urlscan.io logo urlscan.io
SecurityTrails logo

theballersbank.com Open in urlscan Pro
23.227.38.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.theballersbank.com/
Effective URL: https://theballersbank.com/password
Submission: On September 29 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 23.227.38.32, located in Canada and belongs to CLOUDFLARENET, US. The main domain is theballersbank.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 29th 2020. Valid for: 3 months.
This is the only time theballersbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.227.38.64 13335 (CLOUDFLAR...)
1 3 23.227.38.32 13335 (CLOUDFLAR...)
8 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
3 104.16.255.71 13335 (CLOUDFLAR...)
2 2a04:4e42:3::268 54113 (FASTLY)
15 4
1    23.227.38.64 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com
www.theballersbank.com
3    23.227.38.32 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com
theballersbank.com
8    2a02:26f0:eb:38c::39b (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.shopify.com
3    104.16.255.71 (United States)

ASN13335 (CLOUDFLARENET, US)
monorail-edge.shopifysvc.com
2    2a04:4e42:3::268 (Ascension Island)

ASN54113 (FASTLY, US)
fonts.shopifycdn.com
Domain Requested by
8 cdn.shopify.com theballersbank.com
3 monorail-edge.shopifysvc.com cdn.shopify.com
3 theballersbank.com 1 redirects cdn.shopify.com
2 fonts.shopifycdn.com cdn.shopify.com
1 www.theballersbank.com 1 redirects
15 5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
www.shopify.com
Subject Issuer Validity Valid
theballersbank.com
Let's Encrypt Authority X3		 2020-09-29 -
2020-12-28		 3 months crt.sh
cdn.shopify.com
GeoTrust RSA CA 2018		 2020-05-22 -
2021-02-16		 9 months crt.sh
monorail-edge.shopifysvc.com
Cloudflare Inc ECC CA-3		 2020-09-25 -
2021-09-25		 a year crt.sh
shopify.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-06-10 -
2021-04-18		 10 months crt.sh

This page contains 1 frames:

Primary Page: https://theballersbank.com/password
Frame ID: EF8F9EA144174A48C403398045EF6D9C
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.theballersbank.com/ HTTP 301
    https://theballersbank.com/ HTTP 302
    https://theballersbank.com/password Page URL

Detected technologies

Overall confidence: 25%
Detected patterns
  • html /<link[^>]+=['"]\/\/cdn\.shopify\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

15
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

194 kB
Transfer

546 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.theballersbank.com/ HTTP 301
    https://theballersbank.com/ HTTP 302
    https://theballersbank.com/password Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password
theballersbank.com/
Redirect Chain
  • https://www.theballersbank.com/
  • https://theballersbank.com/
  • https://theballersbank.com/password
25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://theballersbank.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
4a212edf4c097de4603713307f1ffaa90b9efa5ceb2c06b6105c04233bc989ea
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=132fa982-87da-4249-914f-3159a08bd9a0
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=132fa982-87da-4249-914f-3159a08bd9a0

Request headers

:method
GET
:authority
theballersbank.com
:scheme
https
:path
/password
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dbc82f81fc3c8a21c44360c79789f88d11601408705
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 29 Sep 2020 19:45:05 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
149
x-sorting-hat-shopid
49679794326
x-frame-options
DENY
x-shopid
49679794326
x-shardid
149
content-language
en
x-shopify-generated-cart-token
aa7b30a7f7fce920241dd7cf4b9f0903
content-encoding
gzip
x-robots-tag
nofollow
strict-transport-security
max-age=7889238
etag
cacheable:5f105e11dcba3c859e59d96a403b2793
x-alternate-cache-key
cacheable:d13d86869b20e7f225e57235d595df8a
x-cache
hit, server
set-cookie
_y=03a5552c-0c63-4849-ac58-c563e9af475c; Expires=Wed, 29-Sep-21 19:45:05 GMT; Domain=theballersbank.com; Path=/ _orig_referrer=; Expires=Tue, 13-Oct-20 19:45:05 GMT; Domain=theballersbank.com; Path=/; HttpOnly secure_customer_sig=; path=/; expires=Sat, 29 Sep 2040 19:45:05 GMT; secure; HttpOnly _shopify_y=03a5552c-0c63-4849-ac58-c563e9af475c; Expires=Wed, 29-Sep-21 19:45:05 GMT; Domain=theballersbank.com; Path=/ _landing_page=%2Fpassword; Expires=Tue, 13-Oct-20 19:45:05 GMT; Domain=theballersbank.com; Path=/; HttpOnly cart_sig=; path=/; expires=Tue, 13 Oct 2020 19:45:05 GMT; HttpOnly
x-request-id
132fa982-87da-4249-914f-3159a08bd9a0
x-shopify-stage
production
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=132fa982-87da-4249-914f-3159a08bd9a0
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=132fa982-87da-4249-914f-3159a08bd9a0
x-dc
gcp-us-central1,gcp-us-central1
x-storefront-renderer-verified
1
nel
{"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
cf-cache-status
DYNAMIC
cf-request-id
057cfebcfd00009c1bc63a6200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5da833db2da79c1b-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

status
302
date
Tue, 29 Sep 2020 19:45:05 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dbc82f81fc3c8a21c44360c79789f88d11601408705; expires=Thu, 29-Oct-20 19:45:05 GMT; path=/; domain=.theballersbank.com; HttpOnly; SameSite=Lax
x-sorting-hat-podid
149
x-sorting-hat-shopid
49679794326
x-storefront-renderer-rendered
1
x-cache
allow
location
https://theballersbank.com/password
x-frame-options
DENY
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security
max-age=7889238
x-shopid
49679794326
x-shardid
149
vary
Accept
x-shopify-stage
production
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-request-id
f6cd7fad-c5e6-42c2-b65f-088bec4dc6ac
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nel
{"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
cf-cache-status
DYNAMIC
cf-request-id
057cfebc1700009c1bc639f200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5da833d9bceb9c1b-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
load_feature-ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b.js
cdn.shopify.com/s/assets/storefront/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/storefront/load_feature-ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b.js
Requested by
Host: theballersbank.com
URL: https://theballersbank.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:38c::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://theballersbank.com
Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
3060
x-xss-protection
1; mode=block
x-request-id
2db6fd53
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-202 segment4-51758 revision-382e715c5b9fe5619ea8ffcbc9f3d2c18ce18cb0 cdn-shopify-com-s-assets-storefront-load_feature-ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b-js
last-modified
Wed, 19 Aug 2020 16:00:15 GMT
date
Tue, 29 Sep 2020 19:45:06 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/storefront/load_feature-ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b.js>; rel="canonical"
expires
Wed, 25 Aug 2021 13:59:05 GMT
theme.scss.css
cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/ 		78 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/theme.scss.css?v=9954837783421485903
Requested by
Host: theballersbank.com
URL: https://theballersbank.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:38c::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e608c62f266fe1494dfb9e246bb28ef449d5e469af4d91cb27fb1f678b5efa25
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gcp-us-central1
status
200
content-length
16369
x-xss-protection
1; mode=block
x-request-id
1b9caeb9
surrogate-key
mime-text/css source-ShopAssetsBackend segment2-225 segment4-57789 revision-58b1b0389b065a21be8839b39ba1b4ee5ea7c7d4 cdn-shopify-com-s-files-1-0496-7979-4326-t-2-assets-theme-scss-css shop-49679794326
last-modified
Tue, 29 Sep 2020 19:45:06 GMT
date
Tue, 29 Sep 2020 19:45:07 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/theme.scss.css>; rel="canonical"
expires
Wed, 29 Sep 2021 19:45:06 GMT
modernizr.min.js
cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/modernizr.min.js?v=4404443942060959132
Requested by
Host: theballersbank.com
URL: https://theballersbank.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:38c::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
055676733c48995a7b176fcc4ca1f62f8c889765b40f20f616a9c21ebb1c332c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gcp-us-east1
status
200
content-length
2452
x-xss-protection
1; mode=block
x-request-id
4014a93
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-42 segment4-10960 revision-116736b62ce56f419d07e16ef7fb79b3870a8c6d cdn-shopify-com-s-files-1-0496-7979-4326-t-2-assets-modernizr-min-js shop-49679794326
last-modified
Sat, 26 Sep 2020 06:54:33 GMT
date
Tue, 29 Sep 2020 19:45:06 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/modernizr.min.js>; rel="canonical"
expires
Sun, 26 Sep 2021 06:55:05 GMT
jquery-1.11.0.min.js
cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/jquery-1.11.0.min.js?v=3246042684083249002
Requested by
Host: theballersbank.com
URL: https://theballersbank.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:38c::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gcp-us-east1
status
200
content-length
33634
x-xss-protection
1; mode=block
x-request-id
4014a91
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-11 segment4-2836 revision-116736b62ce56f419d07e16ef7fb79b3870a8c6d cdn-shopify-com-s-files-1-0496-7979-4326-t-2-assets-jquery-1-11-0-min-js shop-49679794326
last-modified
Sat, 26 Sep 2020 06:54:32 GMT
date
Tue, 29 Sep 2020 19:45:06 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/jquery-1.11.0.min.js>; rel="canonical"
expires
Sun, 26 Sep 2021 06:55:05 GMT
theme.js
cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/ 		115 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/theme.js?v=13733231539381766514
Requested by
Host: theballersbank.com
URL: https://theballersbank.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:38c::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ee17b7d5dd8324d4245bee6973bda8524bebadb2a6a1bd37e87eab46da3482a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gcp-us-central1
status
200
content-length
34015
x-xss-protection
1; mode=block
x-request-id
e3e105f
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-39 segment4-10108 revision-7bd3040d705e8ac530272e29bb360e50d4d01d51 cdn-shopify-com-s-files-1-0496-7979-4326-t-2-assets-theme-js shop-49679794326
last-modified
Sat, 26 Sep 2020 06:54:47 GMT
date
Tue, 29 Sep 2020 19:45:06 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/theme.js>; rel="canonical"
expires
Tue, 28 Sep 2021 18:44:42 GMT
trekkie.storefront.min.js
cdn.shopify.com/s/javascripts/tricorder/ 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1
Requested by
Host: theballersbank.com
URL: https://theballersbank.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:38c::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e4e226ba0d6a737888d86d28107b98efccb35b6d32e07bd79ed5cec470ec8088
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gcp-us-central1
status
200
content-length
15571
x-xss-protection
1; mode=block
x-request-id
287c0483
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-149 segment4-38261 revision-7bd3040d705e8ac530272e29bb360e50d4d01d51 cdn-shopify-com-s-javascripts-tricorder-trekkie-storefront-min-js
last-modified
Mon, 28 Sep 2020 17:26:17 GMT
date
Tue, 29 Sep 2020 19:45:06 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
timing-allow-origin
*
link
<https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js>; rel="canonical"
expires
Mon, 28 Sep 2020 18:25:19 GMT
shop_events_listener-d81deda6557a113fbcc6a993184828adcef6f241e4ca52b6a21169cb03169317.js
cdn.shopify.com/s/assets/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/shop_events_listener-d81deda6557a113fbcc6a993184828adcef6f241e4ca52b6a21169cb03169317.js
Requested by
Host: theballersbank.com
URL: https://theballersbank.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:38c::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
d81deda6557a113fbcc6a993184828adcef6f241e4ca52b6a21169cb03169317
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
2783
x-xss-protection
1; mode=block
x-request-id
9aa0b4b
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-248 segment4-63547 revision-7cfe161855c196200f23192ab68be81423731357 cdn-shopify-com-s-assets-shop_events_listener-d81deda6557a113fbcc6a993184828adcef6f241e4ca52b6a21169cb03169317-js
last-modified
Thu, 03 Sep 2020 19:58:54 GMT
date
Tue, 29 Sep 2020 19:45:06 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/shop_events_listener-d81deda6557a113fbcc6a993184828adcef6f241e4ca52b6a21169cb03169317.js>; rel="canonical"
expires
Fri, 10 Sep 2021 16:46:37 GMT
shopify-boomerang-1.0.0.min.js
cdn.shopify.com/shopifycloud/boomerang/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: theballersbank.com
URL: https://theballersbank.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:38c::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
7a5011de0a6a388b5534eaccf4ac3d4648d1254af2c91b15a76239685bbc2d9d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31083
x-xss-protection
1; mode=block
x-request-id
bcb438
surrogate-key
mime-application/javascript source-GcsBackend segment2-96 segment4-24675 revision-ec499214a75eeb4ba991f605c003fe27f99f6a84 cdn-shopify-com-shopifycloud-boomerang-shopify-boomerang-1-0-0-min-js
last-modified
Tue, 15 Sep 2020 15:19:43 GMT
date
Tue, 29 Sep 2020 19:45:06 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=3600, must-revalidate
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
expires
Tue, 21 Sep 2021 10:54:58 GMT
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
811 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Sep 2020 19:45:06 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dc
gcp-us-east1
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
057cfebf6700000c698e960200000001
x-request-id
c1d3f96b-f2d0-4e0b-9a7b-e13696c77bd4
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://theballersbank.com
access-control-allow-credentials
true
cf-ray
5da833df0a300c69-AMS
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
97 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Sep 2020 19:45:06 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dc
gcp-us-east1
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
057cfebf6700000c698e961200000001
x-request-id
dc1c34f4-5cf1-4ad8-962d-c9e6303ae443
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://theballersbank.com
access-control-allow-credentials
true
cf-ray
5da833df0a330c69-AMS
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2
fonts.shopifycdn.com/montserrat/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/montserrat/montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2?h1=dGhlYmFsbGVyc2JhbmsuY29t&hmac=26ceabbe3a5d3e516520a84acc7cf0d094ac58345fccddd65a2279cf0901e74b
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/theme.scss.css?v=9954837783421485903
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::268 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66

Request headers

Origin
https://theballersbank.com
Referer
https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/theme.scss.css?v=9954837783421485903
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
AaIOXqCPMXxN8ATxR1r7vQpKQ97VhXTZ
via
1.1 varnish
etag
"2b2b7174f2b09919c27c5fd48454e722"
age
59745
x-cache
HIT
status
200
content-length
22716
x-amz-id-2
Znc3XWRGfdbRMxue5lWLClnW3v5o/Fb0bP20XtCLhamzRy41qzI+NCaUowgQbvfG2ARcX+mBB0g=
x-served-by
cache-fra19164-FRA
last-modified
Wed, 02 May 2018 18:21:20 GMT
server
AmazonS3
x-timer
S1601408707.136258,VS0,VE0
date
Tue, 29 Sep 2020 19:45:07 GMT
x-amz-request-id
6AF53CFD2F43C555
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
1657
helvetica_n4.fe093fe9ca22a15354813c912484945a36b79146.woff2
fonts.shopifycdn.com/helvetica/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/helvetica/helvetica_n4.fe093fe9ca22a15354813c912484945a36b79146.woff2?h1=dGhlYmFsbGVyc2JhbmsuY29t&hmac=84801f129656e7454281146ab4332a42c5557d5139b989e768227786ff8ad7d0
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/theme.scss.css?v=9954837783421485903
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::268 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de60693f31597c2ec2c1bd972d15900b6bb7be2bcc19db7b71bd171469b7dbe0

Request headers

Origin
https://theballersbank.com
Referer
https://cdn.shopify.com/s/files/1/0496/7979/4326/t/2/assets/theme.scss.css?v=9954837783421485903
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
4AdVwUM1RcK6IjFPXS0IVdOvOSLg0L4d
via
1.1 varnish
etag
"3081ae959e35d7dfa394138443e9095e"
age
62069
x-cache
HIT
status
200
content-length
19252
x-amz-id-2
PEAJWSC186xUZLYA25Z9e7OELytca847EanRkv7rOJCG4jumE6xv451nvobnsdd0/egAyMkpdU0=
x-served-by
cache-fra19164-FRA
last-modified
Mon, 14 May 2018 14:32:27 GMT
server
AmazonS3
x-timer
S1601408707.136214,VS0,VE0
date
Tue, 29 Sep 2020 19:45:07 GMT
x-amz-request-id
4D8C76E63BC2ACC9
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
3315
cart.js
theballersbank.com/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://theballersbank.com/cart.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-d81deda6557a113fbcc6a993184828adcef6f241e4ca52b6a21169cb03169317.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://theballersbank.com/password
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 19:45:07 GMT
x-storefront-renderer-verified
1
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage
production
status
401
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
49679794326
x-shardid
149
x-storefront-renderer-rendered
1
content-type
text/html; charset=utf-8
server
cloudflare
x-sorting-hat-podid
149
x-frame-options
DENY
content-language
en
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=7889238
x-download-options
noopen
x-shopid
49679794326
x-request-id
8fae7025-765d-4bc9-ae8a-ef3d081ec449
vary
Accept
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-request-id
057cfec26e00009c1bc604f200000001
cf-ray
5da833e3ebd89c1b-AMS
x-content-type-options
nosniff
produce
monorail-edge.shopifysvc.com/v1/ 		0
243 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://theballersbank.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Sep 2020 19:45:07 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dc
gcp-us-east1
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
057cfec2ae00000c698e998200000001
x-request-id
0af71986-effc-4d3f-814c-daae520fee40
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://theballersbank.com
access-control-allow-credentials
true
cf-ray
5da833e44e360c69-AMS
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| Shopify object| __st boolean| ShopifyPaypalV4VisibilityTracking object| meta string| attr object| ShopifyAnalytics object| trekkie object| _visit object| BOOMR object| Modernizr function| $ function| jQuery object| theme object| classes object| selectors object| Slate object| enquire object| jQuery1110025045436869446114 function| _ function| gm_authFailure object| productStrings number| BOOMR_onload

12 Cookies

Domain/Path Name / Value
.theballersbank.com/ Name: _shopify_sa_p
Value:
.theballersbank.com/ Name: _shopify_sa_t
Value: 2020-09-29T19%3A45%3A06.272Z
.theballersbank.com/ Name: _shopify_s
Value: db65ab35-5CD1-4CA9-D4D0-48D6FBC504AD
.theballersbank.com/ Name: _s
Value: db65ab35-5CD1-4CA9-D4D0-48D6FBC504AD
theballersbank.com/ Name: cart_sig
Value:
.theballersbank.com/ Name: _shopify_fs
Value: 2020-09-29T19%3A45%3A06.266Z
.theballersbank.com/ Name: _landing_page
Value: %2Fpassword
.theballersbank.com/ Name: _shopify_y
Value: 03a5552c-0c63-4849-ac58-c563e9af475c
.theballersbank.com/ Name: _orig_referrer
Value:
theballersbank.com/ Name: secure_customer_sig
Value:
.theballersbank.com/ Name: _y
Value: 03a5552c-0c63-4849-ac58-c563e9af475c
.theballersbank.com/ Name: __cfduid
Value: dbc82f81fc3c8a21c44360c79789f88d11601408705

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=132fa982-87da-4249-914f-3159a08bd9a0
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=132fa982-87da-4249-914f-3159a08bd9a0