URL: https://crystl.finance/
Submission: On March 22 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3036::6815:3cdf, located in United States and belongs to CLOUDFLARENET, US. The main domain is crystl.finance.
TLS certificate: Issued by GTS CA 1P5 on January 31st 2024. Valid for: 3 months.
This is the only time crystl.finance was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
9 6686.live
6686.live
116 KB
7 crystl.finance
crystl.finance
215 KB
5 googleusercontent.com
lh4.googleusercontent.com — Cisco Umbrella Rank: 1679
lh5.googleusercontent.com — Cisco Umbrella Rank: 390
5 MB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
291 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1728
298 B
1 dmca.com
images.dmca.com — Cisco Umbrella Rank: 14392
13 KB
1 tenor.com
media.tenor.com — Cisco Umbrella Rank: 8383
34 KB
28 7
Domain Requested by
9 6686.live crystl.finance
7 crystl.finance crystl.finance
3 www.googletagmanager.com crystl.finance
www.googletagmanager.com
3 lh4.googleusercontent.com crystl.finance
2 region1.google-analytics.com www.googletagmanager.com
2 lh5.googleusercontent.com crystl.finance
1 images.dmca.com crystl.finance
1 media.tenor.com crystl.finance
28 8

This site contains links to these domains. Also see Links.

Domain
www.dmca.com
Subject Issuer Validity Valid
crystl.finance
GTS CA 1P5
2024-01-31 -
2024-04-30
3 months crt.sh
6686.live
GTS CA 1P5
2024-02-01 -
2024-05-01
3 months crt.sh
c.tenor.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
images.dmca.com
R3
2024-03-07 -
2024-06-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://crystl.finance/
Frame ID: 6D53D790DDE13A0CDF04F846DF520166
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Kênh xem trực tiếp NBA, bóng rổ NBA Full HD

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

5637 kB
Transfer

6684 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
crystl.finance/
47 KB
12 KB
Document
General
Full URL
https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3cdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0294d44a60e70ff31279dc81c6a115a91abf80c645ae9268a371c3982bc0e47

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
868651191d48be60-CPH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 22 Mar 2024 12:52:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDy2gZ6P%2BmW5US4Ep0KBbXnKLuuGJdS9Buwjl4ykIyki0Pg9%2FR4YOTl0PCCk719njN4NVoppuV6kmEZT4zHB7kk44Y86qmTlspgw3%2FE0BCJ7vKvOMBls5FpDUxyhZj%2Ft8sMygMw1UQGakoponw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
6686.live/themes/site/
389 KB
73 KB
Stylesheet
General
Full URL
https://6686.live/themes/site/style.css?verssd3x=1711111925
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af6b4953a2e9e2cad3b5dcd50c5fdab30866858b119af718ab71f74846057e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Sep 2023 07:19:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6517cc1e-61529"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEgllXjmoxSpitx8GlXsTZ%2FY1i%2BhNZ0YE8arUGHQuif74uKhOlyceNDeRT9mJfWECBb1wE6zn3rOQao%2FbHWXjPtMtdgbjarULWMIwUN0g%2Fp%2FcWtH03bjBxiEQFz0mSZXqKD47V48Geo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8686511e6ec49300-CPH
alt-svc
h3=":443"; ma=86400
expires
Sat, 23 Mar 2024 00:50:34 GMT
all6a4d.css
crystl.finance/theleague/wp-content/themes/the-league/font-awesome/css/
72 KB
13 KB
Stylesheet
General
Full URL
https://crystl.finance/theleague/wp-content/themes/the-league/font-awesome/css/all6a4d.css?verssd3x=1711111925
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3cdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b3c9506f6906b9895dd5096aa326bb519488eb9e3791f6407bd41d76d64dc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Feb 2023 00:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63e2f374-11f75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6kUP8fUtA0mvD7ON2xF%2BrymaFeMymW%2Br23eJ2%2BOcxqqn%2FUIArZwmNGxpGqypF35in2v2kkgU4dOgovmNTIC%2BJ%2BQxRw4L8q%2BKwZnOaw9q8haq6OTUGijYnz3T82p%2Bj7fqgAgL2P%2B%2FbKL5RfE70Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8686511dcde7be60-CPH
alt-svc
h3=":443"; ma=86400
expires
Sat, 23 Mar 2024 00:52:05 GMT
crystl_finance.css
crystl.finance/public/css/
2 KB
674 B
Stylesheet
General
Full URL
https://crystl.finance/public/css/crystl_finance.css?verssd3x=1711111925
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3cdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f78313a49cf78ef5b04d629b5e4e84bc5947602724124558dcb962ef9206bd8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Dec 2023 03:37:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65792701-620"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnrK6YDM1aN9gbD%2BjmOtrt9TzzpfEIX3kwpIEqube6k8LOgPjWJ8s%2F6Dv9DoHFqhuOwezO5Xp67XIKMiwq8yzoS3Dh%2Fj4ewgXNeDoaHCPKdphvVdoWQu5HPoGzLe4Ol1yRByYGJ1jImMYA2STA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8686511dcde9be60-CPH
alt-svc
h3=":443"; ma=86400
expires
Sat, 23 Mar 2024 00:52:05 GMT
public_.css
6686.live/themes/css/
0
0
Stylesheet
General
Full URL
https://6686.live/themes/css/public_.css?verssd3x=1711111925
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

jquery.mina7a0.js
6686.live/wp-includes/js/jquery/
88 KB
32 KB
Script
General
Full URL
https://6686.live/wp-includes/js/jquery/jquery.mina7a0.js?verssd3x=3.6.1
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Jul 2023 12:46:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29789
etag
W/"64c50a0e-15e54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6N1PzYUX01Y0QeVYyZUlMpgjC1zA2W4NOQaZHROCsWtQB1dviW1xElOtW1sruMimCfj1TqdNXBSeeG0xg2ZlGisyqSxpzIf7m6y9sueeH%2Fh%2B4t2KjV%2FSov%2FLVWvgnhFXNRoUBeNRB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8686511e6ed19300-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Mar 2024 16:34:06 GMT
jquery-migrate.mind617.js
6686.live/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://6686.live/wp-includes/js/jquery/jquery-migrate.mind617.js?verssd3x=3.3.2
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Jul 2023 12:46:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15680
etag
W/"64c50a0e-2bd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YX2RfYAI3MtVqRYGSKP%2FIMx%2BpDPF2YFvgwjlpk2WpjT9fuolC4en3eeUFd0w0PkIQBsD0d%2BZeZFSmf%2B%2F0EFxZhOmBdYeoZFd2DlZcdTdYGE0iQmfwWyI1f1AeinskAcDNNMslc8asx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8686511e6ecf9300-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Mar 2024 20:29:14 GMT
logo.png
crystl.finance/public//
55 KB
55 KB
Image
General
Full URL
https://crystl.finance/public//logo.png?verssd3x=1711111925
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3cdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b493cea040e4b29048c257d2a2b4c60345c3128fdd930c6f672f7527dd6d977

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 12:39:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65d7406d-db3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQBqzG74nEzjZJpRko4BG90o5X4np7l22FZV5f173ZzZzV%2FNn%2FgZZqc7OQQ1bo%2FgjrrnXb7iW6%2FeHPAVgt2G9hPeWHCYWcx6CAp9rqfg2qZb6%2FZgu%2Foed1tHdaReGH05sy8S6IwQhEu3TF6Gag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8686511dcdeabe60-CPH
alt-svc
h3=":443"; ma=86400
content-length
56127
expires
Sun, 21 Apr 2024 12:52:05 GMT
please-wait.gif
media.tenor.com/zecVkmevzcIAAAAM/
33 KB
34 KB
Image
General
Full URL
https://media.tenor.com/zecVkmevzcIAAAAM/please-wait.gif
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8c3e552728f024379a9ab42df6efee6410cfd8efe42d611f4971b360e65ef18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:28:12 GMT
x-content-type-options
nosniff
age
62633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33849
x-xss-protection
0
last-modified
Tue, 25 May 2021 22:00:57 GMT
server
sffe
report-to
{"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="media-tenor-team"
expires
Fri, 22 Mar 2024 19:28:12 GMT
7EWqKq2fqMPsnbaH4x8EtBNZIGZboCjgizCW4lTLtLLkdJ0X6fdp8gMa-QofGcrA1niIvaR5beVKk-whB4EolnQ9zcrg0-vwNzuL1Rcqt1NKJ3Q_xAYRUwL6gk2FueJ5vywdul8FghLxdBnMJvIR_7Y
lh4.googleusercontent.com/
1 MB
1 MB
Image
General
Full URL
https://lh4.googleusercontent.com/7EWqKq2fqMPsnbaH4x8EtBNZIGZboCjgizCW4lTLtLLkdJ0X6fdp8gMa-QofGcrA1niIvaR5beVKk-whB4EolnQ9zcrg0-vwNzuL1Rcqt1NKJ3Q_xAYRUwL6gk2FueJ5vywdul8FghLxdBnMJvIR_7Y
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2c071c3fd731dadf9c767d5cfacd80864439324bde3bd33d10cdf8335d8c9821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1353368
x-xss-protection
0
expires
Sat, 23 Mar 2024 12:52:05 GMT
xcBY3tjOxcwnbp-eokCkYt1Oe4Q_jEI-qpwDbMygupmskB8n5b-jkXeUlXkOxIQgfu1mfQ2DkyIvgg1Qi_Sg8StVbgljHElt11BH_vsgmwMUPJ8MwKyuG3gYo2WAs8FpaSAYcN1pEbz1vDb9MpyLFSg
lh4.googleusercontent.com/
1 MB
1 MB
Image
General
Full URL
https://lh4.googleusercontent.com/xcBY3tjOxcwnbp-eokCkYt1Oe4Q_jEI-qpwDbMygupmskB8n5b-jkXeUlXkOxIQgfu1mfQ2DkyIvgg1Qi_Sg8StVbgljHElt11BH_vsgmwMUPJ8MwKyuG3gYo2WAs8FpaSAYcN1pEbz1vDb9MpyLFSg
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8648fa7168a06eae7924aec17ab0e0cedbc8b30b65be4811f4fcafac981d3b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1470509
x-xss-protection
0
expires
Sat, 23 Mar 2024 12:52:06 GMT
C_xPvgNxiN0H7Sozoufjx3-lLwKHSTb1zk-XD7GKKCzSA5h_0Hc3KuPVni92O4CMf8h4v0ebsAbVcfGPUoRA905fS3Rn6wVX-ocacNArjGTCFJtFBTqYg6WkONw61YE8szUuJZAxlQE2q-HbWEkW67I
lh4.googleusercontent.com/
1 MB
1 MB
Image
General
Full URL
https://lh4.googleusercontent.com/C_xPvgNxiN0H7Sozoufjx3-lLwKHSTb1zk-XD7GKKCzSA5h_0Hc3KuPVni92O4CMf8h4v0ebsAbVcfGPUoRA905fS3Rn6wVX-ocacNArjGTCFJtFBTqYg6WkONw61YE8szUuJZAxlQE2q-HbWEkW67I
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8b4999d17b05f58c37226985c1e955ee337c6615a3ba1713f43aa3498a481b1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1051960
x-xss-protection
0
expires
Sat, 23 Mar 2024 12:52:06 GMT
8o8vDgihJrf7ptfq3Hp0Reyvvc7RKvmFXqMABEl-jgARaF4v4S4vslHaF97802m77trJlgI7XEm6GmlgkI2ltE_om_-nW2y0R24XCCeHvopYuBDsQN9VMc7YKHmq0gvSa09rNm5inGpodxNQFAJlFWU
lh5.googleusercontent.com/
213 KB
213 KB
Image
General
Full URL
https://lh5.googleusercontent.com/8o8vDgihJrf7ptfq3Hp0Reyvvc7RKvmFXqMABEl-jgARaF4v4S4vslHaF97802m77trJlgI7XEm6GmlgkI2ltE_om_-nW2y0R24XCCeHvopYuBDsQN9VMc7YKHmq0gvSa09rNm5inGpodxNQFAJlFWU
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1be0e169845ccd34d97e9c0c631fb66610b74e3dab9b566a173ce7dd8f1be74b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217724
x-xss-protection
0
expires
Sat, 23 Mar 2024 12:52:06 GMT
AvUPazbtCBuX42YspyD6ZyzhMaM03xyF0vFJy4C60JgTAMYwy70gTxnLuUsRCv2GW8pIBRD8uzaHl-iWYi1plfur6g4zsxXFyUeNL91wV3P7G9f3gc0PQxmijfeuyO2JM_FzTcUuH4LCcWBFr3sVt5w
lh5.googleusercontent.com/
968 KB
968 KB
Image
General
Full URL
https://lh5.googleusercontent.com/AvUPazbtCBuX42YspyD6ZyzhMaM03xyF0vFJy4C60JgTAMYwy70gTxnLuUsRCv2GW8pIBRD8uzaHl-iWYi1plfur6g4zsxXFyUeNL91wV3P7G9f3gc0PQxmijfeuyO2JM_FzTcUuH4LCcWBFr3sVt5w
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3ec3cd53d864fa9af66ded24599d526f2744375b307e5caacadff674a319d080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
991707
x-xss-protection
0
expires
Sat, 23 Mar 2024 12:52:06 GMT
_dmca_premi_badge_2.png
images.dmca.com/Badges/
12 KB
13 KB
Image
General
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_2.png?ID=31689690-855b-436a-bd6d-43cd106d33a2
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 / ASP.NET
Resource Hash
f58b4cb82acb74917de696ea68a5bd74155a1afbd735da15f0bcb58a1f290bd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
cdn-edgestorageid
1082
x-powered-by
ASP.NET
cdn-cachedat
09/12/2023 22:47:48
cdn-pullzone
1574055
content-length
12609
last-modified
Wed, 01 Jun 2011 18:28:21 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"7596c6af8920cc1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
76665f9ddb66d2930e5ae9eb56009082
accept-ranges
bytes
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
live1.gif
6686.live/image/
1 KB
2 KB
Image
General
Full URL
https://6686.live/image/live1.gif
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2612b164859def1da079a1574ff4d0126fd15d3e4833bfd4a9c51d6549b1f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212020
alt-svc
h3=":443"; ma=86400
content-length
1434
last-modified
Mon, 11 Sep 2023 10:09:18 GMT
server
cloudflare
etag
"64fee74e-59a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fjegk3WXwIa%2FxbW0jbjIh%2FaIr5S%2FnqJ%2B8RdXUS%2F9iPRHffGj3BYJlU8XVJ%2Br3%2Fj2ppeggB3c85SFu86OIEtGYa0hcKVbR25JCvyMhM8BBjy6kcCMwXZc6om%2FyR9fCSznPd7qJI4hJUo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
86865123e88c9300-CPH
expires
Sun, 07 Apr 2024 12:10:49 GMT
hot.gif
6686.live/image/
3 KB
4 KB
Image
General
Full URL
https://6686.live/image/hot.gif
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45ca0bbb73b847469e49f17527be06bd55cc8d84ec11cc7f9699f24e672cf75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1214575
alt-svc
h3=":443"; ma=86400
content-length
3267
last-modified
Mon, 11 Sep 2023 08:57:46 GMT
server
cloudflare
etag
"64fed68a-cc3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z496RvhXaNaNMsRll0q%2B7D%2BltNsgDz6FMEPJiMVdnB4MHepjD47ClSzNyjuW6KNQgwYRQjGjNe54nZ0zzzv4xE8rBCX7iNzuHvjLVC%2Fek8szsQMcKRDmuxqOPTC5IhjKwxAPmaeTbP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
86865123e88d9300-CPH
expires
Sun, 07 Apr 2024 11:28:14 GMT
hnay.png
6686.live/image/
472 B
833 B
Image
General
Full URL
https://6686.live/image/hnay.png
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f668515b692dc275e57887e07fd00b5d480ebfb84f4b397079a96fc94551ff25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1211479
alt-svc
h3=":443"; ma=86400
content-length
472
last-modified
Mon, 11 Sep 2023 07:11:24 GMT
server
cloudflare
etag
"64febd9c-1d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B4bLwu9VKpHGBxc1FF6uUn4EaGJKQcrWVCD%2B8Ixxudp0akJOR2k%2FRQ%2Fqqs3wFWOSiojgZmnyNlWyD9skh5asgByYvuI4llQIFqHXvlFJIeuB9M83L%2FbQUZG9ZkY92mWjJwAvaN3I%2F3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
86865123e8909300-CPH
expires
Sun, 07 Apr 2024 12:19:51 GMT
ngaymai.png
6686.live/image/
436 B
761 B
Image
General
Full URL
https://6686.live/image/ngaymai.png
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e10b3ba204d0373ca5d47cb84b20651a0c28d7619348990b343f57bce1a11ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1218830
alt-svc
h3=":443"; ma=86400
content-length
436
last-modified
Mon, 11 Sep 2023 07:11:24 GMT
server
cloudflare
etag
"64febd9c-1b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rmZOfgpgMvEohBwHgPwhYaD5Vrn%2Fw6jtjX7fbc6KnbhnTcU2eImTzDTeMcieOrDtnknVYPkWIq7kAGYh5Gc0GgxE4vlP0nwpKMEt1A%2BcpN5O9qvbHujpD8aBN56GDiFq%2F%2FBxIZ6kCyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
86865123e8929300-CPH
expires
Sun, 07 Apr 2024 10:17:19 GMT
email-decode.min.js
crystl.finance/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://crystl.finance/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3cdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 10:35:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65fc0d6b-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2F4XppBWYizAqOLLXcYEr0ALlEL1FrauxTpEHtR9kkkSjVUMM7v%2BcaWtU84aicoQuXUxPsHckZgUCxrg383aqBfyQcLqTQwRHwLadmUPDWUMKeSCgdYq%2FyUQ59t8x1taQ0MDGP91uqxGi75IOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
868651237aca9307-CPH
expires
Sun, 24 Mar 2024 12:52:06 GMT
js
www.googletagmanager.com/gtag/
290 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V8GXMSME5N
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75cb06d7cca901e37aa7001497948b5ff780236071138dadc3a83beadb828925
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99198
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 12:52:06 GMT
javascript.js
6686.live/themes/site/
0
0
Script
General
Full URL
https://6686.live/themes/site/javascript.js?r=220324085205
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

js
www.googletagmanager.com/gtag/
290 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MQ8NHN0YCN
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
528011058631fc3dec501ab42edebc7bf7fa5e7f2f03665861dcd907568d5c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 12:52:06 GMT
logo.png
crystl.finance/public//
55 KB
55 KB
Image
General
Full URL
https://crystl.finance/public//logo.png?verssd3x=1711111925
Requested by
Host: crystl.finance
URL: https://crystl.finance/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3cdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b493cea040e4b29048c257d2a2b4c60345c3128fdd930c6f672f7527dd6d977

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
content-length
56127
last-modified
Thu, 22 Feb 2024 12:39:09 GMT
server
cloudflare
etag
"65d7406d-db3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OriUNdEsDunPGFmXoE1VmVgQOcqaBMsg8hT%2BnrBNRU1U0%2Buit8V99RDSCu52KjqKmW0NlL0wV2D8O1lJVhnxPpJX7dK7xArFV1UMCwQuIG6113LMMdMYhDsJx00n7xNJJga%2BDszFK7gSjD4vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
86865123ebb29307-CPH
expires
Sun, 21 Apr 2024 12:52:05 GMT
fa-solid-900.woff2
crystl.finance/theleague/wp-content/themes/the-league/font-awesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://crystl.finance/theleague/wp-content/themes/the-league/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: crystl.finance
URL: https://crystl.finance/theleague/wp-content/themes/the-league/font-awesome/css/all6a4d.css?verssd3x=1711111925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3cdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://crystl.finance/theleague/wp-content/themes/the-league/font-awesome/css/all6a4d.css?verssd3x=1711111925
Origin
https://crystl.finance
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:07 GMT
cf-cache-status
MISS
last-modified
Wed, 08 Feb 2023 00:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63e2f374-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xI4VrTViyhFTikHpje1NWzrGYDQyqiEi%2FZgcn%2FDlgBrhu4TJ%2FSj8eed79%2BLeqxL%2FIYxfDJE1MzceEAlh5EMdZ8m77Jaejf1SVlzGzbbvZSofDocj%2FCwr722WFHIfCFLGkZmriagE0Fju2UC1nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86865123fbbb9307-CPH
alt-svc
h3=":443"; ma=86400
content-length
78268
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-V8GXMSME5N&gtm=45je43k0v9158390050za200&_p=1711111926375&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=865761800.1711111927&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711111926&sct=1&seg=0&dl=https%3A%2F%2Fcrystl.finance%2F&dt=K%C3%AAnh%20xem%20tr%E1%BB%B1c%20ti%E1%BA%BFp%20NBA%2C%20b%C3%B3ng%20r%E1%BB%95%20NBA%20Full%20HD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V8GXMSME5N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 12:52:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crystl.finance
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
290 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MQ8NHN0YCN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V8GXMSME5N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a5c3fcf19c4837e5ec873dc5a9ec0115f889f3e3a79e9be132b1f7068c62a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 12:52:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99194
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 12:52:21 GMT
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MQ8NHN0YCN&gtm=45je43k0v9167900589za200&_p=1711111926375&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=865761800.1711111927&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711111941&sct=1&seg=0&dl=https%3A%2F%2Fcrystl.finance%2F&dt=K%C3%AAnh%20xem%20tr%E1%BB%B1c%20ti%E1%BA%BFp%20NBA%2C%20b%C3%B3ng%20r%E1%BB%95%20NBA%20Full%20HD&en=page_view&_fv=1&_ss=1&_ee=1&tfd=17296
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MQ8NHN0YCN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crystl.finance/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 12:52:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crystl.finance
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $ function| jQuery function| gtag object| dataLayer string| ref_domain string| domain string| api_domain string| api_method object| apiListUrl object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| calltool

4 Cookies

Domain/Path Name / Value
crystl.finance/ Name: ci_session
Value: h750rl670r4tjeakpi83hicrdomkti13
.crystl.finance/ Name: _ga_V8GXMSME5N
Value: GS1.1.1711111926.1.0.1711111926.0.0.0
.crystl.finance/ Name: _ga
Value: GA1.1.865761800.1711111927
.crystl.finance/ Name: _ga_MQ8NHN0YCN
Value: GS1.1.1711111941.1.0.1711111941.0.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://6686.live/themes/css/public_.css?verssd3x=1711111925
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://6686.live/themes/site/javascript.js?r=220324085205
Message:
Failed to load resource: the server responded with a status of 522 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6686.live
crystl.finance
images.dmca.com
lh4.googleusercontent.com
lh5.googleusercontent.com
media.tenor.com
region1.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2400:52e0:1e00::1082:1
2606:4700:3036::6815:3cdf
2606:4700:3036::ac43:9975
2a00:1450:4001:80f::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:830::2008
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
1a5c3fcf19c4837e5ec873dc5a9ec0115f889f3e3a79e9be132b1f7068c62a68
1be0e169845ccd34d97e9c0c631fb66610b74e3dab9b566a173ce7dd8f1be74b
1e10b3ba204d0373ca5d47cb84b20651a0c28d7619348990b343f57bce1a11ad
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c071c3fd731dadf9c767d5cfacd80864439324bde3bd33d10cdf8335d8c9821
3ec3cd53d864fa9af66ded24599d526f2744375b307e5caacadff674a319d080
528011058631fc3dec501ab42edebc7bf7fa5e7f2f03665861dcd907568d5c5c
5af6b4953a2e9e2cad3b5dcd50c5fdab30866858b119af718ab71f74846057e9
6b493cea040e4b29048c257d2a2b4c60345c3128fdd930c6f672f7527dd6d977
72b3c9506f6906b9895dd5096aa326bb519488eb9e3791f6407bd41d76d64dc2
75cb06d7cca901e37aa7001497948b5ff780236071138dadc3a83beadb828925
7c2612b164859def1da079a1574ff4d0126fd15d3e4833bfd4a9c51d6549b1f1
8648fa7168a06eae7924aec17ab0e0cedbc8b30b65be4811f4fcafac981d3b7e
8b4999d17b05f58c37226985c1e955ee337c6615a3ba1713f43aa3498a481b1d
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
c0294d44a60e70ff31279dc81c6a115a91abf80c645ae9268a371c3982bc0e47
c45ca0bbb73b847469e49f17527be06bd55cc8d84ec11cc7f9699f24e672cf75
c8c3e552728f024379a9ab42df6efee6410cfd8efe42d611f4971b360e65ef18
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f58b4cb82acb74917de696ea68a5bd74155a1afbd735da15f0bcb58a1f290bd4
f668515b692dc275e57887e07fd00b5d480ebfb84f4b397079a96fc94551ff25
f78313a49cf78ef5b04d629b5e4e84bc5947602724124558dcb962ef9206bd8b