www.crooks.finance Open in urlscan Pro
35.71.142.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://crooks.finance/
Effective URL:
https://www.crooks.finance/
Submission: On December 16 via api (December 16th 2024, 2:01:04 pm UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 32 HTTP transactions. The main IP is 35.71.142.77, located in United States and belongs to AMAZON-02, US. The main domain is www.crooks.finance.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on December 10th 2024. Valid for: 3 months.

This is the only time www.crooks.finance was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	31.43.160.6 31.43.160.6	16509 (AMAZON-02) (AMAZON-02)
1	35.71.142.77 35.71.142.77	16509 (AMAZON-02) (AMAZON-02)
23	2600:9000:272... 2600:9000:2724:6200:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.20 13.32.99.20	16509 (AMAZON-02) (AMAZON-02)
6	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
4 4	2600:9000:235... 2600:9000:235a:e600:10:9b9d:b9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
32	4

1 31.43.160.6 (Ukraine) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: sites.framer.app

crooks.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.142.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com

www.crooks.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:2724:6200:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-20.fra60.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:235a:e600:10:9b9d:b9c0:93a1 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 25787	558 KB
6	gstatic.com fonts.gstatic.com	139 KB
6	framer.com 4 redirects events.framer.com — Cisco Umbrella Rank: 40059 framer.com — Cisco Umbrella Rank: 36284	10 KB
2	crooks.finance 1 redirects crooks.finance www.crooks.finance	28 KB
32	4

	Domain	Requested by
23	framerusercontent.com	www.crooks.finance
6	fonts.gstatic.com	www.crooks.finance
4	framer.com	4 redirects
2	events.framer.com	www.crooks.finance events.framer.com
1	www.crooks.finance
1	crooks.finance	1 redirects
32	6

This site contains links to these domains. Also see Links.

Domain
app.crooks.finance
discord.com
app.ebisusbay.com
papparico.finance
crazzzymonsters.com
bob-adventures.netlify.app
www.papacro.com
puppetzcoin.com
cronoscan.com
ebisusbay.com
x.com
instagram.com
t.me

Subject Issuer	Validity	Valid
www.crooks.finance ZeroSSL ECC Domain Secure Site CA	`2024-12-10` - `2025-03-10`	3 months	crt.sh
framerusercontent.com Amazon RSA 2048 M03	`2024-11-16` - `2025-12-14`	a year	crt.sh
events.framer.com Amazon RSA 2048 M03	`2024-04-09` - `2025-05-07`	a year	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.crooks.finance/
Frame ID: BC556D0A570DCDB16AB3F450DAD54E67
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crooks Finance

Page URL History Show full URLs

http://crooks.finance/ HTTP 307
https://crooks.finance/ HTTP 308
https://www.crooks.finance/ Page URL

Page Statistics

32
Requests

88 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

731 kB
Transfer

1897 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://app.crooks.finance/
Title: DAPP

Search URL Search Domain Scan URL

URL: https://discord.com/invite/crooksfinance
Title: DISCORD

Search URL Search Domain Scan URL

URL: https://app.crooks.finance/staking
Title: Go now

Search URL Search Domain Scan URL

URL: https://app.crooks.finance/rankarena
Title: Go now

Search URL Search Domain Scan URL

URL: https://app.ebisusbay.com/collection/cronos/crooks-legends?chain=cronos
Title: Go now

Search URL Search Domain Scan URL

URL: https://papparico.finance/home
Title: Go now

Search URL Search Domain Scan URL

URL: https://crazzzymonsters.com/
Title: Go now

Search URL Search Domain Scan URL

URL: https://bob-adventures.netlify.app/
Title: Go now

Search URL Search Domain Scan URL

URL: https://www.papacro.com/
Title: Go now

Search URL Search Domain Scan URL

URL: https://puppetzcoin.com/
Title: Go now

Search URL Search Domain Scan URL

URL: https://cronoscan.com/address/0xb08ec065e3e64f38ec826f6a019c83b457554e1b
Title: 0xb08EC065E3E64F38EC826F6A019C83b457554E1B

Search URL Search Domain Scan URL

URL: https://cronoscan.com/address/0x1B95F8F67639BBc3153e6D277070518ff122c421
Title: 0x1B95F8F67639BBc3153e6D277070518ff122c421

Search URL Search Domain Scan URL

URL: https://cronoscan.com/address/0xc9e142718d86ff8074356ab5f36572860e69a052
Title: 0xC9E142718d86Ff8074356aB5f36572860e69a052

Search URL Search Domain Scan URL

URL: https://cronoscan.com/address/0xD72a9b8F66cD83C84DbD73ff2eA5682430A9cCe4
Title: 0xD72a9b8F66cD83C84DbD73ff2eA5682430A9cCe4

Search URL Search Domain Scan URL

URL: https://ebisusbay.com/swap
Title: BUY

Search URL Search Domain Scan URL

URL: https://x.com/crooksfinance

Search URL Search Domain Scan URL

URL: https://instagram.com/

Search URL Search Domain Scan URL

URL: https://t.me/crookstoken

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://crooks.finance/ HTTP 307
https://crooks.finance/ HTTP 308
https://www.crooks.finance/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://framer.com/m/material-icons/Twitter.js@0.0.32 HTTP 302
https://framerusercontent.com/modules/vI2sh8u7pRDewOc5b0vq/udkfnLgjXVlIc2Pxig65/Twitter.js

Request Chain 28

https://framer.com/m/material-icons/Instagram.js@0.0.32 HTTP 302
https://framerusercontent.com/modules/QUfcXR1WTIdnnjrIxmbL/rqsB4kePLDrU9HtVzww0/Instagram.js

Request Chain 29

https://framer.com/m/material-icons/Telegram.js@0.0.32 HTTP 302
https://framerusercontent.com/modules/a0k1dNYjxOXNtBfFg737/LT3YcBtDT3RvaUbdADsv/Telegram.js

Request Chain 30

https://framer.com/m/material-icons/Mail.js@0.0.32 HTTP 302
https://framerusercontent.com/modules/1Fgfuxg0FtbrRXZICIRi/0z5FyTtDNqJ5fYFET3jF/Mail.js

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.crooks.finance/
Redirect Chain

http://crooks.finance/
https://crooks.finance/
https://www.crooks.finance/

485 KB
28 KB

371ms
262ms

Document
text/html

35.71.142.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.71.142.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0b1d980e1f2226c6.awsglobalaccelerator.com

Software

Framer/e32c09d /

Resource Hash

1c5a61c684a847f44c1f186fcc791f6e7ce7b1f4bf6197a174d2cd1420ce72b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 28143
content-type: text/html
date: Mon, 16 Dec 2024 14:00:58 GMT
etag: "b5dbd2bbdbbfbe959fb3bb1b710ff632"
last-modified: Tue, 10 Dec 2024 20:41:59 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server: Framer/e32c09d
server-timing: region;desc="eu-west-1", cache;desc="not-cached", ssg-status;desc="optimized", version;desc="e32c09d"
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-length: 63
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:00:57 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
location: https://www.crooks.finance/
server: Framer/e32c09d
strict-transport-security: max-age=31536000

GET
H2 200 chunk-Q7XWSLKP.mjs Show response
framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/ 660 KB
188 KB 536ms
521ms Script
text/javascript 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/chunk-Q7XWSLKP.mjs

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

824d8ff081574462fd29cfbe2a8a48a019ecacd6564db803bd6d863186a81227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"3b47a4297c09427a3b082a33aaa7ae89"
x-amz-version-id: LGsVpbY7gX7U_W5gnKyNhxIzuAJbcrd_
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: skNvNLG4ioVZrUz6nVkdzmXph-EPhUe7cm8yj-hTlFnCjLrFSjXAkg==
date: Mon, 16 Dec 2024 14:01:00 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 20:41:57 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=273,cdn-upstream-fbl;dur=489,cdn-cache-miss,cdn-pop;desc="FRA56-P12",cdn-rid;desc="skNvNLG4ioVZrUz6nVkdzmXph-EPhUe7cm8yj-hTlFnCjLrFSjXAkg==",cdn-downstream-fbl;dur=510
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-JR5VT52U.mjs Show response
framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/ 1 KB
2 KB 454ms
439ms Script
text/javascript 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/chunk-JR5VT52U.mjs

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8b91ee4af78a9558d2bbbc889b190d7c47647405fabc8ae5be1c014d6c938228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"8dc2caa5dfa40c0964a44a081b0b17d9"
x-amz-version-id: QWAO.OVltO55sb.Duh3JkJE_N6QJ1LRf
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 9v2amC1x20BMzaRbRc4GRirAE2f1KVqMrcQn9eddfBBV8pOwY_kiUQ==
date: Mon, 16 Dec 2024 14:01:00 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 20:41:57 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=273,cdn-upstream-fbl;dur=415,cdn-cache-miss,cdn-pop;desc="FRA56-P12",cdn-rid;desc="9v2amC1x20BMzaRbRc4GRirAE2f1KVqMrcQn9eddfBBV8pOwY_kiUQ==",cdn-downstream-fbl;dur=431
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-RIUMFBNJ.mjs Show response
framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/ 447 B
1 KB 478ms
471ms Script
text/javascript 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/chunk-RIUMFBNJ.mjs

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

access-control-max-age: 0
etag: "30ed32fa3444df726bb60d89113cf478"
x-amz-version-id: 5Z3kjeXsadwZqV_5LZFndj9ZVkKDGHGy
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: KvDCsFb8lvYYhp8-x5KjBy6sEhkGwpyX4Mm7E9qvpQ63fTq8hUpXJQ==
date: Mon, 16 Dec 2024 14:01:00 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 20:41:57 GMT
vary: Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=274,cdn-upstream-fbl;dur=438,cdn-cache-miss,cdn-pop;desc="FRA56-P12",cdn-rid;desc="KvDCsFb8lvYYhp8-x5KjBy6sEhkGwpyX4Mm7E9qvpQ63fTq8hUpXJQ==",cdn-downstream-fbl;dur=463
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 447
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 sA2NPFkZdioUZouHZ672V9cRe1_TEWp4AtZ5QhMKPgY.LDL6YSID.mjs Show response
framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/ 227 KB
33 KB 570ms
564ms Script
text/javascript 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/sA2NPFkZdioUZouHZ672V9cRe1_TEWp4AtZ5QhMKPgY.LDL6YSID.mjs

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

491c71156ce8c3768ca6ac5148e445fdee3649bc771729b02ef2a9037fcc4cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"6d8a9572ceb44a41b550aa5149984305"
x-amz-version-id: 3rNp.FhwN0K1NsDMAtuGNDbb2C6iXddN
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 1Olkg6RK9NLust-xvgiL5KIuvLigfX8z1s1EpMt0jzaEH9DI9RTo9Q==
date: Mon, 16 Dec 2024 14:01:00 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 20:41:57 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=299,cdn-upstream-fbl;dur=482,cdn-cache-miss,cdn-pop;desc="FRA56-P12",cdn-rid;desc="1Olkg6RK9NLust-xvgiL5KIuvLigfX8z1s1EpMt0jzaEH9DI9RTo9Q==",cdn-downstream-fbl;dur=556
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-MFP32PLF.mjs Show response
framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/ 1000 B
1 KB 465ms
459ms Script
text/javascript 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/chunk-MFP32PLF.mjs

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f49b6c752070635c6230757b380e63a764aaaa5370a17a4a2a56977114f1c578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"430b4058c96823c9f9eab63b442569bf"
x-amz-version-id: 5r.D8b8lwslzcXLF2TsB69KmkhIx_O9G
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: -JW7On5btjW5UJHn4kYCUJQz-wZq9Ufrh2Osea7APvjJbEkETXjfgA==
date: Mon, 16 Dec 2024 14:01:00 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 20:41:57 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=275,cdn-upstream-fbl;dur=422,cdn-cache-miss,cdn-pop;desc="FRA56-P12",cdn-rid;desc="-JW7On5btjW5UJHn4kYCUJQz-wZq9Ufrh2Osea7APvjJbEkETXjfgA==",cdn-downstream-fbl;dur=450
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-6THHSXCK.mjs Show response
framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/ 369 B
1 KB 444ms
437ms Script
text/javascript 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/chunk-6THHSXCK.mjs

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

78c006c494251254cea0a6291998c1ab5a33c095a57192fb6b7fdf9dc3900778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

access-control-max-age: 0
etag: "bdd67b69d0e026fc307ee7ff755c7ba1"
x-amz-version-id: 6LGMkRRZiIkZMRpZCVdy91IE9pJuTQuV
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 44ZD4sFhTB8sc1E5XbrndnF8_aZIZlvYhcGgzvLoB7epxFM4cAAwSQ==
date: Mon, 16 Dec 2024 14:01:00 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 20:41:57 GMT
vary: Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=272,cdn-upstream-fbl;dur=408,cdn-cache-miss,cdn-pop;desc="FRA56-P12",cdn-rid;desc="44ZD4sFhTB8sc1E5XbrndnF8_aZIZlvYhcGgzvLoB7epxFM4cAAwSQ==",cdn-downstream-fbl;dur=429
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 369
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-RAOAIVN3.mjs Show response
framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/ 65 KB
18 KB 480ms
479ms Script
text/javascript 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/chunk-RAOAIVN3.mjs

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

67eb95e4750e0efb049cc3ea525a52d2eaa17ea399f8e2f29a49bab35c778cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"799c0c29fd7c344b9ce13ac4012d368c"
x-amz-version-id: 15.sH2sZw_3AkuhK9EyoFwuW2_SDeNX8
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: WuvI0kEfc-IriOs1UX56JsdwQ0qkgFAzQJzk1i9zPNvTg0UziDYPNA==
date: Mon, 16 Dec 2024 14:01:00 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 20:41:57 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=278,cdn-upstream-fbl;dur=440,cdn-cache-miss,cdn-pop;desc="FRA56-P12",cdn-rid;desc="WuvI0kEfc-IriOs1UX56JsdwQ0qkgFAzQJzk1i9zPNvTg0UziDYPNA==",cdn-downstream-fbl;dur=472
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 script_main.2H4MEDMM.mjs Show response
framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/ 3 KB
2 KB 480ms
480ms Script
text/javascript 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Lt6NC5eLmPR7yRWEEte6A/script_main.2H4MEDMM.mjs

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

eb456829a1f12b85168ebb2060e00332d9222f1e2d39ccac088cbf18f303b0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"d084f184620f0159fbf994003f4d7b12"
x-amz-version-id: j3dszpsLDGPvhsYHYWcMT26PedGQ2_WA
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: jBD1f8z1D_Rhjr3QZUqHePjE5Nv-2Kvh0ZJjzzqzAvFIljUYWKUucQ==
date: Mon, 16 Dec 2024 14:01:00 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 20:41:57 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=277,cdn-upstream-fbl;dur=454,cdn-cache-miss,cdn-pop;desc="FRA56-P12",cdn-rid;desc="jBD1f8z1D_Rhjr3QZUqHePjE5Nv-2Kvh0ZJjzzqzAvFIljUYWKUucQ==",cdn-downstream-fbl;dur=473
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 script Show response
events.framer.com/ 18 KB
7 KB 314ms
288ms Script
text/javascript 13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.framer.com/script

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-20.fra60.r.cloudfront.net

Software

Resource Hash

89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length: 18177
timestamp: Mon, 16 Dec 2024 13:59:16 GMT
content-encoding: gzip
x-amz-apigw-id: C4zYXEXZIAMEmrA=
x-amzn-trace-id: Root=1-6760329b-14a3c8ac12449dfc47a26152
x-amzn-requestid: f09041d2-52dc-4fcd-97c3-0aadab463fc5
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 6204
x-amz-cf-id: 6oYCOA_mrmaoMSaNVMSFznE-gn1wZ8RUTczYN5Gu9FRuEjHdsrD_IA==
date: Mon, 16 Dec 2024 14:00:59 GMT
content-type: text/javascript
x-amz-cf-pop: FRA60-P3

GET
H2 200 1l26n4lZe6qxdQhJd6OyWaCR06o.png
framerusercontent.com/images/ 23 KB
24 KB 108ms
108ms Image
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/1l26n4lZe6qxdQhJd6OyWaCR06o.png?scale-down-to=512

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

20aab5ecf4dc471015adc364fd347f53ced074d9712db6df8e89fc3453945280

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "b45db71e304306c6c09bf3e9a31429ce"
age: 582363
x-content-type-options: nosniff
x-amzn-requestid: f855b1b2-ad7e-4566-8a58-7891f144f964
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: yr2ym2NejVqKyDxiuVNNV_7ACLN3XQullZsfr3ln1Bc8urMyTe0z7A==
date: Mon, 09 Dec 2024 20:14:56 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="yr2ym2NejVqKyDxiuVNNV_7ACLN3XQullZsfr3ln1Bc8urMyTe0z7A==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=100
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-67574fbf-16a91d07288edfe8446fa0a9;Sampled=1;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 dmuwiMtx6L4Y9S3TnLj06xjwRQ.png
framerusercontent.com/images/ 102 KB
103 KB 108ms
107ms Image
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/dmuwiMtx6L4Y9S3TnLj06xjwRQ.png

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d917bf3deb3c839e85e6ff339b46b2d7faf1fb04112a33c495c23bf329d7739d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "53e3440b48fd8ddb8918fc4da54091c9"
age: 588546
x-content-type-options: nosniff
x-amzn-requestid: 45e1948c-ff39-4fe5-a284-8617f5d091e8
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: XC6UkxOAUKFDb3ohR1Ifu_ZnqborsEIbxI9skn1oN6y91xyePFVzaQ==
date: Mon, 09 Dec 2024 18:31:53 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="XC6UkxOAUKFDb3ohR1Ifu_ZnqborsEIbxI9skn1oN6y91xyePFVzaQ==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=100
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-67573798-7d41ce034d8f9bcd3bcee78d;Sampled=1;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 GW0ND37mFqmZem0iAqCVkhFO8c.jpeg
framerusercontent.com/images/ 8 KB
9 KB 425ms
424ms Image
image/jpeg 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/GW0ND37mFqmZem0iAqCVkhFO8c.jpeg

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

baa452093def1d75af594500cf25ab04c527a2e836112bc02d4934ac5e6ea716

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "fba1b101e9eada4ceed01d64244fc80a"
x-content-type-options: nosniff
x-amzn-requestid: 1581d4f2-68a0-4a19-a55e-10b8dcbd8f24
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: ieLbfr0dijUag4fTNgjltMDc8ir6ZzvHC9IZibtBdQnWFA7T4zS5aQ==
date: Mon, 16 Dec 2024 14:00:59 GMT
content-type: image/jpeg
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-upstream-layer;desc="Origin Shield",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=130,cdn-cache-miss,cdn-pop;desc="FRA56-P12",cdn-rid;desc="ieLbfr0dijUag4fTNgjltMDc8ir6ZzvHC9IZibtBdQnWFA7T4zS5aQ==",cdn-downstream-fbl;dur=417
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6760329b-1bab43e66e895de30ee08aca;Parent=4becb883161d9076;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 Hphn9jx9AIVCOxpKAyPu5UeH9Y.png
framerusercontent.com/images/ 7 KB
8 KB 120ms
119ms Image
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Hphn9jx9AIVCOxpKAyPu5UeH9Y.png

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dca464489e032d3ed999a9c9951e6ff1ca7a8eed132876425c7594619b7a9b78

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "c42547e33d280ead99f4d7199737b9c0"
age: 579792
x-content-type-options: nosniff
x-amzn-requestid: f040b5c9-9f03-4df3-a841-aab5932567a3
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: XO2E0XbSRT_x6VnfoY_VLr3kzSPsYuPZ4agyy2bj2V6o440DOwiEDw==
date: Mon, 09 Dec 2024 20:57:47 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="XO2E0XbSRT_x6VnfoY_VLr3kzSPsYuPZ4agyy2bj2V6o440DOwiEDw==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=101
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-675759c9-7e0a5daa697d06386a85f306;Parent=3a31e3720661a48f;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 uI31Ed4b4kKySGU2Bap5yHV3SPo.jpg
framerusercontent.com/images/ 29 KB
30 KB 122ms
122ms Image
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/uI31Ed4b4kKySGU2Bap5yHV3SPo.jpg

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

725c9eb81d6ac9c37148991bdb481c737589ea94e1abcfd4754d5ef6b40a8898

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "2604fd5741cbf1742951350966dc66c3"
age: 579793
x-content-type-options: nosniff
x-amzn-requestid: 827f85e2-c3dd-49ce-9f1d-1ca400d48e89
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: lQ0K19ttnULLfoZnkcUwSNBpLKGGUDmrRmaGhBbXs6hbnbNvVGy6JA==
date: Mon, 09 Dec 2024 20:57:46 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="lQ0K19ttnULLfoZnkcUwSNBpLKGGUDmrRmaGhBbXs6hbnbNvVGy6JA==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=103
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-675759c9-6e454f2d6f953dd902d247c6;Parent=7b6a990d6d0e3d57;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 PEuTqY6CwVwKEHDdqwMrdMDidOY.png
framerusercontent.com/images/ 21 KB
22 KB 121ms
121ms Image
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PEuTqY6CwVwKEHDdqwMrdMDidOY.png

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7a65e54884044693a5a91e0c7d9d8f94b2423a4b01d29eeddeeeafd54c59353d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "95e357d23b4da6d7c765cacb61c42217"
age: 579918
x-content-type-options: nosniff
x-amzn-requestid: 06336a70-8060-4963-8d9a-cecbbd49345a
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: BJsxA-0DT-SZXQTqamhb7zfqCmircKP6chqBHniIZYTlWdLosNXyWQ==
date: Mon, 09 Dec 2024 20:55:41 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="BJsxA-0DT-SZXQTqamhb7zfqCmircKP6chqBHniIZYTlWdLosNXyWQ==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=101
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6757594d-31b5aabf7e5cc2642b28a678;Parent=5af2d936f571c5bb;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 2NR9OAK07d3Zc6VUiwjH4FMYg6k.webp
framerusercontent.com/images/ 11 KB
12 KB 125ms
125ms Image
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2NR9OAK07d3Zc6VUiwjH4FMYg6k.webp

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bbe20117e8d1be4492f8fde0c6c97caf13f17e2b8f43ca9d0ea125d357658a27

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "76487a41d14467e53f61e8e1ed2c8011"
age: 579769
x-content-type-options: nosniff
x-amzn-requestid: 5dbad13a-5937-4a0b-a561-2c72ecb5d4c7
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: TQxBZFJJWjEtur3F11mmnt_BmmGaLraxm7epXAFae-03ALL6CTbFaA==
date: Mon, 09 Dec 2024 20:58:10 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="TQxBZFJJWjEtur3F11mmnt_BmmGaLraxm7epXAFae-03ALL6CTbFaA==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=104
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-675759e1-65cfbe607f175e665fb67935;Parent=27ab6fce0f1cde2d;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 wMJSlxbCnK2Gf9sDJkOYwLat9g.png
framerusercontent.com/images/ 45 KB
46 KB 123ms
123ms Image
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wMJSlxbCnK2Gf9sDJkOYwLat9g.png?scale-down-to=512

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

840d61e90aff05128276755af001f0f4882582ec4e680abf57a07886bca59c3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "61146218578ac1482ecd20eeb2693f5d"
age: 71156
x-content-type-options: nosniff
x-amzn-requestid: f1f51c88-b30f-4e75-85c4-417b74fb07aa
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: -YTMlj9_cXJsEte8tve0LddZiuT_jEmrCN6YZ5t_qra9TidB6x2ynw==
date: Sun, 15 Dec 2024 18:15:03 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="-YTMlj9_cXJsEte8tve0LddZiuT_jEmrCN6YZ5t_qra9TidB6x2ynw==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=103
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-675f1ca6-7331cfe178cabb6402a2aac7;Sampled=1;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 Q4N7m4TeZUEXCZjmwktabaBmL5A.png
framerusercontent.com/images/ 3 KB
4 KB 11ms
11ms Image
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Q4N7m4TeZUEXCZjmwktabaBmL5A.png

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d7fb2c423bfb3e08ac55ec8f706caecfd65afbe92dac18aceec97454b19d9967

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "c8d2d107b9e8743546610e7653f4f57a"
age: 2323087
x-content-type-options: nosniff
x-amzn-requestid: 9b6f2f11-9764-4104-ad45-ae37a424fad4
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: FYe7HV5e9aiQhVsgemh0Ru7Sl1btltafcs2H8c9mL9ffUJu7tFA0ug==
date: Tue, 19 Nov 2024 16:42:52 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="FYe7HV5e9aiQhVsgemh0Ru7Sl1btltafcs2H8c9mL9ffUJu7tFA0ug==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-673cc00c-61b5e8d90ea80a8c6581fdc9;Parent=3d13f2d35bffd2d6;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 5EdeIXH3rmxUNFt9DG6r2H4NKE.png
framerusercontent.com/images/ 3 KB
4 KB 13ms
13ms Image
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/5EdeIXH3rmxUNFt9DG6r2H4NKE.png

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0cde3b15553b91a1f260d473d3ca38d4ef45a9b39fcf5ac9b169a5ae811b6131

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "e195bee2e8dfd69730c9c12904bfbb0f"
age: 2323087
x-content-type-options: nosniff
x-amzn-requestid: 3c1aaaf4-0aa4-4b73-8fc1-975dbb5a0037
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: rzHhY7FYLkmyaHNfvLZOUmp0wOapdkk2i73Q7TM_Nbtnm5BN9atxFA==
date: Tue, 19 Nov 2024 16:42:52 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="rzHhY7FYLkmyaHNfvLZOUmp0wOapdkk2i73Q7TM_Nbtnm5BN9atxFA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-673cc00c-605f6ba270fc62fb0a3ee381;Parent=709aacd39b323e83;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H3 200 QGYvz_MVcBeNP4NJtEtq.woff2
fonts.gstatic.com/s/outfit/v11/ 32 KB
32 KB 62ms
27ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/outfit/v11/QGYvz_MVcBeNP4NJtEtq.woff2

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

age: 459793
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 06:17:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 06:17:46 GMT
last-modified: Wed, 26 Apr 2023 23:30:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32272
x-xss-protection: 0
server: sffe

GET
H3 200 UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuFuYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ 24 KB
24 KB 72ms
37ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuFuYAZ9hiA.woff2

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

aac638f7503cebb084ec494cf00f75f7d8260d50c2f4e7820bccabba09626a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

age: 540370
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 07:54:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 07:54:49 GMT
last-modified: Mon, 29 Jul 2024 22:45:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24352
x-xss-protection: 0
server: sffe

GET
H3 200 RWmQoKGA8fEkrIPtSZ3_J7er2dUSC0Fu.woff2
fonts.gstatic.com/s/vujahdayscript/v8/ 43 KB
43 KB 80ms
45ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vujahdayscript/v8/RWmQoKGA8fEkrIPtSZ3_J7er2dUSC0Fu.woff2

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

d7444793a495072a2c7af2ae4b92b9099174ed3f67796aca38da830edb51da23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

age: 534560
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:31:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:31:39 GMT
last-modified: Thu, 24 Aug 2023 20:36:05 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44156
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v25/ 18 KB
18 KB 88ms
53ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8.woff2

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

age: 471056
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 03:10:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 03:10:03 GMT
last-modified: Thu, 24 Aug 2023 20:21:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18796
x-xss-protection: 0
server: sffe

GET
H3 200 wlptgwvFAVdoq2_F94zlCfv0bz1WCzsWzLdneg.woff2
fonts.gstatic.com/s/lexend/v23/ 14 KB
14 KB 97ms
62ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v23/wlptgwvFAVdoq2_F94zlCfv0bz1WCzsWzLdneg.woff2

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

d24d74af3a29f481eb9fa92f89db16a6cdab3590ad10e40cbf2acb31fd353ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

age: 536469
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 08:59:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 08:59:50 GMT
last-modified: Thu, 26 Sep 2024 23:21:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14476
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 104ms
69ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: www.crooks.finance
URL: https://www.crooks.finance/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.crooks.finance
Referer: https://www.crooks.finance/

Response headers

age: 536477
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 08:59:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 08:59:42 GMT
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

POST
H2 200 anonymous
events.framer.com/ 0
378 B 362ms
361ms Ping
application/json 13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: events.framer.com
URL: https://events.framer.com/script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.crooks.finance/

Response headers

x-amz-apigw-id: C4zYaGdWoAMEhKw=
x-amzn-trace-id: Root=1-6760329b-5a4c52421c8320650dcbb6be;Parent=09ac86262881af91;Sampled=0;Lineage=1:c457ad49:0
x-amzn-requestid: 0f2fbacf-559b-433e-ad5f-cef3d2521996
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: nRi5-bq0AFFI4tldCcyxk4qaHpQ2FfF3EUtlabVeTWgU7ALvvog3OA==
date: Mon, 16 Dec 2024 14:00:59 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P3

GET
H2 200 1l26n4lZe6qxdQhJd6OyWaCR06o.png
framerusercontent.com/images/ 45 KB
46 KB 112ms
111ms Other
image/avif 2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/images/1l26n4lZe6qxdQhJd6OyWaCR06o.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ec0cbcad5afd275f6c80808a5d38cda44b6630db864b86c70fa7e9860b838730

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.crooks.finance/

Response headers

etag: "7f465e73127917a33054bd631d71343a"
age: 582363
x-content-type-options: nosniff
x-amzn-requestid: d6b1cab4-8346-471b-bf27-ffd2068c96c8
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Z-KJblRxYh8j4nvO09PnsqO7vvi_gkLFAsv0ZdK7mtkU_2AsaGIunQ==
date: Mon, 09 Dec 2024 20:14:57 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="Z-KJblRxYh8j4nvO09PnsqO7vvi_gkLFAsv0ZdK7mtkU_2AsaGIunQ==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=103
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-67574fbf-5e1fb4e6352c52ab61269cf0;Parent=0efdd5192c77914c;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2

200

Twitter.js Show response
framerusercontent.com/modules/vI2sh8u7pRDewOc5b0vq/udkfnLgjXVlIc2Pxig65/
Redirect Chain

https://framer.com/m/material-icons/Twitter.js@0.0.32
https://framerusercontent.com/modules/vI2sh8u7pRDewOc5b0vq/udkfnLgjXVlIc2Pxig65/Twitter.js

588 B
1 KB

17ms
16ms

Script
text/javascript

2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/vI2sh8u7pRDewOc5b0vq/udkfnLgjXVlIc2Pxig65/Twitter.js

Protocol

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

17ab2d8c66b5e45eba71ba86976e9a37b39078b01840616bffd230dd350809b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://framerusercontent.com/

Response headers

access-control-expose-headers: Content-Range
age: 49901
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: q3v3ysdbO9v-DONluAjjNiVQgHuZLqmIpiS5IrV2rPQ_2yf3ziquAQ==
date: Mon, 16 Dec 2024 00:09:19 GMT
content-type: text/javascript; charset=UTF-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="q3v3ysdbO9v-DONluAjjNiVQgHuZLqmIpiS5IrV2rPQ_2yf3ziquAQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 588
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

Redirect headers

access-control-expose-headers: Content-Range
age: 2946
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: lORqtPVtjilcGynri2yXo3753PMi8I7D_kmSwwKtjgzuz0-P92LUiA==
date: Mon, 16 Dec 2024 13:11:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600
location: https://framerusercontent.com/modules/vI2sh8u7pRDewOc5b0vq/udkfnLgjXVlIc2Pxig65/Twitter.js
referrer-policy: strict-origin-when-cross-origin
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 113
x-xss-protection: 0
x-amz-cf-pop: FRA60-P9

GET
H2

200

Instagram.js Show response
framerusercontent.com/modules/QUfcXR1WTIdnnjrIxmbL/rqsB4kePLDrU9HtVzww0/
Redirect Chain

https://framer.com/m/material-icons/Instagram.js@0.0.32
https://framerusercontent.com/modules/QUfcXR1WTIdnnjrIxmbL/rqsB4kePLDrU9HtVzww0/Instagram.js

554 B
1 KB

16ms
15ms

Script
text/javascript

2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/QUfcXR1WTIdnnjrIxmbL/rqsB4kePLDrU9HtVzww0/Instagram.js

Protocol

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b1e4255f0a3ba11a95c089c87d2afc0c1c77e12aafdadf5000d45330cb8e3148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://framerusercontent.com/

Response headers

access-control-expose-headers: Content-Range
age: 294734
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: YpcIVpXwVarekFvWxUyq-V5BF4FYFqXRYDTiRt-Eg04kSVvlBpD_dA==
date: Fri, 13 Dec 2024 04:08:46 GMT
content-type: text/javascript; charset=UTF-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="YpcIVpXwVarekFvWxUyq-V5BF4FYFqXRYDTiRt-Eg04kSVvlBpD_dA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 554
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

Redirect headers

access-control-expose-headers: Content-Range
age: 609
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Wa4ngWIoVKSIPueFZOcFKMR3FAV9xabrXWPL7Z0KDIfVXRjTKt8YPA==
date: Mon, 16 Dec 2024 13:50:51 GMT
content-type: text/html; charset=utf-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600
location: https://framerusercontent.com/modules/QUfcXR1WTIdnnjrIxmbL/rqsB4kePLDrU9HtVzww0/Instagram.js
referrer-policy: strict-origin-when-cross-origin
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 115
x-xss-protection: 0
x-amz-cf-pop: FRA60-P9

GET
H2

200

Telegram.js Show response
framerusercontent.com/modules/a0k1dNYjxOXNtBfFg737/LT3YcBtDT3RvaUbdADsv/
Redirect Chain

https://framer.com/m/material-icons/Telegram.js@0.0.32
https://framerusercontent.com/modules/a0k1dNYjxOXNtBfFg737/LT3YcBtDT3RvaUbdADsv/Telegram.js

317 B
1011 B

14ms
14ms

Script
text/javascript

2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/a0k1dNYjxOXNtBfFg737/LT3YcBtDT3RvaUbdADsv/Telegram.js

Protocol

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8902cf9e06408472afa7bdee3fafc608da3fdbc170dee3120042185e1162911a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://framerusercontent.com/

Response headers

access-control-expose-headers: Content-Range
age: 370766
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: G7pnheUzVAC7Pb2nQHB-yOeTqi5zCFjkLcSCp9LVZuM9WtNUY3SUoA==
date: Thu, 12 Dec 2024 07:01:34 GMT
content-type: text/javascript; charset=UTF-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="G7pnheUzVAC7Pb2nQHB-yOeTqi5zCFjkLcSCp9LVZuM9WtNUY3SUoA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=0
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 317
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

Redirect headers

access-control-expose-headers: Content-Range
age: 214
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: gNnxZAAhkwaNbC08WdsWBEzJploZsL7DAOvDra5LnqtkXXW8Yftlnw==
date: Mon, 16 Dec 2024 13:57:26 GMT
content-type: text/html; charset=utf-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600
location: https://framerusercontent.com/modules/a0k1dNYjxOXNtBfFg737/LT3YcBtDT3RvaUbdADsv/Telegram.js
referrer-policy: strict-origin-when-cross-origin
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 114
x-xss-protection: 0
x-amz-cf-pop: FRA60-P9

GET
H2

200

Mail.js Show response
framerusercontent.com/modules/1Fgfuxg0FtbrRXZICIRi/0z5FyTtDNqJ5fYFET3jF/
Redirect Chain

https://framer.com/m/material-icons/Mail.js@0.0.32
https://framerusercontent.com/modules/1Fgfuxg0FtbrRXZICIRi/0z5FyTtDNqJ5fYFET3jF/Mail.js

211 B
903 B

15ms
15ms

Script
text/javascript

2600:9000:2724:6200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/1Fgfuxg0FtbrRXZICIRi/0z5FyTtDNqJ5fYFET3jF/Mail.js

Protocol

Server

2600:9000:2724:6200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0c01dd6e85a2090c62f7aeee09a8c72f52ab24a3cdc4d89dd8bb9503af8012bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://framerusercontent.com/

Response headers

access-control-expose-headers: Content-Range
age: 220167
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 5gTrDmwioPIAMlWN4lSjM3pOVlUKT_m_jshy1wq3X5Sk26AHcCdnng==
date: Sat, 14 Dec 2024 00:51:33 GMT
content-type: text/javascript; charset=UTF-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="5gTrDmwioPIAMlWN4lSjM3pOVlUKT_m_jshy1wq3X5Sk26AHcCdnng==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 211
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

Redirect headers

access-control-expose-headers: Content-Range
age: 420
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: pQjZNb_umZIHoUb0aMy-fY7L48lUX49NPxVbRBA3cRGMaljzKX1Kdg==
date: Mon, 16 Dec 2024 13:54:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600
location: https://framerusercontent.com/modules/1Fgfuxg0FtbrRXZICIRi/0z5FyTtDNqJ5fYFET3jF/Mail.js
referrer-policy: strict-origin-when-cross-origin
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 110
x-xss-protection: 0
x-amz-cf-pop: FRA60-P9

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crooks.finance
events.framer.com
fonts.gstatic.com
framer.com
framerusercontent.com
www.crooks.finance
13.32.99.20
142.250.186.131
2600:9000:235a:e600:10:9b9d:b9c0:93a1
2600:9000:2724:6200:d:ada1:a280:93a1
31.43.160.6
35.71.142.77
0c01dd6e85a2090c62f7aeee09a8c72f52ab24a3cdc4d89dd8bb9503af8012bd
0cde3b15553b91a1f260d473d3ca38d4ef45a9b39fcf5ac9b169a5ae811b6131
17ab2d8c66b5e45eba71ba86976e9a37b39078b01840616bffd230dd350809b6
1c5a61c684a847f44c1f186fcc791f6e7ce7b1f4bf6197a174d2cd1420ce72b6
20aab5ecf4dc471015adc364fd347f53ced074d9712db6df8e89fc3453945280
45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390
491c71156ce8c3768ca6ac5148e445fdee3649bc771729b02ef2a9037fcc4cc3
67eb95e4750e0efb049cc3ea525a52d2eaa17ea399f8e2f29a49bab35c778cd5
725c9eb81d6ac9c37148991bdb481c737589ea94e1abcfd4754d5ef6b40a8898
78c006c494251254cea0a6291998c1ab5a33c095a57192fb6b7fdf9dc3900778
7a65e54884044693a5a91e0c7d9d8f94b2423a4b01d29eeddeeeafd54c59353d
824d8ff081574462fd29cfbe2a8a48a019ecacd6564db803bd6d863186a81227
840d61e90aff05128276755af001f0f4882582ec4e680abf57a07886bca59c3a
8902cf9e06408472afa7bdee3fafc608da3fdbc170dee3120042185e1162911a
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
8b91ee4af78a9558d2bbbc889b190d7c47647405fabc8ae5be1c014d6c938228
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
aac638f7503cebb084ec494cf00f75f7d8260d50c2f4e7820bccabba09626a3a
b1e4255f0a3ba11a95c089c87d2afc0c1c77e12aafdadf5000d45330cb8e3148
baa452093def1d75af594500cf25ab04c527a2e836112bc02d4934ac5e6ea716
bbe20117e8d1be4492f8fde0c6c97caf13f17e2b8f43ca9d0ea125d357658a27
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d24d74af3a29f481eb9fa92f89db16a6cdab3590ad10e40cbf2acb31fd353ad0
d7444793a495072a2c7af2ae4b92b9099174ed3f67796aca38da830edb51da23
d7fb2c423bfb3e08ac55ec8f706caecfd65afbe92dac18aceec97454b19d9967
d917bf3deb3c839e85e6ff339b46b2d7faf1fb04112a33c495c23bf329d7739d
dca464489e032d3ed999a9c9951e6ff1ca7a8eed132876425c7594619b7a9b78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb456829a1f12b85168ebb2060e00332d9222f1e2d39ccac088cbf18f303b0aa
ec0cbcad5afd275f6c80808a5d38cda44b6630db864b86c70fa7e9860b838730
f49b6c752070635c6230757b380e63a764aaaa5370a17a4a2a56977114f1c578
f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885

www.crooks.finance Open in urlscan Pro 35.71.142.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

32 Requests

88 %HTTPS

33 %IPv6

4 Domains

6 Subdomains

4 IPs

2 Countries

731 kBTransfer

1897 kBSize

0 Cookies

18 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.crooks.finance Open in urlscan Pro
35.71.142.77 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

88 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

731 kB
Transfer

1897 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions