arf.crd.co Open in urlscan Pro
104.18.37.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://arf.crd.co/
Effective URL:
https://arf.crd.co/
Submission: On June 13 via api (June 13th 2024, 3:58:07 am UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 20 HTTP transactions. The main IP is 104.18.37.69, located in and belongs to CLOUDFLARENET, US. The main domain is arf.crd.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 12th 2024. Valid for: a year.

This is the only time arf.crd.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.18.37.69 104.18.37.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	96.43.128.66 96.43.128.66	19969 (JOESDATAC...) (JOESDATACENTER)
1 1	184.105.177.70 184.105.177.70	6939 (HURRICANE) (HURRICANE)
1	184.105.177.71 184.105.177.71	6939 (HURRICANE) (HURRICANE)
3 6	2620:100:6022... 2620:100:6022:15::a27d:420f	19679 (DROPBOX) (DROPBOX)
1	18.66.102.46 18.66.102.46	16509 (AMAZON-02) (AMAZON-02)
20	10

7 104.18.37.69 (None, )

ASN13335 (CLOUDFLARENET, US)

arf.crd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

static.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.43.128.66 (United States)

ASN19969 (JOESDATACENTER, US)

cur.cursors-4u.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.105.177.70 (United States) 1 redirects

ASN6939 (HURRICANE, US)
PTR: s4.opendrive.com

od.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.105.177.71 (United States)

ASN6939 (HURRICANE, US)
PTR: s5.opendrive.com

web.opendrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:100:6022:15::a27d:420f (United States) 3 redirects

ASN19679 (DROPBOX, US)

dl.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dl.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-46.fra56.r.cloudfront.net

cdn.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	crd.co arf.crd.co	125 KB
3	dropboxusercontent.com dl.dropboxusercontent.com — Cisco Umbrella Rank: 19759	117 KB
3	dropbox.com 3 redirects dl.dropbox.com — Cisco Umbrella Rank: 62480	676 B
3	cursors-4u.net cur.cursors-4u.net — Cisco Umbrella Rank: 984347	6 KB
2	tumblr.com static.tumblr.com — Cisco Umbrella Rank: 78063 64.media.tumblr.com — Cisco Umbrella Rank: 18615	4 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77 ajax.googleapis.com — Cisco Umbrella Rank: 457	124 KB
1	glitch.me cdn.glitch.me — Cisco Umbrella Rank: 207829	25 KB
1	opendrive.com web.opendrive.com — Cisco Umbrella Rank: 512456
1	od.lk 1 redirects od.lk — Cisco Umbrella Rank: 432901	373 B
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2072
20	10

	Domain	Requested by
7	arf.crd.co	arf.crd.co
3	dl.dropboxusercontent.com	arf.crd.co
3	dl.dropbox.com	3 redirects
3	cur.cursors-4u.net	arf.crd.co
1	cdn.glitch.me	arf.crd.co
1	web.opendrive.com	arf.crd.co
1	od.lk	1 redirects
1	64.media.tumblr.com	arf.crd.co
1	kit.fontawesome.com	arf.crd.co
1	static.tumblr.com	arf.crd.co
1	ajax.googleapis.com	arf.crd.co
1	fonts.googleapis.com	arf.crd.co
20	12

This site contains links to these domains. Also see Links.

Domain
hayman.carrd.co
strwbcrepe.straw.page
www.cursors-4u.com

Subject Issuer	Validity	Valid
crd.co Cloudflare Inc ECC CA-3	`2024-02-12` - `2024-12-31`	a year	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-15` - `2024-12-15`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.media.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2024-01-03` - `2025-02-02`	a year	crt.sh
ani.cursors-4u.net R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://arf.crd.co/
Frame ID: 97A75341643DB7146DF7950EB61C088C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

♡

Page URL History Show full URLs

http://arf.crd.co/ HTTP 307
https://arf.crd.co/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

80 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

401 kB
Transfer

892 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://hayman.carrd.co/
Title: boyfriend

Search URL Search Domain Scan URL

URL: https://strwbcrepe.straw.page/
Title: qpp

Search URL Search Domain Scan URL

URL: https://www.cursors-4u.com/cursor/2008/11/21/bubbles.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://arf.crd.co/ HTTP 307
https://arf.crd.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://od.lk/s/MzFfNjI1MTczOThf/i%20hate%20my%20body%20i%20want%20to%20be%20a%20girl.mp3 HTTP 302
https://web.opendrive.com/api/v1/download/file.json/MzFfNjI1MTczOThf?temp_key=%8Bm%21j%D7%B6%D2l%B6%D1%BA%1D%CBm%22%DBL%1A%9E%DD%B4%B6%8D%B4m%ED%B4km+%8A%B9f%A7&inline=1

Request Chain 13

https://dl.dropbox.com/s/cvba4kh6qm23mru/EmojiFont.ttf HTTP 302
https://dl.dropboxusercontent.com/s/cvba4kh6qm23mru/EmojiFont.ttf

Request Chain 14

https://dl.dropbox.com/s/cn0l1yjacta4whv/W95FA.otf HTTP 302
https://dl.dropboxusercontent.com/s/cn0l1yjacta4whv/W95FA.otf

Request Chain 15

https://dl.dropbox.com/s/388cvx0do21kj3n/KiwiSoda.ttf HTTP 302
https://dl.dropboxusercontent.com/s/388cvx0do21kj3n/KiwiSoda.ttf

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
arf.crd.co/
Redirect Chain

http://arf.crd.co/
https://arf.crd.co/

96 KB
13 KB

511ms
409ms

Document
text/html

104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arf.crd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f3adbc8ca288a3c188bb979b57db6fbefd1fa9df12cfd0f4676bad5f1ea3e4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 892f28ecebf16a73-TXL
content-encoding: gzip
content-type: text/html
date: Thu, 13 Jun 2024 03:58:02 GMT
expires: Thu, 13 Jun 2024 03:58:02 GMT
last-modified: Thu, 13 Jun 2024 02:54:43 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://arf.crd.co/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 6d074d4c.jpg
arf.crd.co/assets/images/gallery01/ 18 KB
18 KB 592ms
592ms Image
image/jpeg 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arf.crd.co/assets/images/gallery01/6d074d4c.jpg?v=11638efd
Requested by: Host: arf.crd.co
URL: https://arf.crd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88372807351d74536307b79ae6958910eb290996614fb99ee6bc31db44b3e127

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:58:02 GMT
cf-cache-status: MISS
last-modified: Mon, 13 May 2024 15:26:18 GMT
server: cloudflare
etag: "485d-6185781c4ce20"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 892f28ef8fd36a73-TXL
content-length: 18525
expires: Thu, 20 Jun 2024 03:58:02 GMT

GET
H2 200 container01.jpg
arf.crd.co/assets/images/ 24 KB
25 KB 586ms
585ms Image
image/jpeg 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arf.crd.co/assets/images/container01.jpg?v=11638efd
Requested by: Host: arf.crd.co
URL: https://arf.crd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5600367cf7b182e84141f6cf2344b79f39ae8313e753aa44603a378f59c34ceb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:58:02 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jun 2024 02:54:43 GMT
server: cloudflare
etag: "61ba-61abc9ef0f408"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 892f28ef9fff6a73-TXL
content-length: 25018
expires: Thu, 20 Jun 2024 03:58:02 GMT

GET
H2 200 container04.jpg
arf.crd.co/assets/images/ 34 KB
34 KB 546ms
546ms Image
image/jpeg 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arf.crd.co/assets/images/container04.jpg?v=11638efd
Requested by: Host: arf.crd.co
URL: https://arf.crd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e19afefd1dc5ae8d429b0d70baf47cd9775c73824f9c9c485e2db7c96bb38e0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:58:02 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jun 2024 02:54:43 GMT
server: cloudflare
etag: "87d7-61abc9ef17108"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 892f28ef98016a73-TXL
content-length: 34775
expires: Thu, 20 Jun 2024 03:58:02 GMT

GET
H2 200 container05.jpg
arf.crd.co/assets/images/ 32 KB
32 KB 535ms
535ms Image
image/jpeg 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arf.crd.co/assets/images/container05.jpg?v=11638efd
Requested by: Host: arf.crd.co
URL: https://arf.crd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6639c49d9bf3e6bd701f250539d19ce44e234931014455dcde0c7fc2bc0b671d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:58:02 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jun 2024 02:54:43 GMT
server: cloudflare
etag: "80e4-61abc9ef1ea20"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 892f28ef98036a73-TXL
content-length: 32996
expires: Thu, 20 Jun 2024 03:58:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 344 KB
90 KB 143ms
56ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=M+PLUS+Rounded+1c:wght@400;500;800&display=swap

Requested by

Host: arf.crd.co
URL: https://arf.crd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65d318b769d7372444a9554b8d821fb8358d821cd1ca1dbe9ec86fe8f6b9fe5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 03:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 03:58:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 03:58:02 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7/ 93 KB
34 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js

Requested by

Host: arf.crd.co
URL: https://arf.crd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 02:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 02:50:03 GMT

GET
H2 200 glenplayer02.js Show response
static.tumblr.com/gtjt4bo/QRmphdsdv/ 874 B
1 KB 129ms
38ms Script
text/javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/gtjt4bo/QRmphdsdv/glenplayer02.js

Requested by

Host: arf.crd.co
URL: https://arf.crd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

e3ac527cd57cc7de7204d4a7c5bd7a2bc8407ed8bbab28c914e216312d1896d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:58:02 GMT
strict-transport-security: max-age=31536000; preload
alt-svc: h3=":443"; ma=86400
content-length: 874
x-nc: HIT ams 1
last-modified: Mon, 29 Oct 2018 22:13:08 GMT
server: nginx
etag: "0c72d69900626725bd7d730e5d46a141"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 403 8119dfca45.js
kit.fontawesome.com/ 0
0 566ms
471ms Script
text/plain 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/8119dfca45.js
Requested by: Host: arf.crd.co
URL: https://arf.crd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Origin: https://arf.crd.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:58:02 GMT
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding
cf-ray: 892f28f05f5a65ba-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 9
x-request-id: F9h0QYkzaYZic-9zFuRB

GET
H2 200 tumblr_ll7wpyHlj71qi6qow.gif
64.media.tumblr.com/ 2 KB
3 KB 135ms
40ms Image
image/gif 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/tumblr_ll7wpyHlj71qi6qow.gif

Requested by

Host: arf.crd.co
URL: https://arf.crd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e5d21ee97b6169e71f8896aeabf992955a786f3626038a26261b17c56f37db85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:58:02 GMT
strict-transport-security: max-age=31536000; preload
content-disposition: inline; filename="tumblr_ll7wpyHlj71qi6qow540.gif"
server-timing: dc;desc=ams, cache;desc=HIT;dur=1.0
alt-svc: h3=":443"; ma=86400
content-length: 2247
x-nc: HIT ams 7
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "2cdb40e8aee9e0b6d2747ca56b4faaea-1523937600-98b6076"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK cursor.png
cur.cursors-4u.net/ 1 KB
1 KB 830ms
146ms Image
image/png 96.43.128.66
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cur.cursors-4u.net/cursor.png
Requested by: Host: arf.crd.co
URL: https://arf.crd.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 9f4185f44c07da894dee2b3f016585769af454b43bd06376e13804d88cfc3a54

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 03:58:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Feb 2013 17:33:08 GMT
Server: nginx/1.16.1
ETag: W/"512e4354-4d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive

GET
H2

200

MzFfNjI1MTczOThf
web.opendrive.com/api/v1/download/file.json/
Redirect Chain

https://od.lk/s/MzFfNjI1MTczOThf/i%20hate%20my%20body%20i%20want%20to%20be%20a%20girl.mp3
https://web.opendrive.com/api/v1/download/file.json/MzFfNjI1MTczOThf?temp_key=%8Bm%21j%D7%B6%D2l%B6%D1%BA%1D%CBm%22%DBL%1A%9E%DD%B4%B6%8D%B4m%ED%B4km+%8A%B9f%A7&inline=1

100 KB
0

576ms
222ms

Media
audio/mpeg

184.105.177.71
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.opendrive.com/api/v1/download/file.json/MzFfNjI1MTczOThf?temp_key=%8Bm%21j%D7%B6%D2l%B6%D1%BA%1D%CBm%22%DBL%1A%9E%DD%B4%B6%8D%B4m%ED%B4km+%8A%B9f%A7&inline=1

Requested by

Host: arf.crd.co
URL: https://arf.crd.co/

Protocol

Server

184.105.177.71 , United States, ASN6939 (HURRICANE, US),

Reverse DNS

s5.opendrive.com

Software

/ PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arf.crd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Jun 2024 03:58:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: PHP/7.4.33
serverid: s5
content-type: audio/mpeg
access-control-allow-origin: *
content-range: bytes 0-4942212/4942213
cache-control: must-revalidate, post-check=0, pre-check=0, private
content-transfer-encoding: binary
content-disposition: inline; filename*=UTF-8''i%20hate%20my%20body%20i%20want%20to%20be%20a%20girl.mp3
accept-ranges: bytes
content-length: 4942213
expires: Sat, 13 Jul 2024 03:58:03 GMT

Redirect headers

date: Thu, 13 Jun 2024 03:58:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-powered-by: PHP/7.4.33
x-frame-options: DENY
content-type: text/html; charset=UTF-8
location: https://web.opendrive.com/api/v1/download/file.json/MzFfNjI1MTczOThf?temp_key=%8Bm%21j%D7%B6%D2l%B6%D1%BA%1D%CBm%22%DBL%1A%9E%DD%B4%B6%8D%B4m%ED%B4km+%8A%B9f%A7&inline=1
x-fastcgi-cache: MISS
cache-control: no-cache, max-age=0, s-max-age=0, must-revalidate, no-store

GET
H/1.1 200
OK nat340.ani
cur.cursors-4u.net/nature/nat-4/ 4 KB
4 KB 545ms
288ms Image
application/octet-stream 96.43.128.66
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cur.cursors-4u.net/nature/nat-4/nat340.ani
Requested by: Host: arf.crd.co
URL: https://arf.crd.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 03:58:03 GMT
Last-Modified: Wed, 27 Feb 2013 18:18:14 GMT
Server: nginx/1.16.1
ETag: "512e4de6-a89c"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43164

GET
H/1.1 200
OK nat340.png
cur.cursors-4u.net/nature/nat-4/ 748 B
1 KB 440ms
144ms Image
image/png 96.43.128.66
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cur.cursors-4u.net/nature/nat-4/nat340.png
Requested by: Host: arf.crd.co
URL: https://arf.crd.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b8af1b5a991b0a64d18a24d5d9bba02aa0d50e57d67ab9099c91ed8a5c563333

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 03:58:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Feb 2013 18:18:14 GMT
Server: nginx/1.16.1
ETag: W/"512e4de6-2ec"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive

GET
H2

200

EmojiFont.ttf
dl.dropboxusercontent.com/s/cvba4kh6qm23mru/
Redirect Chain

https://dl.dropbox.com/s/cvba4kh6qm23mru/EmojiFont.ttf
https://dl.dropboxusercontent.com/s/cvba4kh6qm23mru/EmojiFont.ttf

25 KB
26 KB

551ms
549ms

Font
application/octet-stream

2620:100:6022:15::a27d:420f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/cvba4kh6qm23mru/EmojiFont.ttf

Requested by

Host: arf.crd.co
URL: https://arf.crd.co/

Protocol

Server

2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

5732f6b2460af4d4daaac6a3813c15be75f4819553582eaf4be42301ac5c42f6

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arf.crd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Thu, 13 Jun 2024 03:58:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 30a848b0b41f41bdb0c768bbee44093c
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="EmojiFont.ttf"; filename*=UTF-8''EmojiFont.ttf
content-length: 25692
pragma: public
server: envoy
etag: 1633870161819750n
x-server-response-time: 349
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Thu, 13 Jun 2024 03:58:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: envoy
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/cvba4kh6qm23mru/EmojiFont.ttf
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: d7f03758cb5e4b53bd903ef41bc67188

GET
H2

200

W95FA.otf
dl.dropboxusercontent.com/s/cn0l1yjacta4whv/
Redirect Chain

https://dl.dropbox.com/s/cn0l1yjacta4whv/W95FA.otf
https://dl.dropboxusercontent.com/s/cn0l1yjacta4whv/W95FA.otf

42 KB
43 KB

733ms
733ms

Font
application/octet-stream

2620:100:6022:15::a27d:420f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/cn0l1yjacta4whv/W95FA.otf

Requested by

Host: arf.crd.co
URL: https://arf.crd.co/

Protocol

Server

2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

9e1ad53708307b2b68e06d43799b2267f6aec620dda972bc62753ad16ba50f2b

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arf.crd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Thu, 13 Jun 2024 03:58:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: fecaa297057949d28017602cfa95139f
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="W95FA.otf"; filename*=UTF-8''W95FA.otf
content-length: 43372
pragma: public
server: envoy
etag: 1645059383824856n
x-server-response-time: 547
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Thu, 13 Jun 2024 03:58:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: envoy
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/cn0l1yjacta4whv/W95FA.otf
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: 45aaf7d0177a4665b70367f9a86527fe

GET
H2

200

KiwiSoda.ttf
dl.dropboxusercontent.com/s/388cvx0do21kj3n/
Redirect Chain

https://dl.dropbox.com/s/388cvx0do21kj3n/KiwiSoda.ttf
https://dl.dropboxusercontent.com/s/388cvx0do21kj3n/KiwiSoda.ttf

48 KB
48 KB

593ms
590ms

Font
application/octet-stream

2620:100:6022:15::a27d:420f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/388cvx0do21kj3n/KiwiSoda.ttf

Requested by

Host: arf.crd.co
URL: https://arf.crd.co/

Protocol

Server

2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

cdd68272c443104d8f34abc7520a541cab5428431a7eaf553ff75b652498a252

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arf.crd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Thu, 13 Jun 2024 03:58:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 0b34e2d33c014d9497d5e8d66884d660
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="KiwiSoda.ttf"; filename*=UTF-8''KiwiSoda.ttf
content-length: 49292
pragma: public
server: envoy
etag: 1656557547798091n
x-server-response-time: 346
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Thu, 13 Jun 2024 03:58:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: envoy
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/388cvx0do21kj3n/KiwiSoda.ttf
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: 742f3cd138904f82ad1cd9572782a100

GET
H/1.1 200
OK LL_RECOR.TTF
cdn.glitch.me/9bbfdfb3-4bfa-4c39-8743-5621c8b9df21/ 24 KB
25 KB 151ms
48ms Font
binary/octet-stream 18.66.102.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.glitch.me/9bbfdfb3-4bfa-4c39-8743-5621c8b9df21/LL_RECOR.TTF

Requested by

Host: arf.crd.co
URL: https://arf.crd.co/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-46.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d42a9d28c87bc063f47f0fbb8e20ac633b954440e3ca3852e8758d111d805b18

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Origin: https://arf.crd.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 17 Sep 2023 01:34:23 GMT
Via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 20 Dec 2021 00:44:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 23336620
ETag: "405dd9e951c6ec3554da85cf3f4d0a9b"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 25060
X-Amz-Cf-Id: 9ihk9XDnTd5Q4ODQyWfxrW4zganJY5hCQ4jm_RkL6WgoJnefxvfaMg==

GET
H2 404 ms_sans_serif.woff2
arf.crd.co/ 0
0 391ms
391ms Font
text/html 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arf.crd.co/ms_sans_serif.woff2
Requested by: Host: arf.crd.co
URL: https://arf.crd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Origin: https://arf.crd.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:58:03 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=14400
cf-ray: 892f28f37e2f6a73-TXL
expires: Thu, 13 Jun 2024 07:58:03 GMT

GET
H2 200 favicon.png
arf.crd.co/assets/images/ 3 KB
3 KB 438ms
438ms Other
image/png 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arf.crd.co/assets/images/favicon.png?v=11638efd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d17495e9c3647d336d40a3a8ccf741135431244b57ecce1a7840456575eec2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arf.crd.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:58:04 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Apr 2024 17:39:40 GMT
server: cloudflare
etag: "a62-615994a4a64e8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 892f28fc9c5c6a73-TXL
content-length: 2658
expires: Thu, 20 Jun 2024 03:58:04 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/8119dfca45.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://arf.crd.co/ms_sans_serif.woff2 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
ajax.googleapis.com
arf.crd.co
cdn.glitch.me
cur.cursors-4u.net
dl.dropbox.com
dl.dropboxusercontent.com
fonts.googleapis.com
kit.fontawesome.com
od.lk
static.tumblr.com
web.opendrive.com
104.18.37.69
18.66.102.46
184.105.177.70
184.105.177.71
192.0.77.3
192.0.77.40
2606:4700:4400::ac40:93bc
2620:100:6022:15::a27d:420f
2a00:1450:4001:806::200a
2a00:1450:4001:811::200a
96.43.128.66
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5600367cf7b182e84141f6cf2344b79f39ae8313e753aa44603a378f59c34ceb
5732f6b2460af4d4daaac6a3813c15be75f4819553582eaf4be42301ac5c42f6
65d318b769d7372444a9554b8d821fb8358d821cd1ca1dbe9ec86fe8f6b9fe5f
6639c49d9bf3e6bd701f250539d19ce44e234931014455dcde0c7fc2bc0b671d
73d17495e9c3647d336d40a3a8ccf741135431244b57ecce1a7840456575eec2
7e19afefd1dc5ae8d429b0d70baf47cd9775c73824f9c9c485e2db7c96bb38e0
87f3adbc8ca288a3c188bb979b57db6fbefd1fa9df12cfd0f4676bad5f1ea3e4
88372807351d74536307b79ae6958910eb290996614fb99ee6bc31db44b3e127
9e1ad53708307b2b68e06d43799b2267f6aec620dda972bc62753ad16ba50f2b
9f4185f44c07da894dee2b3f016585769af454b43bd06376e13804d88cfc3a54
b8af1b5a991b0a64d18a24d5d9bba02aa0d50e57d67ab9099c91ed8a5c563333
cdd68272c443104d8f34abc7520a541cab5428431a7eaf553ff75b652498a252
d42a9d28c87bc063f47f0fbb8e20ac633b954440e3ca3852e8758d111d805b18
e3ac527cd57cc7de7204d4a7c5bd7a2bc8407ed8bbab28c914e216312d1896d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d21ee97b6169e71f8896aeabf992955a786f3626038a26261b17c56f37db85

arf.crd.co Open in urlscan Pro 104.18.37.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

80 %HTTPS

36 %IPv6

10 Domains

12 Subdomains

10 IPs

3 Countries

401 kBTransfer

892 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

arf.crd.co Open in urlscan Pro
104.18.37.69 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

80 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

401 kB
Transfer

892 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions