qltuh.crystalcraft.top Open in urlscan Pro
172.67.158.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sbo.biz/
Effective URL:
https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd21138...
Submission: On January 06 via api (January 6th 2024, 4:53:39 am UTC) from US — Scanned from SG

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 55 HTTP transactions. The main IP is 172.67.158.143, located in United States and belongs to CLOUDFLARENET, US. The main domain is qltuh.crystalcraft.top. The Cisco Umbrella rank of the primary domain is 800642.
TLS certificate: Issued by E1 on November 23rd 2023. Valid for: 3 months.

This is the only time qltuh.crystalcraft.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	34.124.136.93 34.124.136.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	64.233.170.95 64.233.170.95	15169 (GOOGLE) (GOOGLE)
1	172.253.118.97 172.253.118.97	15169 (GOOGLE) (GOOGLE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.237.62.213 104.237.62.213	18450 (WEBNX) (WEBNX)
8	74.125.130.94 74.125.130.94	15169 (GOOGLE) (GOOGLE)
1	142.251.175.113 142.251.175.113	15169 (GOOGLE) (GOOGLE)
1	8.8.4.4 8.8.4.4	15169 (GOOGLE) (GOOGLE)
1 1	172.66.40.215 172.66.40.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.150.155 172.67.150.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	172.67.158.143 172.67.158.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.194.94 172.217.194.94	() ()
55	11

17 34.124.136.93 (Singapore, Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.136.124.34.bc.googleusercontent.com

www.sbo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.213 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: api64.ipify.org

api64.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.8.4.4 (United States)

ASN15169 (GOOGLE, US)
PTR: dns.google

dns.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.40.215 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

webdatatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.150.155 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qltuh.canopusacrux.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.67.158.143 (United States)

ASN13335 (CLOUDFLARENET, US)

qltuh.crystalcraft.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.crystalcraft.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.94 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	crystalcraft.top qltuh.crystalcraft.top — Cisco Umbrella Rank: 800642 cdnstatic.crystalcraft.top — Cisco Umbrella Rank: 149697 a.crystalcraft.top Failed	86 KB
17	sbo.biz 1 redirects www.sbo.biz	26 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	161 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	82 KB
1	canopusacrux.top 1 redirects qltuh.canopusacrux.top — Cisco Umbrella Rank: 670067	741 B
1	webdatatrace.com 1 redirects webdatatrace.com — Cisco Umbrella Rank: 579291	460 B
1	dns.google dns.google — Cisco Umbrella Rank: 621	554 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	243 B
1	ipify.org api64.ipify.org — Cisco Umbrella Rank: 8020	223 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	92 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
55	11

	Domain	Requested by
17	www.sbo.biz	1 redirects www.sbo.biz
14	qltuh.crystalcraft.top	www.sbo.biz qltuh.crystalcraft.top cdnstatic.crystalcraft.top
8	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	cdnstatic.crystalcraft.top
4	cdnstatic.crystalcraft.top	qltuh.crystalcraft.top cdnstatic.crystalcraft.top
2	cdnjs.cloudflare.com	www.sbo.biz cdnjs.cloudflare.com
1	qltuh.canopusacrux.top	1 redirects
1	webdatatrace.com	1 redirects
1	dns.google	www.sbo.biz
1	www.google-analytics.com	www.googletagmanager.com
1	api64.ipify.org	www.sbo.biz
1	www.googletagmanager.com	www.sbo.biz
1	fonts.googleapis.com	www.sbo.biz
0	a.crystalcraft.top Failed	cdnstatic.crystalcraft.top
55	14

This site contains no links.

Subject Issuer	Validity	Valid
sbo.biz R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dns.google GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
crystalcraft.top E1	`2023-11-23` - `2024-02-21`	3 months	crt.sh

This page contains 1 frames:

Frame: https://a.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Frame ID: C6F25F2B431DDA732272E8CEECBB0192
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Press “Allow” to verify, that you are not a robot

Page URL History Show full URLs

http://www.sbo.biz/ HTTP 301
https://www.sbo.biz/ Page URL
https://webdatatrace.com/?cmcdpjijvq30napubo6g HTTP 302
https://qltuh.canopusacrux.top/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=cmcdpjijvq30napubo6g HTTP 302
https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30nap... Page URL
https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30nap... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

55
Requests

96 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

11
IPs

3
Countries

449 kB
Transfer

929 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sbo.biz/ HTTP 301
https://www.sbo.biz/ Page URL
https://webdatatrace.com/?cmcdpjijvq30napubo6g HTTP 302
https://qltuh.canopusacrux.top/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=cmcdpjijvq30napubo6g HTTP 302
https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115 Page URL
https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.sbo.biz/ HTTP 301
https://www.sbo.biz/

Request Chain 38

https://webdatatrace.com/?cmcdpjijvq30napubo6g HTTP 302
https://qltuh.canopusacrux.top/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=cmcdpjijvq30napubo6g HTTP 302
https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115

55 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.sbo.biz/
Redirect Chain

http://www.sbo.biz/
https://www.sbo.biz/

117 KB
26 KB

138ms
29ms

Document
text/html

34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9304564cfa60dac637ca1c3380a526b7dad82887a397a0e7ad19fbbab030e539

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-length: 25874
content-type: text/html; charset=UTF-8
date: Sat, 06 Jan 2024 04:53:32 GMT
last-modified: Fri, 05 Jan 2024 23:30:48 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 228
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 06 Jan 2024 04:53:32 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.sbo.biz/
Server: Apache

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 393ms
27ms Stylesheet
text/css 64.233.170.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Prompt%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: www.sbo.biz
URL: https://www.sbo.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f95.1e100.net

Software

ESF /

Resource Hash

58ec635042bb88c1dde507ed0bf5eabbd417f87406684dac6eb09b43477481be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 Jan 2024 04:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 04:53:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jan 2024 04:53:33 GMT

GET
H2 500 cv.css
www.sbo.biz/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 0
0 53ms
53ms Stylesheet
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=3.6.2
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 style.min.css
www.sbo.biz/wp-includes/css/dist/block-library/ 0
0 50ms
50ms Stylesheet
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 widget-areas.min.css
www.sbo.biz/wp-content/themes/generatepress/assets/css/components/ 0
0 50ms
50ms Stylesheet
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.3.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 main.min.css
www.sbo.biz/wp-content/themes/generatepress/assets/css/ 0
0 54ms
54ms Stylesheet
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 featured-images.min.css
www.sbo.biz/wp-content/plugins/gp-premium/blog/functions/css/ 0
0 53ms
51ms Stylesheet
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.4.0-alpha.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 offside.min.css
www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/css/ 0
0 51ms
50ms Stylesheet
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.4.0-alpha.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 navigation-branding-flex.min.css
www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/css/ 0
0 49ms
48ms Stylesheet
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding-flex.min.css?ver=2.4.0-alpha.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 jquery.min.js
www.sbo.biz/wp-includes/js/jquery/ 0
0 32ms
32ms Script
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 jquery-migrate.min.js
www.sbo.biz/wp-includes/js/jquery/ 0
0 37ms
36ms Script
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 391ms
31ms Script
application/javascript 172.253.118.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NBZPDVEQ27

Requested by

Host: www.sbo.biz
URL: https://www.sbo.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

89f4b08b90dea4ad1aa4dfd494a39de9fdddab16d55c4bed6996e2736442c203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 04:53:33 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 385ms
28ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.sbo.biz
URL: https://www.sbo.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2452934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sZiwD2sIHQcFJnoDRx7tLtfnTe7tXzvtv7HoQXEi5dJKLJ7oj2LQXKqFuGkFV6VuHVG3dsSQ6LdYI6c4SqDnsedRSwfiuywssSQQBXudXpeGWpcFpRP6OlXV8YWxDqNpKnU8RSa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84115ba23d885ce5-SIN
expires: Thu, 26 Dec 2024 04:53:33 GMT

GET
H2 500 sticky.min.js
www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/js/ 0
0 34ms
32ms Script
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.4.0-alpha.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 offside.min.js
www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/js/ 0
0 34ms
31ms Script
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.4.0-alpha.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 cv.js
www.sbo.biz/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 0
0 32ms
31ms Script
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=3.6.2
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 smooth-scroll.min.js
www.sbo.biz/wp-content/plugins/gp-premium/general/js/ 0
0 49ms
48ms Script
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.4.0-alpha.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 menu.min.js
www.sbo.biz/wp-content/themes/generatepress/assets/js/ 0
0 49ms
48ms Script
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
H2 500 lazyload.min.js
www.sbo.biz/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 0
0 72ms
72ms Script
text/html 34.124.136.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sbo.biz/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.124.136.93 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.136.124.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:32 GMT
server: Apache
content-length: 530
content-type: text/html; charset=iso-8859-1

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: def1f3c7a0379c4d00247e6822263de0742a2e5fb7611c39f994c737f4648772

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548ca5949c9d6ac56b2179466330941596ca6742eae4c9932f01951d1482cff9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05a9cd0dc41fa80947dabe292859f7a6e9230b0e25d9f9b75ab95398711ed429

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc49b3425c05ede922919011d018e92c1a84441e2bb286cadcbda79a6832918f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 342ca4c8914d2cd026ad4af9110e0aabdf098c656f1e0fe46c0af05a358b5664

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0899703cc7c5e24f998544f6d28a3f42654ff9ddb8639b27237192060d0aba16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK / Show response
api64.ipify.org/ 23 B
223 B 981ms
197ms Fetch
application/json 104.237.62.213
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api64.ipify.org/?format=json
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.213 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: api64.ipify.org
Software: nginx/1.25.1 /
Resource Hash: 85f14274cb691191d058b8e3283b27606e0bd4b89631ce9b165fe317d2f538ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 06 Jan 2024 04:53:34 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 23
Vary: Origin
Content-Type: application/json

GET
H2 200 -W__XJnvUD7dzB2KdNodVkI.woff2
fonts.gstatic.com/s/prompt/v10/ 13 KB
13 KB 499ms
64ms Font
font/woff2 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KdNodVkI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prompt%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

b3a0b2a8b1ee977665c6deaac4be3b91b2f9fd6610221ca1ae31e6cb44199f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sbo.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:37:35 GMT
x-content-type-options: nosniff
age: 116158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13024
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 20:37:35 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 470ms
40ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.sbo.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:33 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2449831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywWFu3f3raHrTxatqN4LGvt24q3S5C0Jzqc8UDAIGovFiMwN9YHGjAlWKpdIIybNQhrhsAA5iyaAqYPE84NajATJKeV7NVHVTyMFr1wjzDWHxL%2FVYHkJc4J6FjKCtYujskhTt5zp"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84115ba53ab85f2b-SIN
expires: Thu, 26 Dec 2024 04:53:33 GMT

GET
H2 200 -W__XJnvUD7dzB2KYNod.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
18 KB 468ms
34ms Font
font/woff2 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KYNod.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sbo.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:41:37 GMT
x-content-type-options: nosniff
age: 87116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17640
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 04:41:37 GMT

GET
H2 200 -W_8XJnvUD7dzB2Cv_4IfWMuQ5Q.woff2
fonts.gstatic.com/s/prompt/v10/ 13 KB
13 KB 509ms
76ms Font
font/woff2 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Cv_4IfWMuQ5Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

914be5e2991b1240f38f52d0c58bf694f4d763747000619e6bb6bca77eb2bfdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sbo.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:40:17 GMT
x-content-type-options: nosniff
age: 51196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12932
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 14:40:17 GMT

GET
H2 200 -W_8XJnvUD7dzB2Ck_kIaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
18 KB 983ms
550ms Font
font/woff2 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Ck_kIaWMu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

e6edb55eb61bbaf02146bb62507589d688467102771c1bb7be159f77e0b33846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sbo.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:34 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 04:53:34 GMT

GET
H2 200 -W_8XJnvUD7dzB2C2_8IaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 18 KB
18 KB 542ms
109ms Font
font/woff2 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2C2_8IaWMu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

e4208432ab62e4e5a5e5901bbc6db5ca3119001facc45108f137e9c5b5370352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sbo.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:51:14 GMT
x-content-type-options: nosniff
age: 306139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17960
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 15:51:14 GMT

GET
H2 200 -W_9XJnvUD7dzB2KZeofTkY.woff2
fonts.gstatic.com/s/prompt/v10/ 18 KB
19 KB 549ms
116ms Font
font/woff2 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_9XJnvUD7dzB2KZeofTkY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

1de642b6e350e53d86f91965b0ee77cbc037102c3eef9ee468cdf12d9e79e748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sbo.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:49:24 GMT
x-content-type-options: nosniff
age: 50649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18860
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 14:49:24 GMT

GET
H2 200 -W_8XJnvUD7dzB2Ck_kIfWMuQ5Q.woff2
fonts.gstatic.com/s/prompt/v10/ 12 KB
13 KB 519ms
102ms Font
font/woff2 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Ck_kIfWMuQ5Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

803e3560ed65623ec04f60b65859f2eee365bd6d0f47b7534daa6492b81d5371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sbo.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 23:38:25 GMT
x-content-type-options: nosniff
age: 191708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12760
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:41:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 23:38:25 GMT

GET
H2 200 -W_8XJnvUD7dzB2C2_8IfWMuQ5Q.woff2
fonts.gstatic.com/s/prompt/v10/ 13 KB
13 KB 539ms
128ms Font
font/woff2 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2C2_8IfWMuQ5Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

d9ea25116dc893d7aa59abe5ac6e9035ff1e3172746c8e86e996e123d4321b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sbo.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 23:44:05 GMT
x-content-type-options: nosniff
age: 191368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 23:44:05 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
243 B 468ms
19ms Ping
text/plain 142.251.175.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NBZPDVEQ27&gtm=45je4130v9168710083&_p=1704516812820&gcd=11l1l1l1l1&dma=0&cid=313281031.1704516813&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704516813&sct=1&seg=0&dl=https%3A%2F%2Fwww.sbo.biz%2F&dt=SBO.BIZ%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%A5%E0%B8%B4%E0%B9%89%E0%B8%87%E0%B8%84%E0%B9%8C%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%80%E0%B8%82%E0%B9%89%E0%B8%B2%20SBOBET%20(%E0%B8%AA%E0%B9%82%E0%B8%9A%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%95)%20SBO%20Mobile%20%E0%B9%82%E0%B8%94%E0%B8%A2%E0%B8%95%E0%B8%A3%E0%B8%87&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=834
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NBZPDVEQ27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 04:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sbo.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 resolve
dns.google/ 361 B
554 B 741ms
377ms Fetch
application/json 8.8.4.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dns.google/resolve?name=www.sbo.biz.116-88-124-232.7494297.logsmetrics.com&type=txt

Requested by

Host: www.sbo.biz
URL: https://www.sbo.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

8.8.4.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

dns.google

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sbo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 Jan 2024 04:53:34 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0
expires: Sat, 06 Jan 2024 04:53:34 GMT

GET
H2

200

/ Show response
qltuh.crystalcraft.top/eyes-robot/
Redirect Chain

https://webdatatrace.com/?cmcdpjijvq30napubo6g
https://qltuh.canopusacrux.top/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&click_id=cmcdpjijvq30napubo6g
https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115

1 KB
896 B

523ms
420ms

Document
text/html

172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Requested by: Host: www.sbo.biz
URL: https://www.sbo.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8

Request headers

Referer: https://www.sbo.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84115bb59fffa048-SIN
content-encoding: br
content-type: text/html
date: Sat, 06 Jan 2024 04:53:36 GMT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2F33AuxSgBghEJ3YbDuG4YK1Bn%2FZXvdbNsgbU2ZSyjr5%2FAHZghX2tOLM%2Brju6%2FD5%2FzXebynrXHgR8wUeX0%2FRKibeYC6nZYuA6ualYQ6j7i9BaKkR5YvweQ32S7yNBmfIam1F5wQxmGYi"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84115bb26bdc4008-SIN
content-length: 0
date: Sat, 06 Jan 2024 04:53:36 GMT
location: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hxpc1GSXZSiyZ%2FwJoIUMj1CNHOjhF%2FsrTkN5jQomAP5g412oKIoNcacR8XmhhQBc6APJbM%2FtZL23WXOff3XKG59vd2U1XJPud%2BL3lDyGKXy8PUeuCncWI46g4A08aamNOO5FVOKKh%2BKC"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST collect
www.google-analytics.com/g/ 0
0

GET
H2 200 trls.js Show response
qltuh.crystalcraft.top/eyes-robot/assets/ 11 KB
2 KB 29ms
28ms Script
application/javascript 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/trls.js
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4595
etag: W/"658189e0-2af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNl2qyvivOcWXvbZmF37btyDC6EEKZRsxzfeZ4SfuxvEeedyDFYgVGVG1CZ%2BNzqsCjWRP1Fc3m12G42v1Q2T6GTD9D9vgmcdyHJ4uodwBuevLI1QLfktTwaa5RiVucK7rpVLx970JWeU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84115bb84a22a048-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
qltuh.crystalcraft.top/eyes-robot/assets/ 3 KB
1 KB 29ms
28ms Stylesheet
text/css 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/style.css
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4596
etag: W/"658189e0-cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZ%2B0xRbpcDkc9WjJkrb9Cx2fmRabupA92zfYApsznvb8aNjdVaQlqrilMiiikGPXNku%2BLynl0H1Jmliog38HFCd3nfTbodgPTFFxrJHuLXF6aRhzSEvWM%2BB%2F9v2lSBr5ZWgDrQFIz6sW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84115bb84a20a048-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 1.png
qltuh.crystalcraft.top/eyes-robot/assets/ 10 KB
11 KB 31ms
31ms Image
image/png 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/1.png
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:36 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4596
etag: "658189e0-295f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TGyVfQiTmqDueIl801dvydYDf3538rFOpIdpWOH3GwpmJMuFP2TnVczjA%2BDrBU6Gzu42DCWTA8G59%2Bb%2FupDGxNariIQC12shV%2B7G9O2cCUOi9bo%2FQAFP4FRjcSSJqJDzSCz0fr9kbOh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84115bb84a25a048-SIN
alt-svc: h3=":443"; ma=86400
content-length: 10591

GET
H2 200 2.png
qltuh.crystalcraft.top/eyes-robot/assets/ 1 KB
1 KB 38ms
37ms Image
image/png 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/2.png
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:36 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4596
etag: "658189e0-425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEjqMb3wjUX6U9cYf8qK%2BZ%2Fcwrz3F1fwLllZji47aWWpwyzH4Nt2c%2BQqO7j7BBUa5%2FS9sQrrNFt0hTTiPLaOpbGsWJYg%2Fhpthapa3ZzShQm9R3Ej8jnjvDuOh6bRa2PMWZ9nXy0GKznH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84115bb84a26a048-SIN
alt-svc: h3=":443"; ma=86400
content-length: 1061

GET
H2 200 static-pl.js Show response
qltuh.crystalcraft.top/shared-js/assets/ 3 KB
1 KB 37ms
36ms Script
application/javascript 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.crystalcraft.top/shared-js/assets/static-pl.js?v=2
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4595
etag: W/"658189e0-dee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCv5syMEZMVw3QfnK4T01LuXd0yImXBHq%2BELq4JHwnLwtQUgmuTU3Ij%2BBm%2BFemJsSXQY6wEIN6WvZXhOIpbe7rmaCtMBc0gc94y%2BfHIJ549w43o%2BYaAq1sYodqCanWb9E2%2BAPL17x%2B3A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84115bb87a74a048-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 image.png
qltuh.crystalcraft.top/eyes-robot/assets/ 11 KB
11 KB 44ms
44ms Image
image/png 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/image.png
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/assets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/assets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:36 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4595
etag: "658189e0-2b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeiiQii2vvGiPPzt%2BfYpMMSSSjH6dL%2Fkz%2F4l2Irei3dlOwnDIB2NSDxpU8Lk48oyDMIdIrM0%2FyjAn40zMAstDE6t%2FhyI7tqUI8f%2BAOk7GYr2se4JZWqT55wjWLYhUFIMJfJNvUvP7W1P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84115bb89a8ea048-SIN
alt-svc: h3=":443"; ma=86400
content-length: 11043

GET
H2 200 ps.js Show response
cdnstatic.crystalcraft.top/ps/ 33 KB
13 KB 393ms
385ms Script
application/javascript 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.crystalcraft.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.crystalcraft.top&timeout=30&tb=true&nrid=fbcd211386bf47f8a3ad408364beb540
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/shared-js/assets/static-pl.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7621d16cc3db1c142f9dff36dca07622605fb0e8cf60f0529326637fcb99b736

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:37 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1LhFu46KslRA3UxukA0%2FKCjIcpD6AAga%2FPz4pBd6NihHWZYLnXgXwLHJm8D4CXdJmB%2FrfCkDT5JrGyxaOlbhrr%2BYIlYBzAbVvFWvzG3BKW5Nj2PWfp1X3ttw1WGMnIPx8FKm0J4jE46E5fYrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 84115bb8dacaa048-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 config.js Show response
cdnstatic.crystalcraft.top/ps/ 360 B
714 B 217ms
217ms Script
application/javascript 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.crystalcraft.top/ps/config.js?id=CHiI7Gh3GUyTa8XGgNqDyQ
Requested by: Host: cdnstatic.crystalcraft.top
URL: https://cdnstatic.crystalcraft.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.crystalcraft.top&timeout=30&tb=true&nrid=fbcd211386bf47f8a3ad408364beb540
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:37 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKSznvoWGmLhT7rwmktlEFOwG5XTrqcj4jcsAEnUHdUt%2BS%2Fne9Oh%2FOKflix8ioGJrCi79OnR3sm6XEXx2EcxfbB8%2FQ%2BNeoEbcUX4nCIBctqxWZu7n8xh770O1MniA4bzP7lGVJl6p7ID25JRmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 84115bbb4bc23e06-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 28 KB
10 KB 396ms
19ms Script
text/javascript 172.217.194.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

Requested by

Host: cdnstatic.crystalcraft.top
URL: https://cdnstatic.crystalcraft.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.crystalcraft.top&timeout=30&tb=true&nrid=fbcd211386bf47f8a3ad408364beb540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9308
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 22:00:43 GMT

GET
H2 200 firebase-messaging-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 37 KB
10 KB 24ms
23ms Script
text/javascript 172.217.194.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9934
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 04:05:59 GMT

GET
H3 200 Primary Request / Show response
qltuh.crystalcraft.top/eyes-robot/ 1 KB
864 B 374ms
373ms Document
text/html 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Requested by: Host: cdnstatic.crystalcraft.top
URL: https://cdnstatic.crystalcraft.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.crystalcraft.top&timeout=30&tb=true&nrid=fbcd211386bf47f8a3ad408364beb540
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8

Request headers

Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84115bbfb8933e06-SIN
content-encoding: br
content-type: text/html
date: Sat, 06 Jan 2024 04:53:38 GMT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAYEZT9jSgPBOiTmNkbpIGoAnqGODpvjdXhdBgCe9N6Kl0cEXkZpamQCBn%2BqDaBWKQxbRmuTbYsVW4X1cuiUvtL2APunRRNy4WN77uthflwraalP%2FFFuFZKrdeFwM8UZk6cBqXYGOD9W"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 trls.js Show response
qltuh.crystalcraft.top/eyes-robot/assets/ 11 KB
2 KB 31ms
30ms Script
application/javascript 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/trls.js
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5617
etag: W/"658189e0-2af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izsZCtkEZl5I1csrqZAHmllgpZsSTIpFbul9XGHBh46mfJ3a5RcF29zgitSL3HcXAQj9kkm51POdcFC%2FO2%2F2nHwuvlVPZ6UlXwMvEE0U8RuyQvTd8%2Fd2pMHhCzKrPvVW%2FpZ0SPMHHIWW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84115bc21b423e06-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
qltuh.crystalcraft.top/eyes-robot/assets/ 3 KB
1 KB 35ms
34ms Stylesheet
text/css 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/style.css
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1855
etag: W/"658189e0-cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzIjaabXxp4R099v%2FuJ6MX8m9f8Jh8BWiIYoj89V95t%2B6uF1WJ7pULgpdj4KJaYk1GXK2neRzUaiy9Q%2B9kzrKh1jCXNEacIqditbabevcRU2WyVt8qwFDjeoHUBJy9mLdcCOdP2sRgPn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84115bc21b453e06-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 1.png
qltuh.crystalcraft.top/eyes-robot/assets/ 10 KB
11 KB 37ms
36ms Image
image/png 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/1.png
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:38 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5614
etag: "658189e0-295f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUbquK%2Fb%2B%2BLcFph7cullvC2QAAB3Bg2rK7MmNND4Npg5FQd7XCJLQO4XZDevMi6q7XeLwZaK9lUms2p5WvEpyrVtSXaPJODnX6Ejbxu%2FXsdgxTLRfXPvr68zN%2B0mjCsC2BaiX5DS7IkG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84115bc21b473e06-SIN
alt-svc: h3=":443"; ma=86400
content-length: 10591

GET
H3 200 2.png
qltuh.crystalcraft.top/eyes-robot/assets/ 1 KB
1 KB 31ms
31ms Image
image/png 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/2.png
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:38 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5614
etag: "658189e0-425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCxT0siJtdKrVynCaMWU%2FR3P9MMjrHdEn5hhcJexwYQol3Q9QHKYTzANp%2Fkn4Dk%2Bgg7Sdfb1qlh8pmaU5OiowIGHrOHLk%2BHR0saxmAev%2BY%2FKTagEKDyTFbike%2BsBUfDQbM9xaqWRDqnr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84115bc21b483e06-SIN
alt-svc: h3=":443"; ma=86400
content-length: 1061

GET
H3 200 static-pl.js Show response
qltuh.crystalcraft.top/shared-js/assets/ 3 KB
2 KB 28ms
28ms Script
application/javascript 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltuh.crystalcraft.top/shared-js/assets/static-pl.js?v=2
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3866
etag: W/"658189e0-dee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6rRqxoKgMO0vdbZQd05k4L0qAcsGLvNqd2G0eaBnq46TrSbLmKK90tLEWqOXOVXHhnpQ97nFNBmd%2B15I4AQciNFkRqvWJeEVo5tG66ruwx%2FDMhGOIAFudvrNBmiL3wazJ5hPAHjdia2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84115bc24b643e06-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 image.png
qltuh.crystalcraft.top/eyes-robot/assets/ 11 KB
11 KB 31ms
31ms Image
image/png 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltuh.crystalcraft.top/eyes-robot/assets/image.png
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/eyes-robot/assets/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/eyes-robot/assets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:38 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2409
etag: "658189e0-2b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTRT7EKZnNT1Omg%2FXQtQM8UED28GNnW8lcW53vZgouVkbc5Ta0%2FN%2BvejkTtGuJcgeR9LXGMvJu%2FDuuol28vZsTz4ULIDxrkOesO6UMmMjwum2rSuaYWRc2bNdOX0o3tfF2oL2pSMr8jc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84115bc24b6f3e06-SIN
alt-svc: h3=":443"; ma=86400
content-length: 11043

GET
H3 200 ps.js Show response
cdnstatic.crystalcraft.top/ps/ 33 KB
13 KB 394ms
394ms Script
application/javascript 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.crystalcraft.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.crystalcraft.top&timeout=30&tb=true&nrid=fbcd211386bf47f8a3ad408364beb540
Requested by: Host: qltuh.crystalcraft.top
URL: https://qltuh.crystalcraft.top/shared-js/assets/static-pl.js?v=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dff31ad4ef709151eabe17906770f363c94260b45947591b2796ec31f9cbedf2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:38 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9togsRcFG2ZBf91yVR4u3ebrT09ydjOO9PgEDzbA1MitRmlTkcDQVoAgkQ5jvmRFDbgD5ffO77FKfBGQxA7w%2ButNpdpIYxVelG%2F2znkjQZNdajVxd2%2Bx3pPyDTyw45YnDGsS5Y%2BmDAfHGzKTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 84115bc28b943e06-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 config.js Show response
cdnstatic.crystalcraft.top/ps/ 360 B
678 B 210ms
210ms Script
application/javascript 172.67.158.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.crystalcraft.top/ps/config.js?id=CHiI7Gh3GUyTa8XGgNqDyQ
Requested by: Host: cdnstatic.crystalcraft.top
URL: https://cdnstatic.crystalcraft.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.crystalcraft.top&timeout=30&tb=true&nrid=fbcd211386bf47f8a3ad408364beb540
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:53:38 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94hPe9Uxt2G53DxdIKznJdcPjIeFVXDLDnHhxWHupVZgRSw%2FHN8%2FXdvmrNc9WQ9HuriPTbMZNcVYqlwt9fIF4MV4SAedinS3I5HVft6rjV5DWzjJmhwq12%2Fmsg1DE73VnO%2FkHgP0Vwz1JQwiew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 84115bc50ec33e06-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 28 KB
9 KB 21ms
21ms Script
text/javascript 172.217.194.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9308
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 22:00:43 GMT

GET
H2 200 firebase-messaging-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 37 KB
10 KB 32ms
31ms Script
text/javascript 172.217.194.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://qltuh.crystalcraft.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9934
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 04:05:59 GMT

GET /
a.crystalcraft.top/eyes-robot/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NBZPDVEQ27&gtm=45je4130v9168710083&_p=1704516812820&gcd=11l1l1l1l1&dma=0&cid=313281031.1704516813&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1704516813&sct=1&seg=0&dl=https%3A%2F%2Fwww.sbo.biz%2F&dt=SBO.BIZ%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%A5%E0%B8%B4%E0%B9%89%E0%B8%87%E0%B8%84%E0%B9%8C%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%80%E0%B8%82%E0%B9%89%E0%B8%B2%20SBOBET%20(%E0%B8%AA%E0%B9%82%E0%B8%9A%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%95)%20SBO%20Mobile%20%E0%B9%82%E0%B8%94%E0%B8%A2%E0%B8%95%E0%B8%A3%E0%B8%87&en=user_engagement&_et=3344&tfd=4183

Domain: a.crystalcraft.top
URL: https://a.crystalcraft.top/eyes-robot/?pl=CHiI7Gh3GUyTa8XGgNqDyQ&sm=eyes-robot&click_id=cmcdpjijvq30napubo6g&nrid=fbcd211386bf47f8a3ad408364beb540&hash=ydP_9iS_tbriJ1d8q405pA&exp=1704517115

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sbo.biz/	1970-01-21 03:04:36	Name: _ga Value: GA1.1.313281031.1704516813
qltuh.canopusacrux.top/	1970-01-20 17:34:22	Name: CHiI7Gh3GUyTa8XGgNqDyQ Value: 5
qltuh.canopusacrux.top/	1970-01-21 03:04:36	Name: __pl Value: b98a9c95-e853-45e0-be28-f1db9e0578b1
qltuh.canopusacrux.top/	1970-01-20 17:28:40	Name: __cap Value: 1
.sbo.biz/	1970-01-21 03:04:36	Name: _ga_NBZPDVEQ27 Value: GS1.1.1704516813.1.0.1704516816.0.0.0
cdnstatic.crystalcraft.top/	1970-01-21 03:04:36	Name: __psu Value: 8e0df77f-c8c5-417f-8b9c-5f06eebf144b

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.sbo.biz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=3.6.2 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.3.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding-flex.min.css?ver=2.4.0-alpha.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.4.0-alpha.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.4.0-alpha.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=3.6.2 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.4.0-alpha.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.4.0-alpha.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.4.0-alpha.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.sbo.biz/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.crystalcraft.top
api64.ipify.org
cdnjs.cloudflare.com
cdnstatic.crystalcraft.top
dns.google
fonts.googleapis.com
fonts.gstatic.com
qltuh.canopusacrux.top
qltuh.crystalcraft.top
webdatatrace.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.sbo.biz
a.crystalcraft.top
www.google-analytics.com
104.17.25.14
104.237.62.213
142.251.175.113
172.217.194.94
172.253.118.97
172.66.40.215
172.67.150.155
172.67.158.143
34.124.136.93
64.233.170.95
74.125.130.94
8.8.4.4
05a9cd0dc41fa80947dabe292859f7a6e9230b0e25d9f9b75ab95398711ed429
0899703cc7c5e24f998544f6d28a3f42654ff9ddb8639b27237192060d0aba16
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
1de642b6e350e53d86f91965b0ee77cbc037102c3eef9ee468cdf12d9e79e748
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
342ca4c8914d2cd026ad4af9110e0aabdf098c656f1e0fe46c0af05a358b5664
548ca5949c9d6ac56b2179466330941596ca6742eae4c9932f01951d1482cff9
58ec635042bb88c1dde507ed0bf5eabbd417f87406684dac6eb09b43477481be
7621d16cc3db1c142f9dff36dca07622605fb0e8cf60f0529326637fcb99b736
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
803e3560ed65623ec04f60b65859f2eee365bd6d0f47b7534daa6492b81d5371
85f14274cb691191d058b8e3283b27606e0bd4b89631ce9b165fe317d2f538ac
89f4b08b90dea4ad1aa4dfd494a39de9fdddab16d55c4bed6996e2736442c203
914be5e2991b1240f38f52d0c58bf694f4d763747000619e6bb6bca77eb2bfdc
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
9304564cfa60dac637ca1c3380a526b7dad82887a397a0e7ad19fbbab030e539
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
b3a0b2a8b1ee977665c6deaac4be3b91b2f9fd6610221ca1ae31e6cb44199f6c
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a
d9ea25116dc893d7aa59abe5ac6e9035ff1e3172746c8e86e996e123d4321b03
dc49b3425c05ede922919011d018e92c1a84441e2bb286cadcbda79a6832918f
def1f3c7a0379c4d00247e6822263de0742a2e5fb7611c39f994c737f4648772
dff31ad4ef709151eabe17906770f363c94260b45947591b2796ec31f9cbedf2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4208432ab62e4e5a5e5901bbc6db5ca3119001facc45108f137e9c5b5370352
e6edb55eb61bbaf02146bb62507589d688467102771c1bb7be159f77e0b33846
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

qltuh.crystalcraft.top Open in urlscan Pro 172.67.158.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

0 %IPv6

11 Domains

14 Subdomains

11 IPs

3 Countries

449 kBTransfer

929 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qltuh.crystalcraft.top Open in urlscan Pro
172.67.158.143 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

11
IPs

3
Countries

449 kB
Transfer

929 kB
Size

6
Cookies

55 HTTP transactions
7 data transactions