balls.michiganbowling.com Open in urlscan Pro
104.167.215.179 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://balls.michiganbowling.com/
Submission: On November 21 via api (November 21st 2024, 11:39:21 pm UTC) from US — Scanned from CA

Summary HTTP 16 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 16 HTTP transactions. The main IP is 104.167.215.179, located in Dallas, United States and belongs to BERRYBYTE BerryByte Limited, GB. The main domain is balls.michiganbowling.com.
TLS certificate: Issued by E6 on October 8th 2024. Valid for: 3 months.

This is the only time balls.michiganbowling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.167.215.179 104.167.215.179	60841 (BERRYBYTE...) (BERRYBYTE BerryByte Limited)
2	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
1	172.253.62.97 172.253.62.97	15169 (GOOGLE) (GOOGLE)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	172.253.122.119 172.253.122.119	15169 (GOOGLE) (GOOGLE)
2	104.18.143.9 104.18.143.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.54.127.78 23.54.127.78	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	142.251.179.102 142.251.179.102	15169 (GOOGLE) (GOOGLE)
1	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
1	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2	142.251.111.94 142.251.111.94	15169 (GOOGLE) (GOOGLE)
1	172.253.63.113 172.253.63.113	15169 (GOOGLE) (GOOGLE)
16	12

1 104.167.215.179 (Dallas, United States)

ASN60841 (BERRYBYTE BerryByte Limited, GB)
PTR: 104-167-215-179.ipv4.berrybyte.network

balls.michiganbowling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.119 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f119.1e100.net

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.143.9 (None, )

ASN13335 (CLOUDFLARENET, US)

img.poki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.127.78 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-54-127-78.deploy.static.akamaitechnologies.com

d.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.179.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f102.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

pl24530633.profitablecpmrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

www.highperformanceformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	40 KB
2	poki.com img.poki.com — Cisco Umbrella Rank: 63111	51 KB
2	ucarecdn.com ucarecdn.com — Cisco Umbrella Rank: 19125	100 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	highperformanceformat.com www.highperformanceformat.com — Cisco Umbrella Rank: 100862
1	profitablecpmrate.com pl24530633.profitablecpmrate.com — Cisco Umbrella Rank: 634913
1	newsweek.com d.newsweek.com — Cisco Umbrella Rank: 25770	104 KB
1	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 557	71 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	michiganbowling.com balls.michiganbowling.com	17 KB
16	11

	Domain	Requested by
2	fonts.gstatic.com	fonts.googleapis.com
2	img.poki.com	balls.michiganbowling.com
2	ucarecdn.com	balls.michiganbowling.com
2	fonts.googleapis.com	balls.michiganbowling.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.highperformanceformat.com	balls.michiganbowling.com
1	pl24530633.profitablecpmrate.com	balls.michiganbowling.com
1	encrypted-tbn0.gstatic.com	balls.michiganbowling.com
1	d.newsweek.com	balls.michiganbowling.com
1	play-lh.googleusercontent.com	balls.michiganbowling.com
1	www.googletagmanager.com	balls.michiganbowling.com
1	balls.michiganbowling.com
16	12

This site contains links to these domains. Also see Links.

Domain
discord.gg

Subject Issuer	Validity	Valid
balls.michiganbowling.com E6	`2024-10-08` - `2025-01-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ucarecdn.com Certainly Intermediate R1	`2024-11-16` - `2024-12-16`	a month	crt.sh
edgestatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
poki.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
d.newsweek.com E5	`2024-11-02` - `2025-01-31`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
profitablecpmrate.com R11	`2024-10-15` - `2025-01-13`	3 months	crt.sh
highperformanceformat.com R10	`2024-10-15` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://balls.michiganbowling.com/
Frame ID: 63255260BFD0DB388C21013293765B05
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DuckHTML

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

492 kB
Transfer

806 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/WJrVhYbrdQ
Title: Join Discord

Search URL Search Domain Scan URL

URL: https://discord.gg/YrRk9PvVwh
Title: atOptions = { 'key' : 'cc423eef0edb0ececdb2e54fa0966cdc', 'format' : 'iframe', 'height' : 90, 'width' : 728, 'params' : {} }; This website uses cookies. By using this site, you agree to our use of cookies. Accept Decline function scrollFeaturedGames(direction) { const container = document.querySelector('.featured-games'); const scrollAmount = container.clientWidth * 0.6; if (direction === 'left') { container.scrollBy({ left: -scrollAmount, behavior: 'smooth' }); } else if (direction === 'right') { container.scrollBy({ left: scrollAmount, behavior: 'smooth' }); } } window.onload = function() { var savedTitle = localStorage.getItem('pageTitle') || 'DuckHTML'; var savedFavicon = localStorage.getItem('faviconUrl') || 'https://ucarecdn.com/cf91fdbc-e959-4737-9276-c5ddb93799a8/duckhtml.png'; var savedTheme = localStorage.getItem('theme') || 'defaul

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
balls.michiganbowling.com/ 17 KB
17 KB 415ms
55ms Document
text/html 104.167.215.179
BERRYBYTE BerryBy...

General

Check archive.org

Show headers Download Go to

Full URL: https://balls.michiganbowling.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.215.179 Dallas, United States, ASN60841 (BERRYBYTE BerryByte Limited, GB),
Reverse DNS: 104-167-215-179.ipv4.berrybyte.network
Software: Caddy /
Resource Hash: 12640c38b94b9316a50b7b34b550b916ee5daaf1beb4820c2e4fdebf7c0f4d78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 17037
content-type: text/html; charset=utf-8
date: Thu, 21 Nov 2024 23:39:08 GMT
etag: "d5n4gmd35ukgd59"
last-modified: Fri, 15 Nov 2024 22:56:48 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
634 B 209ms
119ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Press+Start+2P&display=swap

Requested by

Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

65fc9cd99b61d5a80bbdb401b63314c73235159c1ac29d7556eb1a0c76d6f6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 23:39:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 23:39:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 22:29:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
924 B 143ms
54ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=VT323&display=swap

Requested by

Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

38560e048f0daca24cf0d7d755eadbef29bfb4dfd2db226613aa592eac2e7ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 23:39:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 23:39:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 22:39:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 180ms
63ms Script
application/javascript 172.253.62.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8X677NPBRV

Requested by

Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

6f08ca808891719424b55bc85bb4dbaf6a4bb995da6ce5ca5a94a99262b2c34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 21 Nov 2024 23:39:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 23:39:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109722
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 duckhtml.png
ucarecdn.com/cf91fdbc-e959-4737-9276-c5ddb93799a8/ 99 KB
100 KB 73ms
20ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/cf91fdbc-e959-4737-9276-c5ddb93799a8/duckhtml.png
Requested by: Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Uploadcare /
Resource Hash: 419512584bce569860168dcd1876ad0b233571812669568daed99388f4f72b01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

x-robots-tag: noindex, nofollow, nosnippet, noarchive
access-control-expose-headers: HEAD, GET, OPTIONS
etag: "ab1a43c438dd2375feb1ae78c120c0e7"
age: 637107
access-control-allow-methods: HEAD, GET, OPTIONS
x-image-width: 748
date: Thu, 21 Nov 2024 23:39:16 GMT
content-type: image/png
content-disposition: inline; filename=duckhtml.png
last-modified: Sat, 10 Feb 2024 15:33:51 GMT
cache-control: public, max-age=31556926, immutable
x-image-height: 748
accept-ranges: bytes
access-control-allow-origin: *
content-length: 101596
server: Uploadcare

GET
H2 200 uJn2i9h7KxYQarC_c3K4qH6o7gLtflFnhD_dN14MNkzHJ1NeNFzCL69jpB5mT0vCoQs
play-lh.googleusercontent.com/ 71 KB
71 KB 324ms
42ms Image
image/png 172.253.122.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/uJn2i9h7KxYQarC_c3K4qH6o7gLtflFnhD_dN14MNkzHJ1NeNFzCL69jpB5mT0vCoQs

Requested by

Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f119.1e100.net

Software

fife /

Resource Hash

74978f36c6543760ef2d060290bea575dbbd1f917f5933dd3532ab2f89d93eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 11767
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 20:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 20:23:09 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 72197
x-xss-protection: 0
server: fife

GET
H2 200 7336e7ac04f8c0a88fac674d112ad77c.png
img.poki.com/cdn-cgi/image/quality=78,width=600,height=600,fit=cover,f=auto/ 35 KB
35 KB 217ms
44ms Image
image/avif 104.18.143.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.poki.com/cdn-cgi/image/quality=78,width=600,height=600,fit=cover,f=auto/7336e7ac04f8c0a88fac674d112ad77c.png

Requested by

Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.143.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6593871705b14d9065b9fd4cc41d8e262ea6ecd7609890616def99a9bb090b9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

cf-cache-status: HIT
etag: "cfgDPaAlNqWssIv_TbQrQum1S5Wgr8SlEN7YpSIFl9DQ:7336e7ac04f8c0a88fac674d112ad77c"
cf-bgj: imgq:78,h2pri
cf-resized: internal=ram/h q=0 n=0+114 c=0+0 v=2024.10.6 l=35441 f=false
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 23:39:16 GMT
content-type: image/avif
last-modified: Wed, 12 May 2021 16:01:00 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31556926
cf-ray: 8e6484a61cbeab5a-YYZ
accept-ranges: bytes
content-length: 35441
server: cloudflare

GET
H2 200 bitlife-ribbons-how-get-all-complete-list-android-ios-cheats-guide-tips-become.jpg
d.newsweek.com/en/full/1317374/ 104 KB
104 KB 175ms
39ms Image
image/jpeg 23.54.127.78
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1317374/bitlife-ribbons-how-get-all-complete-list-android-ios-cheats-guide-tips-become.jpg?w=1600&h=1600&q=88&f=75befc746fb83a0c568c44ca07bc5e64

Requested by

Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.127.78 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-54-127-78.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7d7a6201d34ba3963c3cb794151a0e6b54799dde28b26be963a73b1d4ee5f942

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

strict-transport-security: max-age=86400; includeSubDomains
cache-control: max-age=25368023
x-cahce: HIT
x-cacheable: YES
access-control-allow-origin: *
content-length: 106659
date: Thu, 21 Nov 2024 23:39:16 GMT
content-type: image/jpeg
last-modified: Thu, 26 Sep 2024 11:13:11 GMT
server: Apache

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 10 KB
11 KB 167ms
43ms Image
image/jpeg 142.251.179.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSI_wCDLz_SlN9xf9Avmp4qAsUUwit_TzNfvmCAlFZCsA&s

Requested by

Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f102.1e100.net

Software

sffe /

Resource Hash

47cd9bbb14f57541ea62268d0b460b8432c273fb1727027f83f81ea7d76e8a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

age: 35080
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 13:54:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 13:54:36 GMT
last-modified: Sat, 03 Apr 2021 18:57:49 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 10421
x-xss-protection: 0
server: sffe

GET
H2 200 c8cb366d52fc2a67fb313c344efdbc9e.png
img.poki.com/cdn-cgi/image/quality=78,width=600,height=600,fit=cover,f=auto/ 16 KB
16 KB 156ms
42ms Image
image/avif 104.18.143.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.poki.com/cdn-cgi/image/quality=78,width=600,height=600,fit=cover,f=auto/c8cb366d52fc2a67fb313c344efdbc9e.png

Requested by

Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.143.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb25b5461ece21cc5f8328d1265d661c55130cc8d60aab14a2aedbefb9747b1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

cf-cache-status: HIT
etag: "cfkBBEhJX3LiGZk5WcvQjtRGtyWgr8SlEN7YpSIFl9DQ:c8cb366d52fc2a67fb313c344efdbc9e"
cf-bgj: imgq:78,h2pri
cf-resized: internal=ok/h q=0 n=8+82 c=0+0 v=2024.9.1 l=16353 f=false
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 23:39:16 GMT
content-type: image/avif
last-modified: Wed, 30 Sep 2020 14:54:33 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31556926
cf-ray: 8e6484a61cc1ab5a-YYZ
accept-ranges: bytes
content-length: 16353
server: cloudflare

GET
H/1.1 403
Forbidden 8a2604b7dc51db332008ddf67973775b.js
pl24530633.profitablecpmrate.com/8a/26/04/ 0
0 206ms
44ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://pl24530633.profitablecpmrate.com/8a/26/04/8a2604b7dc51db332008ddf67973775b.js
Requested by: Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 21 Nov 2024 23:39:16 GMT
Content-Type: application/javascript
Host: pl24530633.profitablecpmrate.com
Server: nginx/1.21.6

GET
H/1.1 403
Forbidden invoke.js
www.highperformanceformat.com/cc423eef0edb0ececdb2e54fa0966cdc/ 0
0 166ms
51ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.highperformanceformat.com/cc423eef0edb0ececdb2e54fa0966cdc/invoke.js
Requested by: Host: balls.michiganbowling.com
URL: https://balls.michiganbowling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 21 Nov 2024 23:39:16 GMT
Content-Type: application/javascript
Host: www.highperformanceformat.com
Server: nginx/1.19.5

GET
H3 200 pxiKyp0ihIEF2isfFJU.woff2
fonts.gstatic.com/s/vt323/v17/ 17 KB
17 KB 124ms
42ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vt323/v17/pxiKyp0ihIEF2isfFJU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=VT323&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://balls.michiganbowling.com
Referer: https://fonts.googleapis.com/

Response headers

age: 383270
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:11:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:11:26 GMT
last-modified: Wed, 27 Apr 2022 15:50:13 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17668
x-xss-protection: 0
server: sffe

GET
H3 200 e3t4euO8T-267oIAQAu6jDQyK3nVivM.woff2
fonts.gstatic.com/s/pressstart2p/v15/ 12 KB
12 KB 126ms
45ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pressstart2p/v15/e3t4euO8T-267oIAQAu6jDQyK3nVivM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Press+Start+2P&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

5bd44fee71c38c481d5b546bf29a65b6a6e69dd4ab89acd8de2d49baeebb8317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://balls.michiganbowling.com
Referer: https://fonts.googleapis.com/

Response headers

age: 26040
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 16:25:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 16:25:16 GMT
last-modified: Tue, 02 May 2023 15:30:42 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12480
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 127ms
45ms Fetch
text/plain 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8X677NPBRV&gtm=45je4bk0v9191913013za200&_p=1732232356685&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=375400741.1732232357&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732232357&sct=1&seg=0&dl=https%3A%2F%2Fballs.michiganbowling.com%2F&dt=DuckHTML&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1036
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X677NPBRV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f113.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://balls.michiganbowling.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 23:39:17 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 duckhtml.png
ucarecdn.com/cf91fdbc-e959-4737-9276-c5ddb93799a8/ 99 KB
0 0ms
0ms Other
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ucarecdn.com/cf91fdbc-e959-4737-9276-c5ddb93799a8/duckhtml.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Uploadcare /
Resource Hash: 419512584bce569860168dcd1876ad0b233571812669568daed99388f4f72b01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://balls.michiganbowling.com/

Response headers

x-robots-tag: noindex, nofollow, nosnippet, noarchive
access-control-expose-headers: HEAD, GET, OPTIONS
etag: "ab1a43c438dd2375feb1ae78c120c0e7"
age: 637107
access-control-allow-methods: HEAD, GET, OPTIONS
x-image-width: 748
date: Thu, 21 Nov 2024 23:39:16 GMT
content-type: image/png
content-disposition: inline; filename=duckhtml.png
last-modified: Sat, 10 Feb 2024 15:33:51 GMT
cache-control: public, max-age=31556926, immutable
x-image-height: 748
accept-ranges: bytes
access-control-allow-origin: *
content-length: 101596
server: Uploadcare

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.michiganbowling.com/	1970-01-21 10:46:32	Name: _ga_8X677NPBRV Value: GS1.1.1732232357.1.0.1732232357.0.0.0
			.michiganbowling.com/	1970-01-21 10:46:32	Name: _ga Value: GA1.1.375400741.1732232357

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.highperformanceformat.com/cc423eef0edb0ececdb2e54fa0966cdc/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl24530633.profitablecpmrate.com/8a/26/04/8a2604b7dc51db332008ddf67973775b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balls.michiganbowling.com
d.newsweek.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
img.poki.com
pl24530633.profitablecpmrate.com
play-lh.googleusercontent.com
ucarecdn.com
www.google-analytics.com
www.googletagmanager.com
www.highperformanceformat.com
104.167.215.179
104.18.143.9
142.251.111.94
142.251.179.102
151.101.130.132
172.253.122.119
172.253.62.97
172.253.63.113
172.253.63.95
192.243.59.13
192.243.61.225
23.54.127.78
12640c38b94b9316a50b7b34b550b916ee5daaf1beb4820c2e4fdebf7c0f4d78
38560e048f0daca24cf0d7d755eadbef29bfb4dfd2db226613aa592eac2e7ccf
419512584bce569860168dcd1876ad0b233571812669568daed99388f4f72b01
47cd9bbb14f57541ea62268d0b460b8432c273fb1727027f83f81ea7d76e8a9c
5bd44fee71c38c481d5b546bf29a65b6a6e69dd4ab89acd8de2d49baeebb8317
6593871705b14d9065b9fd4cc41d8e262ea6ecd7609890616def99a9bb090b9d
65fc9cd99b61d5a80bbdb401b63314c73235159c1ac29d7556eb1a0c76d6f6e4
6f08ca808891719424b55bc85bb4dbaf6a4bb995da6ce5ca5a94a99262b2c34f
74978f36c6543760ef2d060290bea575dbbd1f917f5933dd3532ab2f89d93eb3
7d7a6201d34ba3963c3cb794151a0e6b54799dde28b26be963a73b1d4ee5f942
cb25b5461ece21cc5f8328d1265d661c55130cc8d60aab14a2aedbefb9747b1c
dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6

balls.michiganbowling.com Open in urlscan Pro 104.167.215.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

11 Domains

12 Subdomains

12 IPs

2 Countries

492 kBTransfer

806 kBSize

2 Cookies

2 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

balls.michiganbowling.com Open in urlscan Pro
104.167.215.179 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

492 kB
Transfer

806 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions