urlscan.io logo urlscan.io
SecurityTrails logo

www.fanball.com Open in urlscan Pro
104.17.185.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fanballwinners.com/
Effective URL: https://www.fanball.com/winners
Submission: On September 28 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 64 HTTP transactions. The main IP is 104.17.185.5, located in and belongs to CLOUDFLARENET, US. The main domain is www.fanball.com.
TLS certificate: Issued by E6 on September 1st 2024. Valid for: 3 months.
This is the only time www.fanball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
25 104.17.185.5 13335 (CLOUDFLAR...)
12 172.67.74.168 13335 (CLOUDFLAR...)
8 172.217.16.138 15169 (GOOGLE)
2 216.239.34.178 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 142.250.186.40 15169 (GOOGLE)
5 142.250.186.67 15169 (GOOGLE)
2 18.173.154.32 16509 (AMAZON-02)
1 216.239.34.36 15169 (GOOGLE)
2 157.240.251.9 32934 (FACEBOOK)
2 157.240.251.35 32934 (FACEBOOK)
64 12
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fanballwinners.com
25    104.17.185.5 (None, )

ASN13335 (CLOUDFLARENET, US)
www.fanball.com
12    172.67.74.168 (United States)

ASN13335 (CLOUDFLARENET, US)
delivery.sharplink.us
tracking.sharplink.us
8    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
fonts.googleapis.com
2    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net
www.googletagmanager.com
5    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
2    18.173.154.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-32.muc50.r.cloudfront.net
sessions.sharplink.us
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
2    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
25 fanball.com
www.fanball.com
4 MB
14 sharplink.us
delivery.sharplink.us — Cisco Umbrella Rank: 229940
sessions.sharplink.us — Cisco Umbrella Rank: 278469
tracking.sharplink.us — Cisco Umbrella Rank: 299090
33 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
29 KB
5 gstatic.com
fonts.gstatic.com
141 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 3391
22 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
73 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
182 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
28 KB
1 fanballwinners.com
fanballwinners.com
682 B
0 btstatic.com Failed
s.btstatic.com Failed
0 polyfill.io Failed
cdn.polyfill.io Failed
64 12
Domain Requested by
25 www.fanball.com www.fanball.com
11 delivery.sharplink.us www.fanball.com
delivery.sharplink.us
8 fonts.googleapis.com www.fanball.com
5 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com
2 connect.facebook.net www.fanball.com
connect.facebook.net
2 sessions.sharplink.us www.fanball.com
2 www.googletagmanager.com www.fanball.com
www.google-analytics.com
2 www.google-analytics.com www.fanball.com
1 tracking.sharplink.us www.fanball.com
1 region1.google-analytics.com www.fanball.com
1 cdnjs.cloudflare.com www.fanball.com
1 fanballwinners.com 1 redirects
0 s.btstatic.com Failed www.fanball.com
0 cdn.polyfill.io Failed www.fanball.com
64 15
Subject Issuer Validity Valid
fanball.com
E6		 2024-09-01 -
2024-11-30		 3 months crt.sh
sharplink.us
WE1		 2024-09-04 -
2024-12-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
sessions.sharplink.com
Amazon RSA 2048 M02		 2024-02-21 -
2025-03-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-07 -
2024-10-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.fanball.com/winners
Frame ID: 64E0067F4A1B2BAEE46A070DA9404606
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fanball Winners | Fanball

Page URL History Show full URLs

  1. https://fanballwinners.com/ HTTP 302
    https://www.fanball.com/winners Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

64
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

12
IPs

4
Countries

4279 kB
Transfer

5744 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fanballwinners.com/ HTTP 302
    https://www.fanball.com/winners Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request winners
www.fanball.com/
Redirect Chain
  • https://fanballwinners.com/
  • https://www.fanball.com/winners
216 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
f5036ee31b80eb0783df193790ac2ebd21a0d7a518cd51065739e3f06049f639
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ca43d57ae7cd247-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 28 Sep 2024 13:56:56 GMT
server
cloudflare
strict-transport-security
max-age=2592000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
29
x-powered-by
Next.js

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8ca43d552debd0bd-AMS
content-length
143
content-type
text/html
date
Sat, 28 Sep 2024 13:56:55 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://www.fanball.com/winners
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5UDmIJB9wsAtIpzBqakn76UzMATzvUZcPrDmh%2FvecEvjgVTy5D4izGRGCRQOGZPcUZdtJ%2F2uXjZ4ujDmMn5uORRMfHP9KoYUzdWrTq0sYgNK0z%2B0qPG%2FPhUbn2bqa1IqfObFGA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
bootstrap.js
delivery.sharplink.us/integration/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/integration/bootstrap.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5c3287bc7ae9ae2500e53d427358113057be630b21bdfe1603f24302374ea6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://www.fanball.com/

Response headers

access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"4964004"
age
1930
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InXOAGztm3FFtHfxvfDzovHdw8sFXzDWDZ7huTHObJTPviAUzXpoYS7bM6LV%2BZCMWt%2Fwm8BGmMSTcUWIjBd4VHNpcVUjXz5B5W426lD448%2BUpAhZbavQ8aXhd6FKlygCamxaU%2Bl3oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8ca43d5d7aae9ff4-AMS
access-control-allow-origin
*
server
cloudflare
css2
fonts.googleapis.com/ 		8 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
47814ced0ca59df80342b2fd727f7e8f1d065a2a6dbc40da8ab68450175fd0f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:56:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 12:16:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		763 B
441 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Mohave
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
b0cb30926bfa6b7699e1f8339fdf40c9df8bf544eed92093331af5dfc407952d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:56:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:56:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		395 B
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fugaz+One
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
aeceb68bcd10c213334d794d64d0b04aac8a8407a4a7ec2d6b2af88dd20a1323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:56:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:56:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		2 KB
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
7b3b60c3cb01c1db4f6d8b45005fd2fa2d10c163195b6bd855abb5bff4aa655c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:56:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:43:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		1 KB
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Tourney
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
702644d80d3c38da8a472522f9e1071e687184793a1f17bdc2a4fb7dd09eac5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:56:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:56:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		104 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Sunflower:wght@300;500
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
85e359daacd507f3d2a651880590c747682934a944be0751251d4dfa9c780483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:56:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:56:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		3 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Flex
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
a8caf4868fefbbbd24515de0e0b90190342bea0d52b26f7918ed4af77590896a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:56:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:56:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		5 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,100..900;1,100..900&display=swap
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
f6a4536678aefe7c30aa45d6b5e622b57086e6d2be628d6de7f1cf8478844c13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:56:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:30:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
winners.js
www.fanball.com/_next/static/nvYps9UUHiN0r2S0v2p07/pages/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/_next/static/nvYps9UUHiN0r2S0v2p07/pages/winners.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2124699308c93dc1043eb969009435117e64ffcf3ef0ae0e9603b639a435def1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"4e70-19211fc9578"
x-envoy-upstream-service-time
5
age
296026
x-content-type-options
nosniff
cf-ray
8ca43d5b08c7d247-FRA
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:30:19 GMT
_app.js
www.fanball.com/_next/static/nvYps9UUHiN0r2S0v2p07/pages/ 		229 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/_next/static/nvYps9UUHiN0r2S0v2p07/pages/_app.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
23ee0087de38381ab58f103acbe497b882055aa4413f2f9831a78fdfd4d342aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=31536000, immutable
content-encoding
br
cf-cache-status
HIT
etag
W/"e5-19211fc9578"
x-envoy-upstream-service-time
11
age
648865
x-content-type-options
nosniff
cf-ray
8ca43d5b18ccd247-FRA
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:30:19 GMT
webpack-6e29a16ddde2e35ec6ce.js
www.fanball.com/_next/static/runtime/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/_next/static/runtime/webpack-6e29a16ddde2e35ec6ce.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
80ef18b4ec3b46c80d33cabd67b5b548672357f8a1d6d6b38e6e1a3ec380e736
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"986-19211fc9578"
x-envoy-upstream-service-time
7
age
648865
x-content-type-options
nosniff
cf-ray
8ca43d5b18cfd247-FRA
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:30:19 GMT
framework.81e7336d23e6495dcbf6.js
www.fanball.com/_next/static/chunks/ 		148 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/_next/static/chunks/framework.81e7336d23e6495dcbf6.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
803f7e3947d47be2840b51cc4d11f3e6cae573567f587aa266e21954f45764e6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"24e8c-18df010e2d8"
x-envoy-upstream-service-time
19
age
17153109
x-content-type-options
nosniff
cf-ray
8ca43d5b18d1d247-FRA
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
vary
Accept-Encoding
last-modified
Wed, 28 Feb 2024 14:14:15 GMT
commons.d47d4319c8a7e9f3f470.js
www.fanball.com/_next/static/chunks/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/_next/static/chunks/commons.d47d4319c8a7e9f3f470.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4716799583eaeef6d5803ec93ccd105a261d07b0ed69e980424fa0ce8085db04
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"14bde-1919ab61188"
x-envoy-upstream-service-time
65
age
2646155
x-content-type-options
nosniff
cf-ray
8ca43d5b18d4d247-FRA
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
vary
Accept-Encoding
last-modified
Wed, 28 Aug 2024 20:38:29 GMT
main-fe1a37a56ee1203610e8.js
www.fanball.com/_next/static/runtime/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/_next/static/runtime/main-fe1a37a56ee1203610e8.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
12a97bad4b46250fd48ddebf161cf7499604105773f0d4684f3f909f3772aec5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"31d7-1919ab61188"
x-envoy-upstream-service-time
13
age
2645768
x-content-type-options
nosniff
cf-ray
8ca43d5b18dad247-FRA
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
vary
Accept-Encoding
last-modified
Wed, 28 Aug 2024 20:38:29 GMT
514980825ce08d6f5e0dface9455deb4dd6df1c6.34057e221937e3ef80df.js
www.fanball.com/_next/static/chunks/ 		402 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/_next/static/chunks/514980825ce08d6f5e0dface9455deb4dd6df1c6.34057e221937e3ef80df.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
99fdb9cd4d19f3f9993989732359262dd9fc8970e63a0f4ce28b038f796fcbf0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"648e9-19211fc9578"
x-envoy-upstream-service-time
14
age
648865
x-content-type-options
nosniff
cf-ray
8ca43d5b18dbd247-FRA
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:30:19 GMT
fanball-winners-title-smartphone.png
www.fanball.com/static/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-title-smartphone.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a7d2c92f34e9ff0cb8468e7dd6f19811d2e8f4769b0bab8cea687ffde288ba3e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
cf-cache-status
HIT
etag
W/"1087-19211f8ad78"
x-envoy-upstream-service-time
37
x-content-type-options
nosniff
cf-ray
8ca43d5b18ddd247-FRA
accept-ranges
bytes
content-length
4231
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
fanball-winners-title-ipad.png
www.fanball.com/static/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-title-ipad.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a7c1e29738e28eff4db0137ca3d71833c2d102f8c8055cf272c11da2a44a1172
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

cf-cache-status
HIT
etag
W/"1cec-19211f8ad78"
age
78492
x-content-type-options
nosniff
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
x-envoy-upstream-service-time
2
cf-ray
8ca43d5b18dfd247-FRA
accept-ranges
bytes
content-length
7404
x-powered-by
Express
server
cloudflare
fanball-winners-game-features.png
www.fanball.com/static/img/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-game-features.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fbd56364553d716088f0e474d30df8cde166892742ebdc3e62dd549188476f66
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

cf-cache-status
HIT
etag
W/"823e-19211f8ad78"
age
78492
x-content-type-options
nosniff
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
x-envoy-upstream-service-time
3
cf-ray
8ca43d5bf992d247-FRA
accept-ranges
bytes
content-length
33342
x-powered-by
Express
server
cloudflare
fanball-winners-game-features-ipad.png
www.fanball.com/static/img/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-game-features-ipad.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a6f67cbcdcf4358be7ee136438614c9f5e83679f77f493f2c11fadafd28725e2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
cf-cache-status
HIT
etag
W/"14a9f-19211f8ad78"
x-envoy-upstream-service-time
4
x-content-type-options
nosniff
cf-ray
8ca43d5bf995d247-FRA
accept-ranges
bytes
content-length
84639
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
fanball-winners-game-features-desktop.png
www.fanball.com/static/img/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-game-features-desktop.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
159b0a031375d69299a22c7681567ca2b22a2b9b7903ca0e1d73bca4edf1df72
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
cf-cache-status
HIT
etag
W/"43516-19211f8ad78"
x-envoy-upstream-service-time
10
x-content-type-options
nosniff
cf-ray
8ca43d5c19b3d247-FRA
accept-ranges
bytes
content-length
275734
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
fanball-winners-device.png
www.fanball.com/static/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-device.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
736cc2a079e0108bf292632b66fdc5f8a020de5142106210fdcf62b09067a96c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

cf-cache-status
HIT
etag
W/"1110b3-19211f8ad78"
age
78492
x-content-type-options
nosniff
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
x-envoy-upstream-service-time
3
cf-ray
8ca43d5c19b7d247-FRA
accept-ranges
bytes
content-length
1118387
x-powered-by
Express
server
cloudflare
fanball-winners-erin-andrews.png
www.fanball.com/static/img/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-erin-andrews.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2fd4aab6ed53bbafd042479bdbb0ac3097534d106314713480a81a09f4870ce8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

cf-cache-status
HIT
etag
W/"1b79a-19211f8ad78"
age
78492
x-content-type-options
nosniff
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
x-envoy-upstream-service-time
35
cf-ray
8ca43d5c19b8d247-FRA
accept-ranges
bytes
content-length
112538
x-powered-by
Express
server
cloudflare
fanball-winners-qr-code.png
www.fanball.com/static/img/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-qr-code.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8b6d4a2f3bc092d49b16f1ce36e91ead912b8c9ce68e9be11bd302170ee598d2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

cf-cache-status
HIT
etag
W/"f1c7-19211f8ad78"
age
78492
x-content-type-options
nosniff
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
x-envoy-upstream-service-time
4
cf-ray
8ca43d5c19bbd247-FRA
accept-ranges
bytes
content-length
61895
x-powered-by
Express
server
cloudflare
app-store-google-play.png
www.fanball.com/static/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/app-store-google-play.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4767cd8fde90c59637fa58397440cfe2eb136f27a1f9160df59e637f4bd7c37b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
cf-cache-status
MISS
etag
W/"1b81-19211f8ad78"
x-envoy-upstream-service-time
3
x-content-type-options
nosniff
cf-ray
8ca43d5c19bdd247-FRA
accept-ranges
bytes
content-length
7041
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
app-store-apple.png
www.fanball.com/static/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/app-store-apple.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c73d097fb0211ae0ce70717635dabdb5b9623b2aa078c14523cdc8009b9a6d95
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
cf-cache-status
HIT
etag
W/"19c7-19211f8ad78"
x-envoy-upstream-service-time
5
x-content-type-options
nosniff
cf-ray
8ca43d5c19bed247-FRA
accept-ranges
bytes
content-length
6599
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
fanball-winners-carousel-step-1.png
www.fanball.com/static/img/ 		311 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-carousel-step-1.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7b18a2b2d58a684c7a27c644b4c7f19157e9f9d441b13671bbd4efac87c2bfc5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

cf-cache-status
HIT
etag
W/"4da1d-19211f8ad78"
age
78492
x-content-type-options
nosniff
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
x-envoy-upstream-service-time
3
cf-ray
8ca43d5c19bfd247-FRA
accept-ranges
bytes
content-length
317981
x-powered-by
Express
server
cloudflare
fanball-winners-carousel-step-2.png
www.fanball.com/static/img/ 		316 KB
316 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-carousel-step-2.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c84a4df419124b9bba63b787f7f2ae9de183c319e47b3aaea5df732c55ad265c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
cf-cache-status
MISS
etag
W/"4efa8-19211f8ad78"
x-envoy-upstream-service-time
4
x-content-type-options
nosniff
cf-ray
8ca43d5c19c0d247-FRA
accept-ranges
bytes
content-length
323496
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
fanball-winners-carousel-step-3.png
www.fanball.com/static/img/ 		573 KB
574 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-carousel-step-3.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
965caf4f0ab1f7356e10e34ad76b1f1542a897103cdbb084f07a653026aa739b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
cf-cache-status
HIT
etag
W/"8f368-19211f8ad78"
x-envoy-upstream-service-time
15
x-content-type-options
nosniff
cf-ray
8ca43d5c19c1d247-FRA
accept-ranges
bytes
content-length
586600
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
fanball-winners-usa-map.png
www.fanball.com/static/img/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-usa-map.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c8257f71c1f76b343cb56e813ed072755b92935cbb435606cff5090a34f488b4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
cf-cache-status
MISS
etag
W/"365fc-19211f8ad78"
x-envoy-upstream-service-time
3
x-content-type-options
nosniff
cf-ray
8ca43d5c19c2d247-FRA
accept-ranges
bytes
content-length
222716
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
age
2809
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 15:10:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:10:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
polyfill.min.js
cdnjs.cloudflare.com/ajax/libs/babel-polyfill/6.23.0/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/babel-polyfill/6.23.0/polyfill.min.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7bbca9d163f4033d5d177be44029dd744610a891a6b58be213cc858923d79d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03d6b-17e06"
age
726755
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZaXzrWo8Yx6Ii%2F329hQWKtGiAE64ixaMEQG6thfej%2BNmduwGaZBUCoNQhqrd%2BtBtADOZkvtMpLWEceJinGB86dDqQ%2FAPFQCFAiqMxirBC55%2FtKfBLBULl4dF1TS0kbGe%2FR5beW8a"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 13:56:56 GMT
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:06:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ca43d5c4ac2d3c0-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
28043
server
cloudflare
polyfill.min.js
cdn.polyfill.io/v2/ 		0
0
_buildManifest.js
www.fanball.com/_next/static/nvYps9UUHiN0r2S0v2p07/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/_next/static/nvYps9UUHiN0r2S0v2p07/_buildManifest.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ea0c868180520421e368c498cac4084449f0caa7b18a66e4e10caf23ddf5f65e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"e99-19211fc9578"
x-envoy-upstream-service-time
23
age
648865
x-content-type-options
nosniff
cf-ray
8ca43d5c19c4d247-FRA
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:30:19 GMT
gtm.js
www.googletagmanager.com/ 		267 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBZ2FVQ
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ab538e8ad8e47d5b14e3af31879b7c96fbd7cee43da3178c5f904907381a2dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 28 Sep 2024 13:56:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 28 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91431
x-xss-protection
0
server
Google Tag Manager
tracking.js
delivery.sharplink.us/integration/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/integration/tracking.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668cfdd252d121ecc45ae14aedbf2d48d02d64f57a37827935f278bcd26b5e31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://delivery.sharplink.us/integration/bootstrap.js

Response headers

access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"29DE12C"
age
1930
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkmlWr8pMtqW1TRHWga59I7hq87w4A5R9BWxdoLN1o01ZLGabPUIuE32fGuDVRdu4H3zLNJ690nJREgGlGKOwrtwI%2BSiSLiZIF3qGQetJU1%2F9RJ91XGqKUYKEP%2BBF%2BceVVm5N5%2Fcsg%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8ca43d5dbb2d9ff4-AMS
access-control-allow-origin
*
server
cloudflare
base.js
delivery.sharplink.us/creatives/components/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/creatives/components/base.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61d600ef3d98f26700cfd154adc53d79fdb058ca25d42888e4f2d9a77e96fe42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://delivery.sharplink.us/integration/bootstrap.js

Response headers

access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"7351972"
age
1929
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTZJzK23yR20s1dmrhVGaot9PF%2BfmlGCvurfkB253r2qxwY3JnRNCN1aWH%2BfjqJUr8M9p8FxyFipNL3fvdq%2B0wEDTjjO%2Fod6%2BdZGNT9lFC7Wk95m0dFhoS2G0ZEI%2Bc8LFftHXSkAKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8ca43d5dbb329ff4-AMS
access-control-allow-origin
*
server
cloudflare
fanball-winners-football.png
www.fanball.com/static/img/ 		424 KB
425 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fanball.com/static/img/fanball-winners-football.png
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fa19f61140647f548f673c463c25e973e240f65c7a4013683f7f329cf3e84509
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
cf-cache-status
HIT
etag
W/"6a1d0-19211f8ad78"
x-envoy-upstream-service-time
3
x-content-type-options
nosniff
cf-ray
8ca43d5e4b52d247-FRA
accept-ranges
bytes
content-length
434640
date
Sat, 28 Sep 2024 13:56:56 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://fonts.googleapis.com/

Response headers

age
198696
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 06:45:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 06:45:20 GMT
last-modified
Tue, 02 May 2023 15:12:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22504
x-xss-protection
0
server
sffe
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://fonts.googleapis.com/

Response headers

age
227522
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 22:44:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 22:44:54 GMT
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
51404
x-xss-protection
0
server
sffe
S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI3wi_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://fonts.googleapis.com/

Response headers

age
170993
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 14:27:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 14:27:03 GMT
last-modified
Tue, 02 May 2023 15:11:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23736
x-xss-protection
0
server
sffe
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://fonts.googleapis.com/

Response headers

age
232059
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 21:29:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 21:29:17 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://fonts.googleapis.com/

Response headers

age
401493
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 22:25:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 22:25:23 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
base.css
delivery.sharplink.us/creatives/components/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/creatives/components/base.css
Requested by
Host: delivery.sharplink.us
URL: https://delivery.sharplink.us/creatives/components/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eab30ddf220d756cb53a7e51eb369a247b2ef0a9557d470908c84a8bf4abfb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"58FE664"
age
3528
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a61gZ9tUBnYmtACEtTD%2BwoDIkFJo0E3EIBc3httKcx4Odykwe6TmhGXTGh5NT9POngxnv64al3ueWsMDVJW4racOcfC0dqipX9dimEM9B4zhzas%2FJ2ck3TpJ8NUaA8zVH%2F5fJRcYRg%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Sat, 28 Sep 2024 13:56:57 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8ca43d636c4a0b67-AMS
access-control-allow-origin
*
server
cloudflare
sessions
sessions.sharplink.us/api/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sessions.sharplink.us/api/sessions
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/_next/static/chunks/514980825ce08d6f5e0dface9455deb4dd6df1c6.34057e221937e3ef80df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-32.muc50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d2832d71e549fbe33527c9de16517ed8792560cb35c3d04ecb607f065a1221ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.fanball.com/

Response headers

x-request-id
3d077f92-b31c-40ff-b109-55ebd5ce17a9
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-encoding
br
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
via
1.1 3346ad1679ff01fe81e117084323b814.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
3tH7lPRldeQZ9kEk_ZT_XFARSw4t-tslDYONZOkCOIPfvrrjo8j9bg==
date
Sat, 28 Sep 2024 13:56:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
istio-envoy
x-amz-cf-pop
MUC50-P3
collect
www.google-analytics.com/j/ 		15 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=916496907&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fanball.com%2Fwinners&ul=nl-nl&de=UTF-8&dt=Fanball%20Winners%20%7C%20Fanball&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1572443753&gjid=1992902715&cid=1729364886.1727531817&tid=UA-96626881-1&_gid=1409482611.1727531817&_r=1&_slc=1&gtm=45He49p0n81NBZ2FVQv78271096za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=608892033
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/_next/static/chunks/514980825ce08d6f5e0dface9455deb4dd6df1c6.34057e221937e3ef80df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2dc0d4fab5727f5584423e1c27258fe8ff91a1fad293d8def54e3d8f4b2ac851
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.fanball.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.fanball.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
tag.js
s.btstatic.com/ 		0
0
sessions
sessions.sharplink.us/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.sharplink.us/api/sessions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-32.muc50.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.fanball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
cache-control
max-age=0, private, must-revalidate
date
Sat, 28 Sep 2024 13:56:57 GMT
server
istio-envoy
via
1.1 3346ad1679ff01fe81e117084323b814.cloudfront.net (CloudFront)
x-amz-cf-id
stqWHu6t9V7OurgAwjLnFupkogdQqadZX0dm9_ummUQflwchJjr7rA==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SPKMQ06F71&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d616183af6edd6c670804a655f7a794bdcc0276b4bf7c0c6cb11941f622a5edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Sep 2024 13:56:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93804
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SPKMQ06F71&gtm=45je49p0v9119551464za200&_p=1727531816310&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&ul=nl-nl&sr=1600x1200&cid=1729364886.1727531817&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.fanball.com%2Fwinners&dt=Fanball%20Winners%20%7C%20Fanball&sid=1727531817&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2706
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/_next/static/chunks/514980825ce08d6f5e0dface9455deb4dd6df1c6.34057e221937e3ef80df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fanball.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:56:57 GMT
content-type
text/plain
server
Golfe2
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 28 Sep 2024 13:56:57 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4414, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
WZTS3QtRskZrpWK9GP1W3SNe91Ezq3TUWTBKGiUmgqo9noyf4S1YBSWuTMwMMfIR1cJuDcDNrJJnskSos9W2Bw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?0
favicon.ico
www.fanball.com/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.fanball.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a4b2531d12f93fcebdf4a4842a937adc92c5863f656db309705d2ed68e2725b8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/winners

Response headers

server
cloudflare
strict-transport-security
max-age=2592000; preload
cache-control
public, max-age=0
content-encoding
br
cf-cache-status
MISS
etag
W/"3aee-19211f8ad78"
x-envoy-upstream-service-time
9
x-content-type-options
nosniff
cf-ray
8ca43d63ff9cd247-FRA
date
Sat, 28 Sep 2024 13:56:57 GMT
content-type
image/x-icon
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 21 Sep 2024 00:26:03 GMT
2154514408150784
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2154514408150784?v=2.9.169&r=stable&domain=www.fanball.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
202d084fa5bfc08e8bd75f97c64a52577e4cc0f1a9174306cbaefba4643e9cbd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 28 Sep 2024 13:56:57 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=72, mss=1232, tbw=67276, tp=63, tpl=0, uplat=160, ullat=0
pragma
public
x-fb-debug
SrtNAwnJGipH2SmK71Xjs4WnDeV0iZqDwQlpnQR8XNkJbNhtBtju/aguP6lEDLWXB7lW064LlxaTAryqF+TGFw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?batch=1&events[0]=id%3D2154514408150784%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwww.fanball.com%252Fwinners%26rl%3D%26if%3Dfalse%26ts%3D1727531817903%26sw%3D1600%26sh%3D1200%26v%3D2.9.169%26r%3Dstable%26ec%3D0%26o%3D12318%26fbp%3Dfb.1.1727531817900.315068200747464027%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727531817693%26coo%3Dfalse%26exp%3Df1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1317, tbw=2820, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 28 Sep 2024 13:56:58 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2154514408150784&ev=PageView&dl=https%3A%2F%2Fwww.fanball.com%2Fwinners&rl=&if=false&ts=1727531817903&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=12318&fbp=fb.1.1727531817900.315068200747464027&cs_est=true&ler=empty&cdl=API_unavailable&it=1727531817693&coo=false&exp=f1&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.fanball.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419692662392686485"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Sep 2024 13:56:58 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
4+sKfZISmCFKG9a5qwxhWg4DrGygjUCGrvWPwHh0DKxiqMWPfnv0lTxA7+Ia0lI+9h+YMIFneXcBexo75p1Mhg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419692662392686485", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=14, mss=1317, tbw=3138, tp=-1, tpl=-1, uplat=245, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
sessions
tracking.sharplink.us/ 		170 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracking.sharplink.us/sessions
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/_next/static/chunks/514980825ce08d6f5e0dface9455deb4dd6df1c6.34057e221937e3ef80df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341061107bbc5a2e6f26057e383b3046acc9fde0db7d5f1c1abcd7e2756c5c51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.fanball.com/

Response headers

x-request-id
dd3582ec-8b70-42fc-885a-938aa6d41246
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
68
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QejmKw6lBppTanJOcBlK1r4LBPrfSx9ndunJqBJezolDj%2BBp2OCjwCq25halDfajdCcNbhSiApyEn%2BZAhRH%2BSdbtCKa2MH1zHEqPBbzFuyrrqYJlqDqpE%2Bsjk0fWPyGZVSbI5mnO2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca43d6849270b67-AMS
access-control-allow-origin
https://www.fanball.com
date
Sat, 28 Sep 2024 13:56:58 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
core.js
delivery.sharplink.us/creatives/api/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/creatives/api/core.js
Requested by
Host: delivery.sharplink.us
URL: https://delivery.sharplink.us/integration/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a01a846d438110b81d01d3cb09fcf3bacd8439a10bbe8fe7142b1d480c6ede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://delivery.sharplink.us/integration/bootstrap.js

Response headers

access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"2808163"
age
1930
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIIhvrKrA%2FCuuEKggRoLaAtNHMEiCa327BihG3Tkt02xJDpkvqTl3bEEuZgvDKhpATL9USyt04K%2BKMRJd03T5UD%2Bs1Dl0EmtzZI1lxvz1zuuoT%2BaAOq4tKaE2jWU4Hpi1xpyGR5jOw%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Sat, 28 Sep 2024 13:56:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8ca43d683ec79ff4-AMS
access-control-allow-origin
*
server
cloudflare
config
delivery.sharplink.us/api/consumer/9d655013acc64a1eb351697d42e79817/ 		300 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/api/consumer/9d655013acc64a1eb351697d42e79817/config
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/_next/static/chunks/514980825ce08d6f5e0dface9455deb4dd6df1c6.34057e221937e3ef80df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f50d27f20a16de63a4bdaebe924f3fc810cd152a3547b1fe1401f7cd59172fb

Request headers

Authorization
Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJTaGFycGxpbmsiLCJleHAiOjE3MzAxMjM4MTgsImlhdCI6MTcyNzUzMTgxOCwiaXNzIjoiU2hhcnBsaW5rIiwianRpIjoiMDQ5YjdhODYtMjU3ZS00OTBkLTgzOGMtMmRkYTBmY2ViYjMxIiwibmJmIjoxNzI3NTMxODE3LCJzdWIiOiI3QjIyNjM2RjZFNzM3NTZENjU3MjVGNjk2NDIyM0EyMjYyMzkzMTYyMzczNzM1MzIyRDM2NjIzMjM3MkQzNDY1Mzk2MTJEMzkzOTM4NjYyRDMxMzYzMTMwNjUzOTY0NjEzMTYxNjQ2MzIyMkMyMjZFNjE2RDY1MjIzQTIyNDY2MTZFNDI2MTZDNkMyMjJDMjI2MTZDNjk2MTczMjIzQTIyNjY2MTZFNjI2MTZDNkMyMjJDMjI3MjZGNkM2NTczMjIzQTVCNUQyQzIyNjQ2RjZENjE2OTZFNzMyMjNBNUI1RDJDMjI3MDcyNkY3NjY5NjQ2NTcyNzMyMjNBNUIyMjZENjc2RDIyNUQyQzIyNzA3MjZGNzA2NTcyNzQ2OTY1NzMyMjNBN0IyMjYxNkM2QzZGNzc2NTY0NUY3Mzc0NjE3NDY1NzMyMjNBMjI0MTVBMkM0MzRGMkM0OTRDMkM0OTRFMkM0OTQxMkM0QjUzMkM0QzQxMkM0RDQ5MkM0RTRBMkM0RTU5MkM1MDQxMkM1NDRFMkM1NjQxMkM1NzU2MkM1NzU5MkM0RDQ0MkM0RjQ4MkM0RDQxMjIyQzIyNkQ2NzZENUY3NDcyNjE2MzZCNjU3MjIyM0EyMjM3MzAzNDM4MzgzMTM4MjIyQzIyNkQ2NzZENUY3QTZGNkU2NTIyM0EyMjMxMzYzMjMzMzYzNTM0MjI3RDJDMjI2RjcwNzQ2OTZGNkU3MzIyM0E3QjIyNjc2NTZGMjIzQTdCMjI2MzZGNzU2RTc0NzI3OTIyM0EyMjQ0NDUyMjJDMjI2QzYxNzQ2OTc0NzU2NDY1MjIzQTM1MzEyRTM2MzUzODM2MkMyMjZDNkY2RTY3Njk3NDc1NjQ2NTIyM0EzNzJFMzEzMTMzMzUyQzIyNzM3NDYxNzQ2NTIyM0EyMjQ0NDUyRDRFNTcyMjdEMkMyMjZDNkY2MzYxNzQ2OTZGNkUyMjNBN0IyMjYxNkM2QzZGNzc2NTY0MjIzQTY2NjE2QzczNjU3RDJDMjI3MDcyNkY3NjY5NjQ2NTcyNzMyMjNBNUI1RDdEN0QiLCJ0eXAiOiJhY2Nlc3MifQ.Yl_M77JcVqKqYo9O96l_Q8eTwalcZ_zywKk7a7fpGx8ojiD4FVU_LQuilPhqju_kYIpmD1aQLLTLKYwjYJFhJw
Referer
https://www.fanball.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-request-id
751b9322-21eb-4ebc-b1a2-3cb9e79e8a06
access-control-expose-headers
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLqc1n8xz6Jwjl%2FAndCaI%2BHMiPAdskH9jnq26%2Be5NBktHzNI7dpHu49aldIyl40%2BQovjovvjutEj%2FFkVSuT7dMvRP1IDDglwGffRkwOGkkrhJ%2BkrmY7%2FuUCmyqcmLYCR2kWkUWSRyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca43d6a9ae59ff4-AMS
access-control-allow-origin
*
date
Sat, 28 Sep 2024 13:56:58 GMT
content-type
application/json
server
cloudflare
config
delivery.sharplink.us/api/consumer/9d655013acc64a1eb351697d42e79817/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/api/consumer/9d655013acc64a1eb351697d42e79817/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://www.fanball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ca43d69b95e9ff4-AMS
date
Sat, 28 Sep 2024 13:56:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkGojdoc7MdE0zjuaMXwaCBmFiI9GnyNrXBtDkzVoHkL1FszCpgh8mdHiQc7sPnXgG6Erl0ZJR9Bxo2fGPhObUdlqftCp3VIUhKM5hH%2BJ%2Fuh8hAZZCi0v%2Fbnpz3grrbGCVCoIoqD9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-envoy-upstream-service-time
0
base.js
delivery.sharplink.us/creatives/components/queries/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/creatives/components/queries/base.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7785c44df526f0cf5db6229fa9ad281d74f548b6c204c274bdb77c1ae2a4b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://delivery.sharplink.us/creatives/api/core.js

Response headers

access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"1A8BDE7"
age
1930
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YvvieTIQdIjEeYyshqG7U%2Bx6JK9yNs4mDmZyvbSAosrPRXNH1xaLpsoLaov2dRwJHczEUkErjqou688mty3k2t8qZmU%2F9hxFzFJSB%2B%2BCsPofomDyCnuhRV5v%2FHTPzo6dY0TMg0PJDg%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Sat, 28 Sep 2024 13:56:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8ca43d69b9639ff4-AMS
access-control-allow-origin
*
server
cloudflare
incentives.js
delivery.sharplink.us/creatives/components/queries/ 		609 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/creatives/components/queries/incentives.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9afd5bd854cfc2a566806e319967ada3877a42d447d6eaad467f50682c2932b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://delivery.sharplink.us/creatives/api/core.js

Response headers

access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"712FE2A"
age
1930
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Wb9nQqjDf3akQe5n7FQy03KHjc0rjJpxo4u62gFEyee3zGSV3neBb00xdb%2Bn0UaAc1vw9jCmJtAqHAgqz6rHYsB0g%2FFF%2FJJ5k6h6DN7krAW1p6R0cQwP7dmuQ8Qa0vA7Kq33lxAKA%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Sat, 28 Sep 2024 13:56:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
cf-ray
8ca43d69b9649ff4-AMS
access-control-allow-origin
*
server
cloudflare
market_cache.js
delivery.sharplink.us/creatives/components/markets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/creatives/components/markets/market_cache.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3232ddea240596a05b9597d059271fe0689c3dc5633f36b8e7aa3372c0ddc192

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://delivery.sharplink.us/creatives/components/queries/base.js

Response headers

access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"718FAC9"
age
1930
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUl1oBzRDPTFlkWFQ83apdHXRn1P1T5IRQ5bDr%2Bp%2FFYO5ceGApv5aAj4eY2dMwX5hacg4CfadI2%2BYaW4ZJi7JgU7UHjRoAwEUCNXUcfTrms9OZjHs4TawjOwsyHfadHRj5OGfE0nYw%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Sat, 28 Sep 2024 13:56:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8ca43d6a09d29ff4-AMS
access-control-allow-origin
*
server
cloudflare
functions.js
delivery.sharplink.us/creatives/components/queries/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.sharplink.us/creatives/components/queries/functions.js
Requested by
Host: www.fanball.com
URL: https://www.fanball.com/winners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62da9dadf6f0cb1ed132be924103a04441bf6596cd27250844c34acba1e8ad36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.fanball.com
Referer
https://delivery.sharplink.us/creatives/components/queries/base.js

Response headers

access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"293EC71"
age
1930
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lSDVtDZcdPK7e%2F9lgDuCOKzS4Gd9tUEbMoZDlFI7z38JyPIkwNQlOMV%2BUjxywgste9T%2FoT8QUXRG0ef%2FCbEoPTO%2BYGNLRg4ihsNH5YJzBKKQyBwaKfLLJP2J4oK1JsbCvyv7VwkeDA%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Sat, 28 Sep 2024 13:56:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8ca43d6a09d59ff4-AMS
access-control-allow-origin
*
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.polyfill.io
URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en
Domain
s.btstatic.com
URL
https://s.btstatic.com/tag.js

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| FB_SETTINGS object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| google_tag_data function| ga object| gaplugins object| webpackJsonp object| __NEXT_P object| __NEXT_DATA__ function| __BUILD_MANIFEST_CB object| next object| scCGSHMRCache object| __APOLLO_CLIENT__ boolean| FB_RAVEN_INITIALIZED object| __BUILD_MANIFEST object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject object| gaGlobal object| gaData function| fbq function| _fbq function| SharpLink

6 Cookies

Domain/Path Name / Value
.fanball.com/ Name: _ga
Value: GA1.2.1729364886.1727531817
.fanball.com/ Name: _gid
Value: GA1.2.1409482611.1727531817
.fanball.com/ Name: _gat_UA-96626881-1
Value: 1
.fanball.com/ Name: _ga_SPKMQ06F71
Value: GS1.2.1727531817.1.0.1727531817.0.0.0
.fanball.com/ Name: _fbp
Value: fb.1.1727531817900.315068200747464027
.sharplink.us/ Name: _sl_session__sharplink_us
Value: eyJpZCI6ImE0ZDVmMjFjLWU5MGEtNGM5MC04Yjc5LWU3ODQwODg0ZmI1NCJ9

2 Console Messages

Source Level URL
Text
network error URL: https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://s.btstatic.com/tag.js#site=9O7NXzt&referrer=https%3A%2F%2Fwww.fanball.com%2Fwinners
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.polyfill.io
cdnjs.cloudflare.com
connect.facebook.net
delivery.sharplink.us
fanballwinners.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
s.btstatic.com
sessions.sharplink.us
tracking.sharplink.us
www.facebook.com
www.fanball.com
www.google-analytics.com
www.googletagmanager.com
cdn.polyfill.io
s.btstatic.com
104.17.185.5
104.17.25.14
142.250.186.40
142.250.186.67
157.240.251.35
157.240.251.9
172.217.16.138
172.67.74.168
18.173.154.32
188.114.97.3
216.239.34.178
216.239.34.36
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
12a97bad4b46250fd48ddebf161cf7499604105773f0d4684f3f909f3772aec5
159b0a031375d69299a22c7681567ca2b22a2b9b7903ca0e1d73bca4edf1df72
202d084fa5bfc08e8bd75f97c64a52577e4cc0f1a9174306cbaefba4643e9cbd
2124699308c93dc1043eb969009435117e64ffcf3ef0ae0e9603b639a435def1
23ee0087de38381ab58f103acbe497b882055aa4413f2f9831a78fdfd4d342aa
2dc0d4fab5727f5584423e1c27258fe8ff91a1fad293d8def54e3d8f4b2ac851
2fd4aab6ed53bbafd042479bdbb0ac3097534d106314713480a81a09f4870ce8
3232ddea240596a05b9597d059271fe0689c3dc5633f36b8e7aa3372c0ddc192
341061107bbc5a2e6f26057e383b3046acc9fde0db7d5f1c1abcd7e2756c5c51
3eab30ddf220d756cb53a7e51eb369a247b2ef0a9557d470908c84a8bf4abfb7
4716799583eaeef6d5803ec93ccd105a261d07b0ed69e980424fa0ce8085db04
4767cd8fde90c59637fa58397440cfe2eb136f27a1f9160df59e637f4bd7c37b
47814ced0ca59df80342b2fd727f7e8f1d065a2a6dbc40da8ab68450175fd0f3
4c7785c44df526f0cf5db6229fa9ad281d74f548b6c204c274bdb77c1ae2a4b3
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22
61d600ef3d98f26700cfd154adc53d79fdb058ca25d42888e4f2d9a77e96fe42
62da9dadf6f0cb1ed132be924103a04441bf6596cd27250844c34acba1e8ad36
668cfdd252d121ecc45ae14aedbf2d48d02d64f57a37827935f278bcd26b5e31
67a01a846d438110b81d01d3cb09fcf3bacd8439a10bbe8fe7142b1d480c6ede
702644d80d3c38da8a472522f9e1071e687184793a1f17bdc2a4fb7dd09eac5d
736cc2a079e0108bf292632b66fdc5f8a020de5142106210fdcf62b09067a96c
7b18a2b2d58a684c7a27c644b4c7f19157e9f9d441b13671bbd4efac87c2bfc5
7b3b60c3cb01c1db4f6d8b45005fd2fa2d10c163195b6bd855abb5bff4aa655c
803f7e3947d47be2840b51cc4d11f3e6cae573567f587aa266e21954f45764e6
80ef18b4ec3b46c80d33cabd67b5b548672357f8a1d6d6b38e6e1a3ec380e736
85e359daacd507f3d2a651880590c747682934a944be0751251d4dfa9c780483
8b6d4a2f3bc092d49b16f1ce36e91ead912b8c9ce68e9be11bd302170ee598d2
8f50d27f20a16de63a4bdaebe924f3fc810cd152a3547b1fe1401f7cd59172fb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
965caf4f0ab1f7356e10e34ad76b1f1542a897103cdbb084f07a653026aa739b
99fdb9cd4d19f3f9993989732359262dd9fc8970e63a0f4ce28b038f796fcbf0
9afd5bd854cfc2a566806e319967ada3877a42d447d6eaad467f50682c2932b3
a4b2531d12f93fcebdf4a4842a937adc92c5863f656db309705d2ed68e2725b8
a6f67cbcdcf4358be7ee136438614c9f5e83679f77f493f2c11fadafd28725e2
a7c1e29738e28eff4db0137ca3d71833c2d102f8c8055cf272c11da2a44a1172
a7d2c92f34e9ff0cb8468e7dd6f19811d2e8f4769b0bab8cea687ffde288ba3e
a8caf4868fefbbbd24515de0e0b90190342bea0d52b26f7918ed4af77590896a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab538e8ad8e47d5b14e3af31879b7c96fbd7cee43da3178c5f904907381a2dec
ab5c3287bc7ae9ae2500e53d427358113057be630b21bdfe1603f24302374ea6
aeceb68bcd10c213334d794d64d0b04aac8a8407a4a7ec2d6b2af88dd20a1323
b0cb30926bfa6b7699e1f8339fdf40c9df8bf544eed92093331af5dfc407952d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c73d097fb0211ae0ce70717635dabdb5b9623b2aa078c14523cdc8009b9a6d95
c8257f71c1f76b343cb56e813ed072755b92935cbb435606cff5090a34f488b4
c84a4df419124b9bba63b787f7f2ae9de183c319e47b3aaea5df732c55ad265c
d2832d71e549fbe33527c9de16517ed8792560cb35c3d04ecb607f065a1221ce
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
d616183af6edd6c670804a655f7a794bdcc0276b4bf7c0c6cb11941f622a5edc
da7bbca9d163f4033d5d177be44029dd744610a891a6b58be213cc858923d79d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0c868180520421e368c498cac4084449f0caa7b18a66e4e10caf23ddf5f65e
f5036ee31b80eb0783df193790ac2ebd21a0d7a518cd51065739e3f06049f639
f6a4536678aefe7c30aa45d6b5e622b57086e6d2be628d6de7f1cf8478844c13
fa19f61140647f548f673c463c25e973e240f65c7a4013683f7f329cf3e84509
fbd56364553d716088f0e474d30df8cde166892742ebdc3e62dd549188476f66