urlscan.io logo urlscan.io
SecurityTrails logo

w1.villainto-kill.com Open in urlscan Pro
172.67.170.14  Public Scan

Go To Rescan Add Verdict Report
URL: https://w1.villainto-kill.com/
Submission: On June 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 31 HTTP transactions. The main IP is 172.67.170.14, located in United States and belongs to CLOUDFLARENET, US. The main domain is w1.villainto-kill.com.
TLS certificate: Issued by WE1 on June 21st 2024. Valid for: 3 months.
This is the only time w1.villainto-kill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 172.67.170.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 172.240.108.68 7979 (SERVERS-COM)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
31 6
19    172.67.170.14 (United States)

ASN13335 (CLOUDFLARENET, US)
w1.villainto-kill.com
villainto-kill.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    172.240.108.68 (United States)

ASN7979 (SERVERS-COM, US)
www.highcpmcreativeformat.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
19 villainto-kill.com
w1.villainto-kill.com
villainto-kill.com
388 KB
7 highcpmcreativeformat.com
www.highcpmcreativeformat.com — Cisco Umbrella Rank: 403553
4 gstatic.com
fonts.gstatic.com
111 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
31 5
Domain Requested by
18 w1.villainto-kill.com w1.villainto-kill.com
7 www.highcpmcreativeformat.com w1.villainto-kill.com
4 fonts.gstatic.com fonts.googleapis.com
1 www.youtube.com w1.villainto-kill.com
1 villainto-kill.com 1 redirects
1 fonts.googleapis.com w1.villainto-kill.com
31 6

This site contains links to these domains. Also see Links.

Domain
www.webtoons.com
wordpress.org
foxland.fi
Subject Issuer Validity Valid
villainto-kill.com
WE1		 2024-06-21 -
2024-09-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
highcpmcreativeformat.com
R10		 2024-06-17 -
2024-09-15		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://w1.villainto-kill.com/
Frame ID: 37324B8D14A24494586D1C76849D3497
Requests: 31 HTTP requests in this frame

Frame: https://www.youtube.com/embed/1ummW-fcFUU?feature=oembed
Frame ID: 8EF1ACF1C4A89C093629C7E848474C2F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Villain to Kill Manga Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

31
Requests

97 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

514 kB
Transfer

888 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://villainto-kill.com/wp-content/uploads/2023/05/cropped-70CD8C9F-CBAE-4DAC-B6F1-7051AAF947FF.jpeg HTTP 301
  • https://w1.villainto-kill.com/wp-content/uploads/2023/05/cropped-70CD8C9F-CBAE-4DAC-B6F1-7051AAF947FF.jpeg

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
w1.villainto-kill.com/ 		61 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
eb23aa9e6edce4240f49ec515291c0f8ee25a15ecfb638e8cdb2a767bc41abb0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
89a25ab44e949136-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 03:29:43 GMT
expires
Thu, 27 Jun 2024 03:29:43 GMT
last-modified
Wed, 26 Jun 2024 21:32:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQq5vFspwN%2BSQASbRVxLLYhVYqeApz4gVzCvKiRdl01yaTxnGzs7DUg%2BApqVh2c3VWRKU2yzPSW2Xb9bx4PMhMngwceVBj4MG7D6SoJ2u85r4joj79tVh2Qolh74Vcc%2BusC8fpZflMk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext&display=swap
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c79a6bb0af63488ce6dc5b03c8b9c6ef8d70df81c8bd206d0ef48f43ee5732a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 03:29:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jun 2024 03:29:43 GMT
cropped-70CD8C9F-CBAE-4DAC-B6F1-7051AAF947FF.jpeg
w1.villainto-kill.com/wp-content/uploads/2023/05/
Redirect Chain
  • https://villainto-kill.com/wp-content/uploads/2023/05/cropped-70CD8C9F-CBAE-4DAC-B6F1-7051AAF947FF.jpeg
  • https://w1.villainto-kill.com/wp-content/uploads/2023/05/cropped-70CD8C9F-CBAE-4DAC-B6F1-7051AAF947FF.jpeg
101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w1.villainto-kill.com/wp-content/uploads/2023/05/cropped-70CD8C9F-CBAE-4DAC-B6F1-7051AAF947FF.jpeg
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b5896647ce3abb41e4f7a9f857ac6ab2c3b824f6451f4530d914794dcf30f9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://w1.villainto-kill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28684
alt-svc
h3=":443"; ma=86400
content-length
103752
last-modified
Fri, 05 May 2023 03:16:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eC4ejTGch3LSJcoP2IT%2Fk0kiwyCYyddsV%2FEDrkeqyroP18j8GHAR2a%2FQv2bZOfH8X5IHnJnuprMDJLcEgPCoVMrXD3GsXXnCP%2Bivnyywbc5NQmWoWyRng3rnnUFtOMTcFPHhUn7KPwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
89a25ab8397c9136-FRA
expires
Thu, 24 Oct 2024 19:31:39 GMT

Redirect headers

date
Thu, 27 Jun 2024 03:29:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIhAOCip%2BlRRdkqH8CfpN5Hocvbh8Yhwf6ogQm9sp6gt7nD0xJFTi0pt7xuFgrFsQoMHnswLTO%2BJ%2BvzcQ5aAyP%2BqA6GOMZo8NjoBL%2FzbTjL%2BlthIqqhgJqC44QBEl7EFkQ9qPeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://w1.villainto-kill.com/wp-content/uploads/2023/05/cropped-70CD8C9F-CBAE-4DAC-B6F1-7051AAF947FF.jpeg
cache-control
max-age=3600
cf-ray
89a25ab728a79136-FRA
alt-svc
h3=":443"; ma=86400
content-length
167
expires
Thu, 27 Jun 2024 04:29:43 GMT
style.min.css
w1.villainto-kill.com/wp-includes/css/dist/block-library/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 26 Jun 2024 13:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXTngC5PMpVNUxwLIm4fF5k6CmJuzZKOS6Tkto50n2sDcwnpNZEzqPbYuIuF35pNAQMRoQJRDmNddZbAlJ08wfICfMT4phqIbInlF3Ir0Ct9PPquPP62HzWZTORJPueS%2Bf%2FM5JRA9Cg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab6e87d9136-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 27 Jun 2025 03:29:43 GMT
front.css
w1.villainto-kill.com/wp-content/plugins/simple-social-buttons/assets/css/ 		96 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/plugins/simple-social-buttons/assets/css/front.css?ver=5.1.3
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
767c2f6c69bd4ad04353b55d51d851b3e12bdf31133d7e7d9b90caa828753c15

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jun 2024 13:28:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28685
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwo7W6qp%2F35yNvpEGsj2aXh8fKlbVrM76OH4c3oOho20z3RSqpasMD%2F90QnVSmnF89Blsx%2F%2BHmpQhzTkjZQo1ZxklMhJcK9B3wz1o3RrGg%2B9ByT5X4G82%2Fbfhd144FrxRZl5cZk9EB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab6e87f9136-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 26 Jun 2025 19:31:38 GMT
widgets-on-pages-public.css
w1.villainto-kill.com/wp-content/plugins/widgets-on-pages/public/css/ 		83 B
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/plugins/widgets-on-pages/public/css/widgets-on-pages-public.css?ver=1.4.0
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4331958938b7c1c57a67d7b16bf9f90b27b99842f80517b27d99def1f643a73

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 10:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28685
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lv4iKERgJN2GPI%2BcmZ1drfgNHUu%2FdB%2F0vthxAtCA9qVUqSgW%2FJhKGtr97HSyspqVf84VLuOzUypDcJP7MR3vqpxEtJO44ejkeoI5q0U753arYdOaPUdd%2Fh0PYvmSiWZAJHqsCufTV%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab6e8809136-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 26 Jun 2025 19:31:38 GMT
genericons.min.css
w1.villainto-kill.com/wp-content/themes/toivo-lite/fonts/genericons/genericons/ 		25 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/themes/toivo-lite/fonts/genericons/genericons/genericons.min.css?ver=3.3
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60dd61f6082bdbbe685019e397738bc0c56c6d4407854b734745de7be0b13ee9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 May 2023 03:03:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28685
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2F0BaFP6T4TsxWd0OHapNbO6d1t7OhR%2BOvZSHrxYqtIyzL4zlZJW2ZQm6V8ro40jNs4vg83mGKqUZVqKu89ydwakgf7TDT0A0FS6QjnnMkbmH1DmXxgYDAeXSYf267dMP2T2H49Vy%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab6e8819136-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 26 Jun 2025 19:31:38 GMT
style.css
w1.villainto-kill.com/wp-content/themes/toivo-lite/ 		72 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/themes/toivo-lite/style.css?ver=1.2.0
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1dc59cc874621059f524fee4c366abb96f3aaf7ee44f115f5769053de5baf35

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 May 2023 03:03:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28685
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5tJ%2Bon%2FZ6SAjM1LdRf8JPinLoPE1y%2BgxbpUhprWUP%2BOTvReIov03pxc52BmwjRVunXNhmkBMSSYWeQT%2BcflTUI%2F6q5EpyAUWP7Vg18rUd79r2Sx2rZA%2FTZeaORZgE2s8rD5tJm%2BfNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab6e8829136-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 26 Jun 2025 19:31:38 GMT
frontend-blocks.js
w1.villainto-kill.com/wp-content/plugins/simple-social-buttons/assets/js/ 		0
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/plugins/simple-social-buttons/assets/js/frontend-blocks.js?ver=5.1.3
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28685
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Wed, 26 Jun 2024 13:28:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxuQdPPSanqiiOl8k55kWVo%2BuSfYJuLh9HZRLnQLwWZIJpjomp2bjGXV7%2FUTE0Lo%2FDtMa3QT32GvNAwakFz6VV2hHYsbPKlg3kGmSZZj8G92V%2FWEkSCXTR4Prd4N47fXbnf%2By6dys%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
89a25ab6e8849136-FRA
expires
Fri, 26 Jul 2024 19:31:38 GMT
jquery.min.js
w1.villainto-kill.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 20:27:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28685
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wYeWmSbb5hBg96FeFy4061AG2%2B1yBCExMO3P21IzyyKo9lzdbWr%2BS%2BUC3XSVdnVJDv6QZ5aUVTevwQnFcuVN94V6sbb7An8URc%2F1Snru5fKj5aBCFb89SzqF3ktRDQGsRcM4KnOHiSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab6e8859136-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jul 2024 19:31:38 GMT
jquery-migrate.min.js
w1.villainto-kill.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 10:45:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28685
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWdEud48DFXNB%2Bl49o3vNU4ZwVEC788cFKAt3avbkl3BPWk9kfl%2FFuI8eurpmhMQUG%2B%2FVBofPd1NjSF1P5XIfAA%2BxPLYmOhLytFvw6RrL1nMiTmdxFbS2QV6Q1ECcu3jg79Nlh9D0Rc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab6e8869136-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jul 2024 19:31:38 GMT
front.js
w1.villainto-kill.com/wp-content/plugins/simple-social-buttons/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=5.1.3
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3771729d1b369950bcba8db61461202f679827c2c17c56dba43591a462dca1a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jun 2024 13:28:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28685
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkSwOjmn9hPd9Jjwe2nq2z%2FqNPFGQnZBlbyAB%2FPMrY75nKy6zx6U9%2FFcTaPpJDE4ZA0SVVjl3Cl56BtcD0XkugFpj5DAbWQeF3gHlOkg1HsTGKGJynGja1DN3CwuipNmaRdCWrAaeYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab6e8889136-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jul 2024 19:31:38 GMT
3b8b99ae461c41e09363a137e9700c42.jpg
w1.villainto-kill.com/wp-content/uploads/2023/05/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w1.villainto-kill.com/wp-content/uploads/2023/05/3b8b99ae461c41e09363a137e9700c42.jpg
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267aab8d163244456ac0374b9a4982fa4af8b29dc0f1fdf383db783ab0671c24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49020
alt-svc
h3=":443"; ma=86400
content-length
74961
last-modified
Fri, 05 May 2023 03:11:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0TvDoiqzfHKBt6KOI1BtdGstc0HEwPbgO9e61N37soVOnYQVu3e4MUf93ovZqqHfiSaeUlT8lRGH2lkOIXrsMxayjlzrJVfVH%2FYYEvz0FQmd7HVzn2P5QmXGV%2BepgCeijvk82QvZ%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
89a25ab6e8899136-FRA
expires
Thu, 24 Oct 2024 13:52:43 GMT
6d5bf66662b47b8b6dcd22635ecd0383-623x1024.jpg
w1.villainto-kill.com/wp-content/uploads/2023/05/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w1.villainto-kill.com/wp-content/uploads/2023/05/6d5bf66662b47b8b6dcd22635ecd0383-623x1024.jpg
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e513d174480a9d09241ed5ea0ae7c900cbd182754975ab59a319dc15dc26a1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:44 GMT
cf-cache-status
MISS
last-modified
Fri, 05 May 2023 03:12:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vMV1e3moSP1ANVHiL2f4t8TDCW5wZnwMyQzZpuHhd22XfUVFEeqIgM2Q%2BCmXFBpQxFz8XnmHP6%2BV7bBxP1zwZUIjkQUpKVm92WA0syr2QAhBckbtsYGpjQcyxu7NZFNWX2BeLGKK4mw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
89a25ab6e88a9136-FRA
alt-svc
h3=":443"; ma=86400
content-length
97996
expires
Fri, 25 Oct 2024 03:29:43 GMT
keynav.js
w1.villainto-kill.com/wp-content/plugins/comic-easel/js/ 		933 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/plugins/comic-easel/js/keynav.js
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbb60324ba018c58305566d35e4f580630b41aeb9bb737daef3314a6b100121

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Oct 2019 17:20:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28685
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMpnu6CWhjZ9vuEzHqOeZazBcB48csgIWilZvstDwIzshAXW6bZzbWXAKMG0GB6wpGcXZw%2FrCRkU%2B18KMnjN7KxFcq%2F%2BMswFxlcBhB4iJcLCZDUiuIYJ9oa1092Tymq3VapgDRNNtx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab6e88c9136-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jul 2024 19:31:38 GMT
responsive-nav.min.js
w1.villainto-kill.com/wp-content/themes/toivo-lite/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/themes/toivo-lite/js/responsive-nav.min.js?ver=1.2.0
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee875d1b0a82057344852ee7a374ac88a66e6b38da6b096b2fd3ed5719cd4f21

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 May 2023 03:03:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28684
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ippqil9EL0i6iEqva8TrAsKPKZ39fe2jOeKxVHeDb8lg4jRoNSySqJxDFg82Kwa82amRoj3%2BrbrM8MbqHb5bg5nYyTOExrqZVCAYN%2B6Aj3B1lHeJB5Gix2v4QOCuLra3wVz7Vp2USIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab8397b9136-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jul 2024 19:31:39 GMT
settings.min.js
w1.villainto-kill.com/wp-content/themes/toivo-lite/js/ 		2 KB
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/themes/toivo-lite/js/settings.min.js?ver=1.2.0
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24323c81d8ec5b4424e82ab58f31cd68597f6a0c7f16cf97dab30e4feab7fac2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 May 2023 03:03:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28684
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idCXOXugCZsNLwZ5%2BJ7i2TRGIDnBGyEAp%2F9ao0wZURZKJSMZiHfIoiL5ZQerBbuHucshHDcr1EYDqMASE18hOdrCSATKvOHz3fU7AcEIfDaEBDT9k%2BwwZK38eSklNPIeKm7XnduDvXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab889a99136-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jul 2024 19:31:39 GMT
functions.min.js
w1.villainto-kill.com/wp-content/themes/toivo-lite/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/themes/toivo-lite/js/functions.min.js?ver=1.2.0
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ab6f289c1c8abc08c0a8fb6c7aea66cf8164d514c3cef0e29d9f81c474f5e65

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 05 May 2023 03:03:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvL3x5hha42qGTkbFeYEZp5l1qbXwFJbkltOzacVPSYzjsmXcGjfiMXzjVHQ7RayKtoabfUyEm5JNzlEx%2FAD0zgLM1Wl3oxdKQ48W2kATt8%2BtYobleFLu70eZvmHKW38YAv4igaV9NI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
89a25ab8d9d59136-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jul 2024 03:29:44 GMT
invoke.js
www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 03:29:44 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://w1.villainto-kill.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:56:54 GMT
x-content-type-options
nosniff
age
131570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:56:54 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://w1.villainto-kill.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:50:08 GMT
x-content-type-options
nosniff
age
131976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48336
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:50:08 GMT
S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://w1.villainto-kill.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:47:43 GMT
x-content-type-options
nosniff
age
132121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17728
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:47:43 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://w1.villainto-kill.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 01:29:01 GMT
x-content-type-options
nosniff
age
7243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 01:29:01 GMT
invoke.js
www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 03:29:44 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 03:29:44 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 03:29:45 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
1ummW-fcFUU
www.youtube.com/embed/ Frame 8EF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/1ummW-fcFUU?feature=oembed
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://w1.villainto-kill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jun 2024 03:29:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
invoke.js
www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 03:29:45 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 03:29:45 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb

Request headers

Referer
Origin
https://w1.villainto-kill.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
invoke.js
www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Requested by
Host: w1.villainto-kill.com
URL: https://w1.villainto-kill.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 03:29:45 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
cropped-6d5bf66662b47b8b6dcd22635ecd0383-1-32x32.jpg
w1.villainto-kill.com/wp-content/uploads/2023/05/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://w1.villainto-kill.com/wp-content/uploads/2023/05/cropped-6d5bf66662b47b8b6dcd22635ecd0383-1-32x32.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e45066d7430990d130bd01c97c96a9a6e69a112e8c9bb5fea11ca9665ed236d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://w1.villainto-kill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:29:46 GMT
cf-cache-status
MISS
last-modified
Fri, 05 May 2023 03:17:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDACS3drO3mYXZPz71ZQmNlJ8Z%2FVA4pzTlqcBFDadKJgV0VWceYkWwl90WNjGFBX8KOGcF70FmCsmfY6iRjooRbO8yqgtrpcZyfE%2F6xdEMAQ768AyOJDUc2WalAjT3PDvWrUxN6PJrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
89a25ac73ba69136-FRA
alt-svc
h3=":443"; ma=86400
content-length
1085
expires
Fri, 25 Oct 2024 03:29:46 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage undefined| $ function| jQuery object| SSB object| ssbPlugin object| atOptions function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig function| responsiveNav object| buttonMain object| navMain undefined| buttonTop undefined| navTop undefined| buttonSocial undefined| navSocial

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: S4khUiFNKNo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: bz7Q0UqbSA8
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgCw%3D%3D

23 Console Messages

Source Level URL
Text
rendering error URL: https://w1.villainto-kill.com/(Line 141)
Message:
Failed to set referrer policy: The value '' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
javascript warning URL: https://w1.villainto-kill.com/(Line 212)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.villainto-kill.com/(Line 212)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://w1.villainto-kill.com/(Line 234)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.villainto-kill.com/(Line 234)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://w1.villainto-kill.com/(Line 252)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.villainto-kill.com/(Line 252)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://w1.villainto-kill.com/(Line 267)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.villainto-kill.com/(Line 267)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other warning URL: https://w1.villainto-kill.com/(Line 290)
Message:
Unrecognized feature: 'web-share'.
javascript warning URL: https://w1.villainto-kill.com/(Line 300)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.villainto-kill.com/(Line 300)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://w1.villainto-kill.com/(Line 791)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.villainto-kill.com/(Line 791)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://w1.villainto-kill.com/(Line 810)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.villainto-kill.com/(Line 810)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.highcpmcreativeformat.com/b1b53dd2b29c9ee13e6951f9f9cafbae/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
villainto-kill.com
w1.villainto-kill.com
www.highcpmcreativeformat.com
www.youtube.com
172.240.108.68
172.67.170.14
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2003
13b5896647ce3abb41e4f7a9f857ac6ab2c3b824f6451f4530d914794dcf30f9
2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb
24323c81d8ec5b4424e82ab58f31cd68597f6a0c7f16cf97dab30e4feab7fac2
267aab8d163244456ac0374b9a4982fa4af8b29dc0f1fdf383db783ab0671c24
3fbb60324ba018c58305566d35e4f580630b41aeb9bb737daef3314a6b100121
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52e513d174480a9d09241ed5ea0ae7c900cbd182754975ab59a319dc15dc26a1
5ab6f289c1c8abc08c0a8fb6c7aea66cf8164d514c3cef0e29d9f81c474f5e65
60dd61f6082bdbbe685019e397738bc0c56c6d4407854b734745de7be0b13ee9
767c2f6c69bd4ad04353b55d51d851b3e12bdf31133d7e7d9b90caa828753c15
7e45066d7430990d130bd01c97c96a9a6e69a112e8c9bb5fea11ca9665ed236d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a1dc59cc874621059f524fee4c366abb96f3aaf7ee44f115f5769053de5baf35
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
b3771729d1b369950bcba8db61461202f679827c2c17c56dba43591a462dca1a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c79a6bb0af63488ce6dc5b03c8b9c6ef8d70df81c8bd206d0ef48f43ee5732a6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb23aa9e6edce4240f49ec515291c0f8ee25a15ecfb638e8cdb2a767bc41abb0
ee875d1b0a82057344852ee7a374ac88a66e6b38da6b096b2fd3ed5719cd4f21
f4331958938b7c1c57a67d7b16bf9f90b27b99842f80517b27d99def1f643a73