urlscan.io logo urlscan.io
SecurityTrails logo

theshinyballsyndrome.com Open in urlscan Pro
107.180.26.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://coronavirusworkfromhomejobs.com/
Effective URL: https://theshinyballsyndrome.com/index.html
Submission: On May 21 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 107.180.26.70, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is theshinyballsyndrome.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 29th 2020. Valid for: a year.
This is the only time theshinyballsyndrome.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.168.131.241 26496 (AS-26496-...)
2 3 107.180.26.70 26496 (AS-26496-...)
3 52.222.149.108 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 151.101.112.217 54113 (FASTLY)
2 34.82.251.111 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.55.153.113 14618 (AMAZON-AES)
1 2a04:4e42:1b:... 54113 (FASTLY)
3 34.82.60.65 15169 (GOOGLE)
20 9
1    184.168.131.241 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
coronavirusworkfromhomejobs.com
3    107.180.26.70 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-26-70.ip.secureserver.net
theshinyballsyndrome.com
3    52.222.149.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-108.fra53.r.cloudfront.net
cdn.convertri.com
6    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
2    34.82.251.111 (United States)

ASN15169 (GOOGLE, US)
PTR: 111.251.82.34.bc.googleusercontent.com
app.adacomply.io
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.55.153.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-153-113.compute-1.amazonaws.com
snowplow.convertri.com
1    2a04:4e42:1b::720 (Ascension Island)

ASN54113 (FASTLY, US)
convertri.imgix.net
3    34.82.60.65 (United States)

ASN15169 (GOOGLE, US)
PTR: 65.60.82.34.bc.googleusercontent.com
cdn.adacomply.io
Domain Requested by
6 fonts.gstatic.com theshinyballsyndrome.com
3 cdn.adacomply.io app.adacomply.io
3 cdn.convertri.com theshinyballsyndrome.com
3 theshinyballsyndrome.com 2 redirects
2 www.google-analytics.com theshinyballsyndrome.com
2 app.adacomply.io theshinyballsyndrome.com
app.adacomply.io
1 convertri.imgix.net theshinyballsyndrome.com
1 snowplow.convertri.com theshinyballsyndrome.com
1 player.vimeo.com theshinyballsyndrome.com
1 coronavirusworkfromhomejobs.com 1 redirects
20 10

This site contains links to these domains. Also see Links.

Domain
coronavirusquarantineworkfromhomejobs.com
theshinyballsyndrome.memberportal.io
Subject Issuer Validity Valid
600aday.com
Go Daddy Secure Certificate Authority - G2		 2020-02-29 -
2021-02-28		 a year crt.sh
*.convertri.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-25 -
2022-02-22		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-23 -
2021-04-24		 a year crt.sh
app.adacomply.io
Let's Encrypt Authority X3		 2020-04-29 -
2020-07-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
imgix.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-08-20 -
2020-08-20		 a year crt.sh
cdn.adacomply.io
Let's Encrypt Authority X3		 2020-04-29 -
2020-07-28		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://theshinyballsyndrome.com/index.html
Frame ID: 9B1CED03F7199549897FFA8112B36DEF
Requests: 18 HTTP requests in this frame

Frame: https://player.vimeo.com/video/397271803
Frame ID: 9F374A1237470817C4CB701B8A15E908
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adacomply.io/?ada-token=bbfe7d55-59a4-4b27-9ab7-c740abccac55?ada-type=icons&ada-page-path=/index.html&pos=bottom-right
Frame ID: 75910616FBF98264C3F47C06FB0B9F85
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://coronavirusworkfromhomejobs.com/ HTTP 302
    http://theshinyballsyndrome.com/amember/aff/go/drlarrydevine HTTP 302
    http://theshinyballsyndrome.com/index.html HTTP 301
    https://theshinyballsyndrome.com/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

100 %
HTTPS

30 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

388 kB
Transfer

919 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://coronavirusworkfromhomejobs.com/ HTTP 302
    http://theshinyballsyndrome.com/amember/aff/go/drlarrydevine HTTP 302
    http://theshinyballsyndrome.com/index.html HTTP 301
    https://theshinyballsyndrome.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
theshinyballsyndrome.com/
Redirect Chain
  • http://coronavirusworkfromhomejobs.com/
  • http://theshinyballsyndrome.com/amember/aff/go/drlarrydevine
  • http://theshinyballsyndrome.com/index.html
  • https://theshinyballsyndrome.com/index.html
241 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.26.70 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-26-70.ip.secureserver.net
Software
Apache /
Resource Hash
9b2b81f50adb1de75f8fa45ac8492fcebb9d1fb021612b5081fd8a0950f17143

Request headers

:method
GET
:authority
theshinyballsyndrome.com
:scheme
https
:path
/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=9hhnmjd75sbtiib7nq3irbpdj4; amember_aff_id=ZHJsYXJyeWRldmluZQ%3D%3D-0-108934
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 21 May 2020 00:24:41 GMT
server
Apache
last-modified
Tue, 21 Apr 2020 04:39:12 GMT
etag
"54207f-3c2cf-5a3c598dc1c00-gzip"
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
31773
content-type
text/html

Redirect headers

Date
Thu, 21 May 2020 00:24:39 GMT
Server
Apache
Content-Security-Policy
upgrade-insecure-requests;
Location
https://theshinyballsyndrome.com/index.html
Content-Length
251
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
font-awesome.woff2
cdn.convertri.com/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/font-awesome/font-awesome.woff2?v=4.7.0
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://theshinyballsyndrome.com/index.html
Origin
https://theshinyballsyndrome.com

Response headers

date
Wed, 20 May 2020 10:46:30 GMT
via
1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
age
49092
x-cache
Hit from cloudfront
status
200
content-length
77160
last-modified
Wed, 22 May 2019 08:26:20 GMT
server
AmazonS3
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
hUpMhnIbOeOBI3YVQzK9Rm3U23zhgdpfeSZXXc5mMH_1zENBjHRN1Q==
jquery-1.12.2.min.js
cdn.convertri.com/ 		224 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/jquery-1.12.2.min.js?v=2020-04-14-07-21-11
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dbf18e32e6343bdf3ee6482a7434bbcce45f03e7a7f29df12b0336ae6c5c4e9

Request headers

Referer
https://theshinyballsyndrome.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 08:00:23 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 07:57:58 GMT
server
AmazonS3
age
145459
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604800
x-amz-cf-pop
FRA53
x-amz-cf-id
xzxm3k6p0tArxGF9AV3D-lCfDxiNP_qjW4C4bjCSFZtVpNsqzAYJHg==
via
1.1 3283735112d0a322451d32ef038129c9.cloudfront.net (CloudFront)
1Ptug8zYS_SKggPNyC0ISg.ttf
fonts.gstatic.com/s/raleway/v14/ 		53 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0ISg.ttf
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07999c4403d96e4f384ab755454751fb0b5fa5fb9e3710e89635d04cb8e1082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://theshinyballsyndrome.com/index.html
Origin
https://theshinyballsyndrome.com

Response headers

date
Wed, 20 May 2020 01:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81362
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26080
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:48:14 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 May 2021 01:48:39 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v20/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b1d7f87f3ca4c8b4bd749b02b6ad71c930b7e306c752a2e2293d7b250b02e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://theshinyballsyndrome.com/index.html
Origin
https://theshinyballsyndrome.com

Response headers

date
Sun, 17 May 2020 09:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
313921
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20742
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 09:12:40 GMT
397271803
player.vimeo.com/video/ Frame 9F37 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/397271803
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://theshinyballsyndrome.com/index.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://theshinyballsyndrome.com/index.html

Response headers

Connection
keep-alive
Content-Length
5271
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Thu, 21 May 2020 00:34:41 GMT
Via
1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
0
X-VServer
infra-playproxy-a-5
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Thu, 21 May 2020 00:24:41 GMT
Age
0
X-Served-By
cache-hhn4076-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1590020682.595588,VS0,VE147
Vary
Accept-Encoding
P5sMzZCDf9_T_10ZxCQ.ttf
fonts.gstatic.com/s/arimo/v13/ 		50 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v13/P5sMzZCDf9_T_10ZxCQ.ttf
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a655c5f19099818817437fc9f96d42eb4630dede1ec8a61343f497dec9f43462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://theshinyballsyndrome.com/index.html
Origin
https://theshinyballsyndrome.com

Response headers

date
Tue, 19 May 2020 14:18:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122787
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31879
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:20:31 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 May 2021 14:18:14 GMT
P5sBzZCDf9_T_1Wi4TRDrZc.ttf
fonts.gstatic.com/s/arimo/v13/ 		48 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v13/P5sBzZCDf9_T_1Wi4TRDrZc.ttf
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f01c54a554f30e36e764fd5607e5401f357b9efd0e6a429016ffe5b498099d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://theshinyballsyndrome.com/index.html
Origin
https://theshinyballsyndrome.com

Response headers

date
Wed, 20 May 2020 03:38:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74751
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31183
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:21:23 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 May 2021 03:38:50 GMT
Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhKg.ttf
fonts.gstatic.com/s/josefinsans/v15/ 		24 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v15/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhKg.ttf
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1138a3c21451dbd7d4ef78d0057a873b731ea6543a29af76242d834e6eb2dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://theshinyballsyndrome.com/index.html
Origin
https://theshinyballsyndrome.com

Response headers

date
Tue, 19 May 2020 02:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164953
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14378
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 23:05:02 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 May 2021 02:35:28 GMT
P5sCzZCDf9_T_10c9CNkjQ.ttf
fonts.gstatic.com/s/arimo/v13/ 		50 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v13/P5sCzZCDf9_T_10c9CNkjQ.ttf
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f12a7c2f5bf9c6141b481977973bfb6ea53305cb4c107c3c67bf733b870bef6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://theshinyballsyndrome.com/index.html
Origin
https://theshinyballsyndrome.com

Response headers

date
Wed, 20 May 2020 15:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31324
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33074
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:22:17 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 May 2021 15:42:37 GMT
init.js
app.adacomply.io/embed/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.adacomply.io/embed/init.js
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.251.111 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.251.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
d9260f79b1aafd0b254ef4207d0c8bd0efc08381da36d3dd5ebf76c0618fcef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://theshinyballsyndrome.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 00:24:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Original-Content-Length
17567
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
5491
Access-Control-Allow-Headers
x-test-header, Origin, X-Requested-With, Content-Type, Accept
Last-Modified
Wed, 06 May 2020 06:23:22 GMT
Server
Apache
ETag
"449f-5a4f4cd09440a-gzip"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Thu, 21 May 2020 00:29:31 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://theshinyballsyndrome.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
5302
date
Wed, 20 May 2020 22:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 21 May 2020 00:56:19 GMT
cdn.min.css
cdn.convertri.com/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/cdn.min.css?v=2020-04-14-07-21-11
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad08a6cb317c4cf54bece0f1f0e07566820ff5e9619665f8191d87a9cc949586

Request headers

Referer
https://theshinyballsyndrome.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 08:00:23 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 07:57:55 GMT
server
AmazonS3
age
145459
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=604800
x-amz-cf-pop
FRA53
x-amz-cf-id
IoTVcKLAWese3HNjk-d4K0D1BnKX1tLIZMpYxBmpQ92pEP6acon2Ag==
via
1.1 3283735112d0a322451d32ef038129c9.cloudfront.net (CloudFront)
i
snowplow.convertri.com/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snowplow.convertri.com/i?stm=1590020682469&e=pv&url=https%3A%2F%2Ftheshinyballsyndrome.com%2Findex.html&page=work%20from%20home&tv=js-2.7.0&aid=cvt&p=web&tz=Europe%2FBerlin&lang=en-US&cs=windows-1252&res=1600x1200&cd=24&cookie=1&eid=b38515db-0e39-419d-ba8a-6df483210517&dtm=1590020682465&vp=1600x1200&ds=1600x1534&vid=1&sid=335b4607-f9ed-46ec-a121-bd7411d5ad1e&duid=8ec3e4ab-14bc-4fde-bff7-b0a677f747f8&fp=9633379
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.153.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-153-113.compute-1.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://theshinyballsyndrome.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 00:24:42 GMT
server
spray-can/1.3.3
status
200
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
content-type
image/gif
content-length
43
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1338107335&t=pageview&_s=1&dl=https%3A%2F%2Ftheshinyballsyndrome.com%2Findex.html&dp=%2Findex.html&dh=theshinyballsyndrome.com&ul=en-us&de=windows-1252&dt=work%20from%20home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=1480514229&gjid=1417811334&cid=1711057740.1590020683&tid=UA-81690217-1&_gid=1233974960.1590020683&_r=1&z=157803867
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://theshinyballsyndrome.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 May 2020 00:24:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
AwardSeal%20%281%29.jpg
convertri.imgix.net/95a84b81-56b9-11e6-829d-066a9bd5fb79/f7fbdf4171a91c0a93fad08804960b5d0466a31a/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/95a84b81-56b9-11e6-829d-066a9bd5fb79/f7fbdf4171a91c0a93fad08804960b5d0466a31a/AwardSeal%20%281%29.jpg?auto=compress,format&fit=scale&w=237&h=222
Requested by
Host: theshinyballsyndrome.com
URL: https://theshinyballsyndrome.com/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
73486db29c0bfbd4487799fbb07a1d9169761b79e98129ea79f6836c2b2ef6e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://theshinyballsyndrome.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 00:24:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 May 2020 20:48:09 GMT
server
imgix
age
704193
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
status
200
cache-control
public, max-age=2419200
x-imgix-id
c227c0fcbc796eed2cf6cac3df61aeb27e746b8c
accept-ranges
bytes
access-control-allow-origin
*
content-length
8666
x-served-by
cache-lax8631-LAX, cache-hhn4026-HHN
bbfe7d55-59a4-4b27-9ab7-c740abccac55
app.adacomply.io/api/site/ 		462 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.adacomply.io/api/site/bbfe7d55-59a4-4b27-9ab7-c740abccac55?path=/index.html
Requested by
Host: app.adacomply.io
URL: https://app.adacomply.io/embed/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.251.111 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.251.82.34.bc.googleusercontent.com
Software
Apache / PHP/7.3.11
Resource Hash
bf42325616a45326f397bed148760b7b51088f96d4e1c8b06c18e7d4042a0e3d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://theshinyballsyndrome.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 00:24:45 GMT
Server
Apache
X-Powered-By
PHP/7.3.11
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, s-maxage=10
Transfer-Encoding
chunked
Connection
Keep-Alive
Access-Control-Allow-Headers
x-test-header, Origin, X-Requested-With, Content-Type, Accept
Keep-Alive
timeout=5, max=100
engine.css
cdn.adacomply.io/css/ 		20 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.adacomply.io/css/engine.css
Requested by
Host: app.adacomply.io
URL: https://app.adacomply.io/embed/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.60.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.60.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
4b5a5c48491b772d66654ea351082745fb10e69fec8d7e0af8ed7da99ea02c1f
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://theshinyballsyndrome.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 00:24:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 10 Jan 2020 09:56:15 GMT
Server
Apache
ETag
"503d-59bc622ecefb3-gzip"
X-Frame-Options
ALLOWALL
Content-Type
text/css
Access-Control-Allow-Origin
*, *
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10744
/
cdn.adacomply.io/ Frame 7591 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.adacomply.io/?ada-token=bbfe7d55-59a4-4b27-9ab7-c740abccac55?ada-type=icons&ada-page-path=/index.html&pos=bottom-right
Requested by
Host: app.adacomply.io
URL: https://app.adacomply.io/embed/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.60.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.60.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Host
cdn.adacomply.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://theshinyballsyndrome.com/index.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://theshinyballsyndrome.com/index.html

Response headers

Date
Thu, 21 May 2020 00:24:46 GMT
Server
Apache
X-Frame-Options
ALLOWALL
Accept-Ranges
bytes
X-Mod-Pagespeed
1.13.35.2-0
Vary
Accept-Encoding
Content-Encoding
gzip
Access-Control-Allow-Origin
* *
Cache-Control
max-age=0, no-cache, s-maxage=10
Content-Length
440
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
icon.svg
cdn.adacomply.io/public/v2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adacomply.io/public/v2/icon.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.60.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.60.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
5e16189bdac62e2327770abcd533c3083c42edc5df689c86d8d59abf759bb798
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://cdn.adacomply.io/css/engine.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 00:24:46 GMT
Last-Modified
Thu, 09 Jan 2020 05:04:09 GMT
Server
Apache
ETag
"a22-59badf0712201"
X-Frame-Options
ALLOWALL
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*, *
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2594

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| documentClassList object| CONVERTRI_CONSTANTS string| _cvt_gsi function| needsJQuery function| convertriLoadDeferredStyles function| raf object| convertriParameters function| manageIframesState function| ViewportResizer function| visibilityChanged object| MobileDetector function| yall function| uniqueSelector function| manageLayerScrollbars object| UrlUtils string| adaComplyPubKey string| GoogleAnalyticsObject function| ga function| CheckoutValidationErrorRenderer function| convertriCheckoutApiFactory function| convertriCheckoutFormApiFactory function| convertriCheckoutFormValidatorFactory function| jQueryToPromise function| StripeElements object| ConvertriCheckoutCurrencies object| ConvertriCheckoutEvents object| ConvertriCheckoutModalEvents object| ConvertriProductSelectionModalEvents object| ConvertriCheckoutController object| ConvertriCheckoutPaymentDetailsForm object| ConvertriCheckoutModal object| ConvertriPreCheckoutProductSelection object| ConvertriCheckoutModalRenderer object| doT function| ES6Promise function| $ function| jQuery object| _snaq object| Snowplow object| jQuery11220750116707909988 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime

6 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: vuid
Value: pl1351803463.2080253426
.theshinyballsyndrome.com/ Name: _gat
Value: 1
theshinyballsyndrome.com/ Name: _sp_ses.9713
Value: *
.theshinyballsyndrome.com/ Name: _gid
Value: GA1.2.1233974960.1590020683
theshinyballsyndrome.com/ Name: _sp_id.9713
Value: 8ec3e4ab-14bc-4fde-bff7-b0a677f747f8.1590020682.1.1590020682.1590020682.335b4607-f9ed-46ec-a121-bd7411d5ad1e
.theshinyballsyndrome.com/ Name: _ga
Value: GA1.2.1711057740.1590020683

1 Console Messages

Source Level URL
Text
console-api warning URL: https://cdn.convertri.com/jquery-1.12.2.min.js?v=2020-04-14-07-21-11(Line 5)
Message:
Snowplow: setAppId is deprecated. Instead add an "appId" field to the argmap argument of newTracker.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.adacomply.io
cdn.adacomply.io
cdn.convertri.com
convertri.imgix.net
coronavirusworkfromhomejobs.com
fonts.gstatic.com
player.vimeo.com
snowplow.convertri.com
theshinyballsyndrome.com
www.google-analytics.com
107.180.26.70
151.101.112.217
184.168.131.241
2a00:1450:4001:801::2003
2a00:1450:4001:81d::200e
2a04:4e42:1b::720
34.82.251.111
34.82.60.65
52.222.149.108
52.55.153.113
0b1d7f87f3ca4c8b4bd749b02b6ad71c930b7e306c752a2e2293d7b250b02e27
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
4b5a5c48491b772d66654ea351082745fb10e69fec8d7e0af8ed7da99ea02c1f
4dbf18e32e6343bdf3ee6482a7434bbcce45f03e7a7f29df12b0336ae6c5c4e9
5e16189bdac62e2327770abcd533c3083c42edc5df689c86d8d59abf759bb798
73486db29c0bfbd4487799fbb07a1d9169761b79e98129ea79f6836c2b2ef6e6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9b2b81f50adb1de75f8fa45ac8492fcebb9d1fb021612b5081fd8a0950f17143
a655c5f19099818817437fc9f96d42eb4630dede1ec8a61343f497dec9f43462
ad08a6cb317c4cf54bece0f1f0e07566820ff5e9619665f8191d87a9cc949586
bf42325616a45326f397bed148760b7b51088f96d4e1c8b06c18e7d4042a0e3d
c07999c4403d96e4f384ab755454751fb0b5fa5fb9e3710e89635d04cb8e1082
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d9260f79b1aafd0b254ef4207d0c8bd0efc08381da36d3dd5ebf76c0618fcef3
f01c54a554f30e36e764fd5607e5401f357b9efd0e6a429016ffe5b498099d72
f1138a3c21451dbd7d4ef78d0057a873b731ea6543a29af76242d834e6eb2dc2
f12a7c2f5bf9c6141b481977973bfb6ea53305cb4c107c3c67bf733b870bef6b