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy sandbox
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kazuscara.crd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
sandbox, report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date
Wed, 01 Nov 2023 22:09:14 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
3de8c2621e1a43a2b3ad162aa4e04f61
x-dropbox-response-origin
far_remote
content-disposition
attachment; filename=vinyl-svg.html
pragma
public
server
envoy
x-server-response-time
382
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex
x-webkit-csp
sandbox
x-content-security-policy
sandbox

Redirect headers

content-security-policy
sandbox
date
Wed, 01 Nov 2023 22:09:14 GMT
content-encoding
gzip
accept-encoding
identity,gzip
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://dl.dropboxusercontent.com/s/bzbc64oij7f3gse/vinyl-svg.html
access-control-expose-headers
Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control
no-cache
x-dropbox-response-origin
far_remote
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
7bef2e6a8101435ebc81093a0e6a761d
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v19/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
996d2f01acc82f075e4de4980849bc80c64fb3756054b5265977636a978728f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kazuscara.crd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 19:51:35 GMT
x-content-type-options
nosniff
age
526659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:54:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 19:51:35 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| core object| __core-js_shared__ object| feather function| _scrollToTop function| _nextScrollPoint function| _previousScrollPoint function| _firstScrollPoint function| _lastScrollPoint function| _nextSection function| _previousSection function| _firstSection function| _lastSection

1 Cookies

Domain/Path Name / Value
.dropboxusercontent.com/ Name: uc_session
Value: JqmRoBiBhXDkdzv58uhYMDEjtgyeGHXKSFepfuNBXUVgF5iVfdLif1mmJnhJ7Wmt