6tball-share-webcure.whay.apar.secure.ngapont.lave.live Open in urlscan Pro
172.232.59.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Effective URL:
https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On October 10 via api (October 10th 2024, 9:45:52 am UTC) from IT — Scanned from FR

Summary HTTP 35 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 35 HTTP transactions. The main IP is 172.232.59.193, located in Paris, France and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is 6tball-share-webcure.whay.apar.secure.ngapont.lave.live.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on October 10th 2024. Valid for: 3 months.

This is the only time 6tball-share-webcure.whay.apar.secure.ngapont.lave.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.232.59.193 172.232.59.193	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
7	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1 4	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:310... 2606:4700:3108::ac42:28a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
35	12

4 172.232.59.193 (Paris, France)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-232-59-193.ip.linodeusercontent.com

6tball-share-webcure.whay.apar.secure.ngapont.lave.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:28a3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quilljs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	158 KB
7	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	105 KB
4	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 797	54 KB
4	lave.live 6tball-share-webcure.whay.apar.secure.ngapont.lave.live	59 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
2	quilljs.com cdn.quilljs.com — Cisco Umbrella Rank: 22252	50 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	107 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	770 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	30 KB
35	11

	Domain	Requested by
8	cdnjs.cloudflare.com	6tball-share-webcure.whay.apar.secure.ngapont.lave.live
7	cdn.jsdelivr.net	6tball-share-webcure.whay.apar.secure.ngapont.lave.live
4	unpkg.com	1 redirects 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
4	6tball-share-webcure.whay.apar.secure.ngapont.lave.live	6tball-share-webcure.whay.apar.secure.ngapont.lave.live
2	www.facebook.com	6tball-share-webcure.whay.apar.secure.ngapont.lave.live
2	connect.facebook.net	6tball-share-webcure.whay.apar.secure.ngapont.lave.live connect.facebook.net
2	cdn.quilljs.com	6tball-share-webcure.whay.apar.secure.ngapont.lave.live
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	6tball-share-webcure.whay.apar.secure.ngapont.lave.live
1	fonts.googleapis.com	6tball-share-webcure.whay.apar.secure.ngapont.lave.live
1	code.jquery.com	6tball-share-webcure.whay.apar.secure.ngapont.lave.live
35	11

This site contains links to these domains. Also see Links.

Domain
lave.live

Subject Issuer	Validity	Valid
6tball-share-webcure.whay.apar.secure.ngapont.lave.live ZeroSSL ECC Domain Secure Site CA	`2024-10-10` - `2025-01-08`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
unpkg.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
cdn.quilljs.com WE1	`2024-08-18` - `2024-11-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-19` - `2024-10-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Frame ID: 269D3DBC59AFA1471398EDB34DA18B08
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Not found

Page URL History Show full URLs

http://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/ HTTP 307
https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/ Page URL

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js
cdnjs\.cloudflare\.com/ajax/libs/Chart\.js/([\d.]+(?:-[^/]+)?)/Chart.*\.js

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

livewire(?:\.min)?\.js

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

35
Requests

89 %
HTTPS

73 %
IPv6

11
Domains

11
Subdomains

12
IPs

4
Countries

640 kB
Transfer

4914 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://lave.live/
Title: GO Home

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/ HTTP 307
https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/hyperscript.org@0.9.12 HTTP 302
https://unpkg.com/hyperscript.org@0.9.12/dist/_hyperscript.min.js

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Redirect Chain

http://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

12 KB
4 KB

99ms
31ms

Document
text/html

172.232.59.193
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.232.59.193 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-232-59-193.ip.linodeusercontent.com
Software: Caddy swoole-http-server /
Resource Hash: c5446217a1e6a42456c0fc41b1f83c79c299bf4b39f3b27cd9f67637484cad86

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: zstd
content-length: 3590
content-type: text/html; charset=UTF-8
date: Thu, 10 Oct 2024 09:45:47 GMT
server: Caddy swoole-http-server
vary: Accept-Encoding

Redirect headers

Location: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 cdn.min.js Show response
cdn.jsdelivr.net/npm/ios-pwa-splash@1.0.0/ 1 KB
919 B 108ms
42ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/ios-pwa-splash@1.0.0/cdn.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

999bb9e81c24d1753d52b97c0a9726055673fa2e89c35856e6a5a534c7d62699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"485-FtEUiHJV42qqB3UlwBRsYn6LhMw"
age: 13547692
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cN6g6%2FfVXZFsPWWDT%2BNyeZHMdAkmT3gT%2B58M%2BYO5TkhdM6IBcmD3D7VdHEssP9KhQWc0%2Fv9%2BlNGveb%2BhJ%2FoOL5MOWlwSvKLrrntx6kctX%2BrUL395wL%2BCu%2F5Kt48RouNji8mkRGgOYq%2FEMhYeIro%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230032-FRA, cache-lga21960-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa3ae86f4e-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 530
server: cloudflare
x-jsd-version: 1.0.0

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 99ms
19ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: gzip
etag: W/"28feccc0-155ed"
age: 3207474
x-cache: HIT, HIT
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 26, 266687
x-served-by: cache-lga21978-LGA, cache-lcy-eglc8600041-LCY
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1728553548.889086,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30336
server: nginx

GET
H2 200 htmx.min.js Show response
unpkg.com/htmx.org@2.0.0/dist/ 48 KB
20 KB 142ms
58ms Script
application/javascript 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/htmx.org@2.0.0/dist/htmx.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc57ba0e655504d282bb6ec1c3d89240cde9f2ce1c393d5b38a95c5bc6da875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "bfba-t0NRjh4f2sbd1fuwoP1q63mZ2EY"
age: 4788733
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J5C67C3AWERAF07VZDXM8GK5-cdg
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d05adfa5b0c6ff0-CDG
access-control-allow-origin: *
server: cloudflare

GET
H2

200

_hyperscript.min.js Show response
unpkg.com/hyperscript.org@0.9.12/dist/
Redirect Chain

https://unpkg.com/hyperscript.org@0.9.12
https://unpkg.com/hyperscript.org@0.9.12/dist/_hyperscript.min.js

98 KB
33 KB

71ms
62ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/hyperscript.org@0.9.12/dist/_hyperscript.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd737e9904a7eed1ee9639b75eb07915baad92961586d0a1fd6d998d24179de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "18811-5HRwmSxtyxOgnBC2wSH7St8Gyf8"
age: 15321485
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HVJ9DAS11KSEPQTZB5GZZCC8-cdg
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d05adfaeb866ff0-CDG
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
location: /hyperscript.org@0.9.12/dist/_hyperscript.min.js
content-encoding: br
cf-cache-status: HIT
age: 95074
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8d05adfa5b0b6ff0-CDG
access-control-allow-origin: *
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01J9R2EFVNREQGSWHEYTEHBCR8-cdg
server: cloudflare

GET
H2 200 disable-element.js Show response
unpkg.com/htmx-ext-disable-element@2.0.0/ 587 B
709 B 140ms
56ms Script
application/javascript 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/htmx-ext-disable-element@2.0.0/disable-element.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3303633135050b47a2f6097066f7bd2939358479921b9222d6d8db31ae8f3d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "24b-5blYzkc7U271QMaYJsRPbDMg8jw"
age: 7691362
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J2NP24VN1XZTD0Z2ZN0VXYBT-cdg
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d05adfa5b096ff0-CDG
access-control-allow-origin: *
server: cloudflare

GET
H2 200 uikit.min.js Show response
cdn.jsdelivr.net/npm/uikit@3.5.8/dist/js/ 128 KB
43 KB 138ms
72ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uikit@3.5.8/dist/js/uikit.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a32e1b2d411fe2a70b7a352642dca1a665a5ab262001a6de4d913180781d3a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"201ba-L2KeC2bU2l4pNLxjBEKJ3/YFj2E"
age: 4791969
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rsLj2nrJb32dyQpw%2FE%2B%2FLoXnV%2Fu2PtQ4EK4IVXHjNLlRUCWVd6dpCqgL%2FxmIjcaCjgxS7fYns2rntuLfIsPAXQHxdAIt%2F6pNIn6ZJYopTkctFSLThsEMLphfs%2FbALwLhE4mhm59yquq6jhwhaHQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220068-FRA, cache-lga21967-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa3ae56f4e-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43852
server: cloudflare
x-jsd-version: 3.5.8

GET
H2 200 uikit-icons.min.js Show response
cdn.jsdelivr.net/npm/uikit@3.5.8/dist/js/ 63 KB
19 KB 120ms
55ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uikit@3.5.8/dist/js/uikit-icons.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95a07d3310374e1beb54f7863aa8b9105318009a9d035feb7d5c3104888d331e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"fa1c-t1SjuJi/vPyPrMHVOpd35/mi/gI"
age: 13551889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ldjavkYKGYf799HwahEy98%2FVvqBYaAcitcLZfoRsnIue9pchGJ69sOuoaXnZrzEYKiXk%2BXyUj4AC3K%2FcIhwx9Gd0p6PiRh3PrdNwIavfoVnWSm7%2FHpZV%2F%2BSQz1vuIlx77b%2B7yw%2BS9tsFy%2BUtEmw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230035-FRA, cache-lga21954-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa3aed6f4e-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18390
server: cloudflare
x-jsd-version: 3.5.8

GET
H3 200 dropzone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/ 42 KB
12 KB 172ms
138ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72ce2d8528437e392a146939b362f18f7e6c81246be0c45cc9c7268b458aa823

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e3e-a7fb"
age: 1855901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkpa8bN2dl2AVSPcahkRyy15DcEsr1jgNt2WKAhVkzp1DaFpiP6P9ga0JJ3GDKhb2Pn2ZUwrmNSeGx6AyjDaZmiGdCQ1o%2BkNtsXnetapj2OGx5VTtW7tnMy53ZTGs518Oe7%2FsK11"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 09:45:47 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:09:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa0cc6d11b-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11347
server: cloudflare

GET
H2 200 quill.min.js Show response
cdn.quilljs.com/1.3.6/ 210 KB
46 KB 125ms
42ms Script
application/javascript 2606:4700:3108::ac42:28a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.3.6/quill.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de86018869b5e845bdc101fc1b55611a1e375e08af6cee4a681d7446103da611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c2734fd6895bdfba13245fc2cda12202"
age: 220401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKGwA6KoEw0Ij7Kdac3PzCx1UUQ%2FMGU8T9GbU5NI4Faztybl9By0HwyQrKsyddAe4y7Jiwmp2Ax5eY7zF0hM%2Fu2prcGtwPcg7vTdCr%2FuOSw8hfxy4iZk493JnLqwHJg5pMZ0bwUYjSlEfwAsnw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d05adfa59da7016-CDG
access-control-allow-origin: *
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 16:07:39 UTC
vary: Accept-Encoding, Accept-Encoding
server: cloudflare

GET
H3 200 index.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/pulltorefreshjs/0.1.22/ 7 KB
3 KB 171ms
138ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pulltorefreshjs/0.1.22/index.umd.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f86ca3e8b5221cd7883962d5fe70ad5a535025da3360a73d8a178108056ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "60393d5c-1d09"
age: 1794173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VOytLTuq4lHvvUMyHqoQ1cQLcUzVbWbO4JZ%2BgLDssgWK%2F%2BhMCxL%2B6EYRFUiSrvmDkGggyD2MdplJ4VKHDkBPSwvQ%2B38HSpYFIHe0Qwy13A3Q8ZstkX0kY6PZNTi3mivErfZUDER"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 09:45:47 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Feb 2021 18:26:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa0cc5d11b-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2165
server: cloudflare

GET
H2 200 Sortable.min.js Show response
cdn.jsdelivr.net/npm/sortablejs@1.15.0/ 43 KB
15 KB 115ms
50ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sortablejs@1.15.0/Sortable.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a9889aecc2f011e15031fed87eeb35ac75e62655a7b4889ba247ee8ea872474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"ac68-r6weqpeow1oiVRxzil/Bucd3U5Q"
age: 3713546
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3VfH4Z7Uxq2Z4HeO52bdNyFTQkn3yZE8WvPS0E%2BVCj%2BcVP6qO5S4D3jpXXUJ7AUUAzFLTbgCATmkkj3KB2%2Bo%2FjYQ%2FdWSCZrQMt0qj1k1XbWpekDcVo4pp7WS2fQvRVTgJ1E2oS2BVhnToCLN2o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220103-FRA, cache-lga21973-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa3aeb6f4e-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15357
server: cloudflare
x-jsd-version: 1.15.0

GET
H3 200 Chart.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/ 169 KB
46 KB 76ms
43ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/Chart.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478a6a70e615f25b7bb27c4c40efc749b5421513cc76b84014c1febebf608982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03cee-2a30c"
age: 595679
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5LQDSeSlRq89bckTYDgrcMoE7iNsgqPZWvpJemCSg64laVnYa0NRg7sk83EyvRYV3VInqOtDweNcI2iH6T1ZW06yGsFGA%2BuFLe7GbIZF3Y5dvVURYe7%2FdDr5wwPG4yJV7O7JyTS9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 09:45:47 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:03:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa0cc2d11b-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46101
server: cloudflare

GET
H2 200 chartjs-plugin-datalabels@0.7.0 Show response
cdn.jsdelivr.net/npm/ 13 KB
6 KB 106ms
42ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/chartjs-plugin-datalabels@0.7.0

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de449772271eceedac2a492a41a7bf860b29402fadeb390e034ad2ed0b654b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"330e-MyjMkC7/nYxBFRP/V6SaLPi/qfE"
age: 13552062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=88Pxvuwoqe6409YQ8d7UhvhkS69kbU%2FxKzQoGDUkIm1x%2FEETfsuBY3NO2XLajX6IRy0RuDwIO5sJ73jUZbMpNwsnW92z0SoGs1HrOaUT7kd%2F5xaAtDLQSideQC6YqyOuO%2Fya2sV7HZvgiDEJxz4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230026-FRA, cache-lga21973-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa3aef6f4e-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5621
server: cloudflare
x-jsd-version: 0.7.0

GET
H3 200 uikit.min.css
cdnjs.cloudflare.com/ajax/libs/uikit/3.6.20/css/ 267 KB
24 KB 220ms
187ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/uikit/3.6.20/css/uikit.min.css

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55a79727c7e7f6e677f45d142ab8cbf61685424d7cd7c8fdfbf6d830a19e41a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6081a7c6-42ba5"
age: 587846
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rgXFiV8gNfnE0AGMGwMDvth8y31hGGbd1JxU4s0d4SRgSAKQRyAyH0Ea0fVmqljaaMmf%2F3lrWnJOb6bHqFHkBuMRNmdQGLcNHbx2lMIPlDlLl0zo4KEkPwg7BYQGltizzN8JPeyc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 09:45:47 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 22 Apr 2021 16:43:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa0cc9d11b-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23483
server: cloudflare

GET
H3 200 tailwind.min.css
cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.0.3/ 3 MB
71 KB 220ms
187ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.0.3/tailwind.min.css

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c75a5a2f884a26ad2963ecda7b561659d41cb87291bd40080b70f45de345e1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "602055a9-2bcbe6"
age: 1738922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTmVe9%2BCerWGvBBwQfgb5TIW11nOHi8lNpntz%2BTXEqCffT5%2B7%2BKeujwLhLqy4oxMnKR3YxlBq5A7r%2FGFzopa15ArT%2Fa7ZVIpHCk18gl5TYK6MWS6SathgpPlwCmGqPXW2WnTBhCy"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 09:45:47 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 07 Feb 2021 21:03:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa0ccad11b-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71961
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 686 B
770 B 137ms
54ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nova%20Mono

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dcc704548d00cf96708372ae6d8b2ae3760c9ba53d2d1094f13a4d4387ef8c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 09:45:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 09:15:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 dropzone.min.css
cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/ 9 KB
2 KB 331ms
298ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.css

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8ef13a45ecd495c56e38e9a11af5fcb85572a4b34661a63eab2b510795b3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e3e-25f5"
age: 540005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8fAAofRu826Fvs9G9uc2tbPl1YmD6Ucs3uE3sfg4cExdYLYtO56OR88UruAyOjkVD6IBlnLReyOfq5VGsGU6k6rwB9gqNto6dJXbCQ2%2BAdtWcBrfim%2BxeoMxBO87240%2FqUkEi6Cs"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 09:45:47 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:09:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa0cccd11b-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1274
server: cloudflare

GET
H2 200 quill.snow.css
cdn.quilljs.com/1.3.6/ 24 KB
4 KB 135ms
53ms Stylesheet
text/css 2606:4700:3108::ac42:28a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.3.6/quill.snow.css

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892e299431955e9ae388ae257f72024ee76af2d52a7a97a868f70fbe50f16144

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "9b536bda67650c506df72197baec4c01"
age: 240499
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EhH0M7HuJAOujBhOozvKUAE1%2Btb4E%2BHViCKB%2Bp97pcNdm%2Fy%2Ff45GyfzE9wwnvcwd7t65z4PKy1rD34Y681WlzlHTl%2BCKhXe0T60tqFdYvYakyS6rMhC9XeJ5zbBtal6X4eCLZtQRbD5AA1qDpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 22 Apr 2024 16:07:39 UTC
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d05adfa59d67016-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3660
server: cloudflare

GET
H3 200 jquery.jscroll.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jscroll/2.4.1/ 3 KB
2 KB 331ms
298ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jscroll/2.4.1/jquery.jscroll.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f305e71d40a14f1aede17763781a06175f661e8931b3a4ac9d719daddc01e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec6-d04"
age: 44441
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m9LIcDLbq4pqUXfWwq0zJpBUDQMBKoEkOpBSwOpatSdziCS8VbpD%2B4AW%2FkeLlrVDRZsWhR2Z266Wz8%2BIBM4WLQG4sxOXcd0vG3tnEI2Z7vGsQzerxyf8lLJsLC5%2FPy4TxFs7GU3f"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 09:45:47 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa0ccdd11b-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1194
server: cloudflare

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/ 16 KB
3 KB 107ms
44ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
age: 13561295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbtqAOi8zOM7sfGZ3nMsJWRSA08eb9xNWGQpKlQFPKqHO5XLxRjsbHe%2F5rN8%2FNOYznud0uNtNO%2FaKi8EWEBhr3FfNZmRb2tHQUQguqktmv1La6x4tHKaP%2FZWWNQDuc%2FyDNSz3zSbKw10JS0gEHY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220046-FRA, cache-lga21924-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa3ae26f4e-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2162
server: cloudflare
x-jsd-version: 4.1.0-rc.0

GET
H2 200 select2.min.js Show response
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/ 71 KB
18 KB 106ms
43ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
age: 544465
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gd2NtLR%2FD6lzWSkwuTegAQ%2BG0ryDbXYTmAYJJY%2BD6E%2FuC0yzm97%2BqT7BDzEtgE1uYG0MBIovmoX%2FWCNr9Nni4HPmzq27jwaPh35DjMUa1KaLAVadO3k9JD61q1AKxwF3J0VZNsXq1zhrNEaKV0I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220129-FRA, cache-lga21928-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa3af16f4e-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18460
server: cloudflare
x-jsd-version: 4.1.0-rc.0

GET
H2 200 livewire.min.js Show response
6tball-share-webcure.whay.apar.secure.ngapont.lave.live/vendor/livewire/ 140 KB
50 KB 32ms
30ms Script
application/javascript 172.232.59.193
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/vendor/livewire/livewire.min.js?id=923613aa
Requested by: Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.232.59.193 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-232-59-193.ip.linodeusercontent.com
Software: Caddy, swoole-http-server /
Resource Hash: 69360eb086277c4e35a1bef97eb8f2bf2f842f6706093ac5680e15abdb773875

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

alt-svc: h3=":443"; ma=2592000
content-encoding: zstd
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript
vary: Accept-Encoding
server: Caddy, swoole-http-server

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
107 KB 127ms
49ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D7LKZVZ8CV

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf70c4a5138fb22e9d325d6127846ac79e71291eb4976ba1de69ac5c39dd24d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 10 Oct 2024 09:45:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108556
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 serviceworker.js Show response
6tball-share-webcure.whay.apar.secure.ngapont.lave.live/ 1 KB
618 B 31ms
31ms Script
application/javascript 172.232.59.193
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/serviceworker.js
Requested by: Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.232.59.193 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-232-59-193.ip.linodeusercontent.com
Software: Caddy, swoole-http-server /
Resource Hash: 64eac2614135a175d6cb074431fe142b4010332ae59aaefd4fb6f5d0c183d941

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

alt-svc: h3=":443"; ma=2592000
content-encoding: zstd
content-length: 570
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript
vary: Accept-Encoding
server: Caddy, swoole-http-server

GET
H2 200 icon-512x512.png
6tball-share-webcure.whay.apar.secure.ngapont.lave.live/images/icons/ 4 KB
4 KB 22ms
21ms Image
image/png 172.232.59.193
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/images/icons/icon-512x512.png?v=1.0
Requested by: Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.232.59.193 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-232-59-193.ip.linodeusercontent.com
Software: Caddy, swoole-http-server /
Resource Hash: df988a0ef068e431831b017a36c03b3f7d0d07254ed6326cc0f48b529955d962

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

alt-svc: h3=":443"; ma=2592000
content-length: 3968
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: image/png
server: Caddy, swoole-http-server

GET
H3 200 jquery.jscroll.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jscroll/2.4.1/ 3 KB
0 0ms
0ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jscroll/2.4.1/jquery.jscroll.min.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f305e71d40a14f1aede17763781a06175f661e8931b3a4ac9d719daddc01e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec6-d04"
age: 44441
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m9LIcDLbq4pqUXfWwq0zJpBUDQMBKoEkOpBSwOpatSdziCS8VbpD%2B4AW%2FkeLlrVDRZsWhR2Z266Wz8%2BIBM4WLQG4sxOXcd0vG3tnEI2Z7vGsQzerxyf8lLJsLC5%2FPy4TxFs7GU3f"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 09:45:47 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:50 GMT
vary: Accept-Encoding
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d05adfa0ccdd11b-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1194
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 89ms
27ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4434, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: bwFJMcj/vAhrr/kgtGudRRJUJlVinsVh5ioKqYBAw/nTBLtshpBNDB4DfWquTv6D77Pjr7fcV/+CVaWTcEq4hA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 1013176736283494 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 113ms
113ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1013176736283494?v=2.9.170&r=stable&domain=6tball-share-webcure.whay.apar.secure.ngapont.lave.live&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

55039e7f52d8f945e145ae2e499ef14beaea36d34f427ec39c61c97d99646494

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=68, mss=1232, tbw=67264, tp=63, tpl=0, uplat=88, ullat=0
pragma: public
x-fb-debug: /Bslj7QhcaqwlZA2fqrL0BG+6uls3Of09KrGN194XI9zLpaUf2oT76JpMbMn2wrNFhWMmdNJWBZsueKJmXGtqg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 71ms
24ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D7LKZVZ8CV&gtm=45je4a70v9180459130za200&_p=1728553548182&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&cid=854261833.1728553548&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728553548&sct=1&seg=0&dl=https%3A%2F%2F6tball-share-webcure.whay.apar.secure.ngapont.lave.live%2F&dt=Not%20found&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=732
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D7LKZVZ8CV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 83ms
24ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1013176736283494&ev=PageView&dl=https%3A%2F%2F6tball-share-webcure.whay.apar.secure.ngapont.lave.live%2F&rl=&if=false&ts=1728553548442&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728553548440.652892789974674013&cs_est=true&ler=empty&cdl=API_unavailable&it=1728553548310&coo=false&rqm=GET

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2968, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 317ms
259ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1013176736283494&ev=PageView&dl=https%3A%2F%2F6tball-share-webcure.whay.apar.secure.ngapont.lave.live%2F&rl=&if=false&ts=1728553548442&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728553548440.652892789974674013&cs_est=true&ler=empty&cdl=API_unavailable&it=1728553548310&coo=false&rqm=FGET

Requested by

Host: 6tball-share-webcure.whay.apar.secure.ngapont.lave.live
URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7424080959825418902"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 6S5wgMOPEIQWrm6uDpLywncekn6oyYO4VLdZ45VuN8xU8Rcn39spdtNxZw/EseCxpXDqr+skektcVDgZBgeONw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7424080959825418902", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=14, mss=1297, tbw=3286, tp=-1, tpl=-1, uplat=233, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 404 favicon-32x32.png
6tball-share-webcure.whay.apar.secure.ngapont.lave.live/favicon/ 12 KB
0 32ms
32ms Other
text/html

General

Check archive.org

Show headers Download Go to

Full URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/favicon/favicon-32x32.png?v=1.0
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: Caddy, swoole-http-server /
Resource Hash: a59dca3fd2be8b5917607496dea339ce5ecbcf0e2637c9f97598d4a98d59c4d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cache-control: no-cache, private
content-encoding: zstd
alt-svc: h3=":443"; ma=2592000
content-length: 3593
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, swoole-http-server

GET
H2 404 favicon-16x16.png
6tball-share-webcure.whay.apar.secure.ngapont.lave.live/favicon/ 12 KB
0 26ms
26ms Other
text/html

General

Check archive.org

Show headers Download Go to

Full URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/favicon/favicon-16x16.png?v=1.0
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: Caddy, swoole-http-server /
Resource Hash: 5187a81ebb7da0b0d26fe1d3a2d0975538d8634570abf240a622ea6283a5678f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

cache-control: no-cache, private
content-encoding: zstd
alt-svc: h3=":443"; ma=2592000
content-length: 3591
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Caddy, swoole-http-server

GET
H2 200 icon-512x512.png
6tball-share-webcure.whay.apar.secure.ngapont.lave.live/images/icons/ 4 KB
0 25ms
25ms Other
image/png

General

Check archive.org

Show headers Download Go to

Full URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/images/icons/icon-512x512.png?v=1.0
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: Caddy, swoole-http-server /
Resource Hash: df988a0ef068e431831b017a36c03b3f7d0d07254ed6326cc0f48b529955d962

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/

Response headers

alt-svc: h3=":443"; ma=2592000
content-length: 3968
date: Thu, 10 Oct 2024 09:45:48 GMT
content-type: image/png
server: Caddy, swoole-http-server

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
6tball-share-webcure.whay.apar.secure.ngapont.lave.live/	1970-01-21 00:10:39	Name: XSRF-TOKEN Value: eyJpdiI6IkozMDU5MVFoL0NyQ3Rid0F5Ymh1Y2c9PSIsInZhbHVlIjoickltZExBTEt3MWxpRi91YlEvNnQ4Zk5nSFBYNTd3TWtEWWkrNUYwTlhyVER2ZFduL25pRVplMjMvaU5mc2ZjbW90cG9OZWtjb1RkSXhxTXpKNzdvaUt0UXl3Sm93cjBDM2FCSDd4cE9ib0xUN3Y4a0t2bVMzd1A1b2tUcjc4K0oiLCJtYWMiOiI2NjI4NTI4MGM3OWJlZWE2MzQ3ZjU5MTExYTJlZGVjMzJlYWE3NjI3NmE3NGFkNzU0NmVlMWVmNGQ2NjZhZmFkIiwidGFnIjoiIn0%3D
6tball-share-webcure.whay.apar.secure.ngapont.lave.live/	1970-01-21 00:10:39	Name: lave_session Value: eyJpdiI6IlpuNGQ4SnpHdTdBTUU1RGRGUThrK1E9PSIsInZhbHVlIjoiR3llZ2dHbmFxWm4rQ1ROMXpPcXZqeXlCOG9sc1VRd29LUDJrTVE0ZlAxblA0TUJYRXpQRUNJTlNSb2xLZzNkWGJ1djJzSDRQU1NmLzJDY2RTZzh2emJkbE5xbVlua3hZUlc3a0p6eU0yTVpqYWxqcEhLcXozL2NKYU01ekxlNWciLCJtYWMiOiIwYmI5MWE4MzYxMGUwYTY4ZGMzZmM2NTQ0NGFiYTMwODRhMWFkZDUzNGM0NDQyYTcxZDk4ZDZmZTJlNjVhOTRmIiwidGFnIjoiIn0%3D
.onesignal.com/	1970-01-21 00:09:15	Name: __cf_bm Value: 4qCUaEVvDeDh5Xa.biRihFEIOytDTQmalWQBFDiMqYo-1728553548-1.0.1.1-uahLEWn_G42rwSCdoIl9wiIUM7JtFAugxEKzBz9VgBzvSqYMc01nXDevWYkhaythHMPtWmlQkxIjtg5WEOXg8g
.lave.live/	1970-01-21 09:45:13	Name: _ga Value: GA1.1.854261833.1728553548
.lave.live/	1970-01-21 09:45:13	Name: _ga_D7LKZVZ8CV Value: GS1.1.1728553548.1.0.1728553548.0.0.0
.lave.live/	1970-01-21 02:18:49	Name: _fbp Value: fb.1.1728553548440.652892789974674013

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/favicon/favicon-32x32.png?v=1.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://6tball-share-webcure.whay.apar.secure.ngapont.lave.live/favicon/favicon-16x16.png?v=1.0 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6tball-share-webcure.whay.apar.secure.ngapont.lave.live
cdn.jsdelivr.net
cdn.quilljs.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
region1.google-analytics.com
unpkg.com
www.facebook.com
www.googletagmanager.com
104.17.25.14
157.240.0.6
172.232.59.193
2001:4860:4802:34::36
2606:4700:3108::ac42:28a3
2606:4700::6811:f8cb
2606:4700::6812:bb1f
2a00:1450:4001:80b::2008
2a00:1450:4001:828::200a
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::649
0fc57ba0e655504d282bb6ec1c3d89240cde9f2ce1c393d5b38a95c5bc6da875
17f86ca3e8b5221cd7883962d5fe70ad5a535025da3360a73d8a178108056ca7
3303633135050b47a2f6097066f7bd2939358479921b9222d6d8db31ae8f3d24
478a6a70e615f25b7bb27c4c40efc749b5421513cc76b84014c1febebf608982
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
5187a81ebb7da0b0d26fe1d3a2d0975538d8634570abf240a622ea6283a5678f
55039e7f52d8f945e145ae2e499ef14beaea36d34f427ec39c61c97d99646494
55a79727c7e7f6e677f45d142ab8cbf61685424d7cd7c8fdfbf6d830a19e41a7
64eac2614135a175d6cb074431fe142b4010332ae59aaefd4fb6f5d0c183d941
69360eb086277c4e35a1bef97eb8f2bf2f842f6706093ac5680e15abdb773875
72ce2d8528437e392a146939b362f18f7e6c81246be0c45cc9c7268b458aa823
7b8ef13a45ecd495c56e38e9a11af5fcb85572a4b34661a63eab2b510795b3e8
892e299431955e9ae388ae257f72024ee76af2d52a7a97a868f70fbe50f16144
8a9889aecc2f011e15031fed87eeb35ac75e62655a7b4889ba247ee8ea872474
95a07d3310374e1beb54f7863aa8b9105318009a9d035feb7d5c3104888d331e
999bb9e81c24d1753d52b97c0a9726055673fa2e89c35856e6a5a534c7d62699
a32e1b2d411fe2a70b7a352642dca1a665a5ab262001a6de4d913180781d3a7e
a59dca3fd2be8b5917607496dea339ce5ecbcf0e2637c9f97598d4a98d59c4d1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c5446217a1e6a42456c0fc41b1f83c79c299bf4b39f3b27cd9f67637484cad86
c75a5a2f884a26ad2963ecda7b561659d41cb87291bd40080b70f45de345e1a8
cd737e9904a7eed1ee9639b75eb07915baad92961586d0a1fd6d998d24179de6
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
cf70c4a5138fb22e9d325d6127846ac79e71291eb4976ba1de69ac5c39dd24d0
d3f305e71d40a14f1aede17763781a06175f661e8931b3a4ac9d719daddc01e9
dcc704548d00cf96708372ae6d8b2ae3760c9ba53d2d1094f13a4d4387ef8c65
de449772271eceedac2a492a41a7bf860b29402fadeb390e034ad2ed0b654b21
de86018869b5e845bdc101fc1b55611a1e375e08af6cee4a681d7446103da611
df988a0ef068e431831b017a36c03b3f7d0d07254ed6326cc0f48b529955d962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

6tball-share-webcure.whay.apar.secure.ngapont.lave.live Open in urlscan Pro 172.232.59.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

89 %HTTPS

73 %IPv6

11 Domains

11 Subdomains

12 IPs

4 Countries

640 kBTransfer

4914 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

6tball-share-webcure.whay.apar.secure.ngapont.lave.live Open in urlscan Pro
172.232.59.193 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

89 %
HTTPS

73 %
IPv6

11
Domains

11
Subdomains

12
IPs

4
Countries

640 kB
Transfer

4914 kB
Size

6
Cookies

35 HTTP transactions
0 data transactions