urlscan.io logo urlscan.io
SecurityTrails logo

howfv.smashballs.lat Open in urlscan Pro
2606:4700:3037::ac43:dbce  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://naminsadyeffctr.blob.core.windows.net/naminsadyeffctr/url.html
Effective URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Submission Tags: phishing
Submission: On September 05 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3037::ac43:dbce, located in United States and belongs to CLOUDFLARENET, US. The main domain is howfv.smashballs.lat.
TLS certificate: Issued by WE1 on August 28th 2024. Valid for: 3 months.
This is the only time howfv.smashballs.lat was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 52.239.221.226 8075 (MICROSOFT...)
1 194.31.223.186 39521 (TNGNET)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
22 6
1    52.239.221.226 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
naminsadyeffctr.blob.core.windows.net
1    194.31.223.186 (Hoofddorp, Netherlands)

ASN39521 (TNGNET, NL)
overdonerun.com
1    2606:4700:3032::6815:921 (United States)

ASN13335 (CLOUDFLARENET, US)
globalline.site
15    2606:4700:3037::ac43:dbce (United States)

ASN13335 (CLOUDFLARENET, US)
howfv.smashballs.lat
1    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2606:4700:3036::ac43:961e (United States)

ASN13335 (CLOUDFLARENET, US)
trk-elevostra.com
3    2606:4700:3035::6815:6008 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-elevostra.com
Apex Domain
Subdomains		 Transfer
15 smashballs.lat
howfv.smashballs.lat
367 KB
4 trk-elevostra.com
trk-elevostra.com — Cisco Umbrella Rank: 357103
event.trk-elevostra.com — Cisco Umbrella Rank: 369321
3 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
426 KB
1 globalline.site
globalline.site
662 B
1 overdonerun.com
overdonerun.com
415 B
1 windows.net
naminsadyeffctr.blob.core.windows.net
564 B
22 6
Domain Requested by
15 howfv.smashballs.lat overdonerun.com
howfv.smashballs.lat
3 event.trk-elevostra.com trk-elevostra.com
1 trk-elevostra.com howfv.smashballs.lat
1 use.fontawesome.com howfv.smashballs.lat
1 globalline.site 1 redirects
1 overdonerun.com naminsadyeffctr.blob.core.windows.net
1 naminsadyeffctr.blob.core.windows.net
22 7

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 04		 2024-08-23 -
2025-08-18		 a year crt.sh
overdonerun.com
R11		 2024-07-25 -
2024-10-23		 3 months crt.sh
smashballs.lat
WE1		 2024-08-28 -
2024-11-26		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
trk-elevostra.com
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Frame ID: 24417245E0270EC0CA0A7F88B18A72C4
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Survey Rewards

Page URL History Show full URLs

  1. https://naminsadyeffctr.blob.core.windows.net/naminsadyeffctr/url.html Page URL
  2. https://overdonerun.com/0/0/0/5d3e3f19af19c1ea9c2f07ce979ac9e1/60 Page URL
  3. https://globalline.site/?id=271&s1=351633&s2=1225096865&s3=7089&p=us5dcksweps7b HTTP 302
    https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

22
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

798 kB
Transfer

1649 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://naminsadyeffctr.blob.core.windows.net/naminsadyeffctr/url.html Page URL
  2. https://overdonerun.com/0/0/0/5d3e3f19af19c1ea9c2f07ce979ac9e1/60 Page URL
  3. https://globalline.site/?id=271&s1=351633&s2=1225096865&s3=7089&p=us5dcksweps7b HTTP 302
    https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
url.html
naminsadyeffctr.blob.core.windows.net/naminsadyeffctr/ 		161 B
564 B 		Document
General
Check archive.org
Download Go to
Full URL
https://naminsadyeffctr.blob.core.windows.net/naminsadyeffctr/url.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.239.221.226 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
161
Content-MD5
FDUmKX9AYHsz3/os7GDv+g==
Content-Type
text/html
Date
Thu, 05 Sep 2024 14:23:01 GMT
ETag
0x8DCC63AF4197A70
Last-Modified
Tue, 27 Aug 2024 01:52:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
b02c826d-c01e-0079-6e9f-ff34bb000000
x-ms-version
2009-09-19
60
overdonerun.com/0/0/0/5d3e3f19af19c1ea9c2f07ce979ac9e1/ 		142 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://overdonerun.com/0/0/0/5d3e3f19af19c1ea9c2f07ce979ac9e1/60
Requested by
Host: naminsadyeffctr.blob.core.windows.net
URL: https://naminsadyeffctr.blob.core.windows.net/naminsadyeffctr/url.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.31.223.186 Hoofddorp, Netherlands, ASN39521 (TNGNET, NL),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Referer
https://naminsadyeffctr.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Sep 2024 14:23:03 GMT
server
nginx/1.12.2
vary
Accept-Encoding
Primary Request yklr
howfv.smashballs.lat/mmlom/mnfbu/zhpv/
Redirect Chain
  • https://globalline.site/?id=271&s1=351633&s2=1225096865&s3=7089&p=us5dcksweps7b
  • https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
28 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Requested by
Host: overdonerun.com
URL: https://overdonerun.com/0/0/0/5d3e3f19af19c1ea9c2f07ce979ac9e1/60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a3010d861d84dddcf1103b715268bfd9832ee57b3c66e6f373800f6f7a5db96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://overdonerun.com/0/0/0/5d3e3f19af19c1ea9c2f07ce979ac9e1/60
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8be6e009cf8b54a3-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 05 Sep 2024 14:23:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5rBqupnb4Pv04kD81Zmt91tgEbRGuWkPLx8TK3RQu7UMp3EiuZICH8fysCCjPvUfaMwWqxkkadXALdVscc9%2BlQOjfNaYdeOi0Rih0VNFjOldmQTsh5DdumB9rn1I3rfH9ikNbIPEmlZkRt%2Fmu55MXAK6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8be6e0061d1936b5-YYZ
content-type
text/html; charset=UTF-8
date
Thu, 05 Sep 2024 14:23:04 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7uxAK41q5dCjYkmJFaA0ZwkkIRFuCDPgo3h%2Flb80LXADxiRM3ktv7JQw4nwhb%2F3nZpsfesoLsbt1NDCpTHWS1cCQoO4%2Bgm%2Fyzy81HaxZ3gptmrOXut50E6IfLlJKmCUqB%2B%2BZFogHLTTs0h6%2BnU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.css
howfv.smashballs.lat/master/us190/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://howfv.smashballs.lat/master/us190/style.css
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63203afa9c1545114209fc6c6a9032faf3e7b750ba428a3a8343c4e722222116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 May 2024 18:43:31 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gqfuq71E1TLfEoqpe3X%2B%2FVzU%2B2IbZk4Duyn0AFWclkwngW9WRY04zFr5sXKXppzLMq%2FiWlNpB%2FkdoPo3JirFac4aZGt8b9wpwab2usuphY8VGvO9PoJsiTFp9rCfDLCRsWAdNnTwkyxsZvM4P3DKED5RTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8be6e00b688f54a3-YYZ
expires
Thu, 12 Sep 2024 14:23:05 GMT
animate.min.css
howfv.smashballs.lat/master/us190/ 		70 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://howfv.smashballs.lat/master/us190/animate.min.css
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 May 2024 18:43:31 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2BIXQqQWUjGOhksWwPog20I8To%2Fs5leekaoBpcryPjYgX4v8kUFNL%2Fc2fNgHjDvmPS0UYh09oSlInxtlJyesNlURj0uj41pHt558%2BAZ2Zh3BJZ%2FO%2B2HLqmVUq8vOMbi3jDYE7gDYFYft69Ir0IIAA1IaRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8be6e00b689054a3-YYZ
expires
Thu, 12 Sep 2024 14:23:05 GMT
_modal.css
howfv.smashballs.lat/master/terms/css/ 		856 B
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://howfv.smashballs.lat/master/terms/css/_modal.css
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13143d30386f99ed1f568d31d682054bec5dd0b74be1d5d98ec27eb81cd670c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47931
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Aug 2024 13:51:59 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSitnKb%2BbI8kmk1tWjmF9o07tcgxE2jF1RUiRmVSwDRAGgF5wZ%2BuDlo%2B1zgumE7tEc5reU0v3QbPR5AMx1mN8dVKACRsLhfyXR3uw0Rizvtt4VWWQF19YwPMWQdlq7IxEy%2FV7jUsxH94a7VmvtMvUtODJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8be6e00b689154a3-YYZ
expires
Thu, 12 Sep 2024 01:04:14 GMT
all.js
use.fontawesome.com/releases/v5.15.4/js/ 		1 MB
426 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

Referer
https://howfv.smashballs.lat/
Origin
https://howfv.smashballs.lat
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
71001
etag
W/"5e29440867fdb02a48dffded02338c31"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWAW1hyKCe8Jc5CAG6kaxY4x6pZrmxkuht%2F4jL1fSZAzcWnDAVLmj2GqfR%2Bm8MojmsfZoHEaIlNncRNJpk7C3jU8kNbCRMAtZFc6LziaQQfwiavbKYEWmnglbFoZzRWhMLAws7kWnP6T86Wmc8mwNMZy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8be6e0100dcb36cf-YYZ
alt-svc
h3=":443"; ma=86400
datehead.js
howfv.smashballs.lat/master/us190/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://howfv.smashballs.lat/master/us190/datehead.js
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a45cef5e46aa1a339428e2ad060b97029c6e4470bff8b15d6a04c1d614d7b791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 23 May 2024 18:43:31 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQowa%2FAPdTmsM%2BOYyZrhylEa%2FlIEPZcRibhPggmj2ZIxyJspyidahUIljsirCEP9J14aOB2RkMPvvajm1CnEO%2FMtZxnY2jIHJsUKVK45l3k2q4wdu3URxr0YS1iOZ23Pqyp%2BQMZ0GTw%2BfdUhrQxhz9UQIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8be6e00b689254a3-YYZ
expires
Thu, 12 Sep 2024 14:23:05 GMT
msg.js
howfv.smashballs.lat/inc/ 		943 B
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://howfv.smashballs.lat/inc/msg.js?6567bcebcfcbf3a464c72a3f816215ff
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f7dd15af70121da291e6df75452886b47a5d0e074f2ed422be30e8ec5d9671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jun 2024 16:01:34 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FsOyHDkj%2BBc2Pdx7V3V7lt3PNzdX2wmkrweTeiw54QYUYPYwaP5brXulqDJTBJ8FfavVUosXNSCd54YC19Q1KqbLVV%2BNOgTXUUjqWGeeaXJR7QNZ7nA%2BExCPDTZZ1rhY08LvB1gsvSB7k7g0F1PEGxy0bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8be6e00b689354a3-YYZ
expires
Thu, 12 Sep 2024 14:23:05 GMT
script.js
howfv.smashballs.lat/master/us190/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://howfv.smashballs.lat/master/us190/script.js?v=2
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62334e18cc6d573d1af0f52ffb7e4c4cff42ed5eecaee73ae9e95ddc7f62aec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 15 Jul 2024 16:35:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15PBAI4ac7PLkfG7agXqab%2FCnwlgdwmpBywiv1Q6PsboqlPJ8WOE8Dbb8uSWTIPMAD6rNd2bwguU4wDwR80UpA6%2Bpm2Daz8CvhP3bSjyad0hC%2Fc4%2FLGXIQ59MreHQgppdMhLfXX7Rp6Wm%2FK5ax705UvR0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8be6e00b689554a3-YYZ
expires
Thu, 12 Sep 2024 14:23:05 GMT
_modal.js
howfv.smashballs.lat/master/terms/js/ 		1 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://howfv.smashballs.lat/master/terms/js/_modal.js?v=7
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d905535d1c01dce9ae142489d9b063640d239444eadf5e86ed2911764238c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47931
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Aug 2024 14:09:18 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWuPXHtMXB4jMllaH8E8jWitu%2FQaOQGg2ZYQ%2B0pSADShXfglXrMA55hAwda7MWk5Vd5sEjwHq%2F4Dau%2B7Esn0BAw84WfJoEmAyUC9vjbn4FdvLd4PM8KPj048z5zDm1QakqKfUfOZ0t6e5Azlb3dlp4gBkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8be6e00b689654a3-YYZ
expires
Thu, 12 Sep 2024 01:04:14 GMT
v9e118mez8
trk-elevostra.com/scripts/push/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-elevostra.com/scripts/push/v9e118mez8
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/inc/msg.js?6567bcebcfcbf3a464c72a3f816215ff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:961e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4802
alt-svc
h3=":443"; ma=86400
content-length
2519
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 05 Sep 2024 13:03:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZnfxrem%2BKiYUAtEREfiwNc%2FRz7R4%2Fp6Bspfkq5RBhuRuWktLdOFGuqMRXtue0kj9uYrLu4LIwTRuYS1snPuVXttmNLM3ZunHV3qekYZ3fLFizrMKdEcd8nda5gwjk7kaiY50bDdu4f6GCKR0OxzDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
cf-ray
8be6e00ebccb36d2-YYZ
expires
0
dic.jpg
howfv.smashballs.lat/master/us190/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://howfv.smashballs.lat/master/us190/dic.jpg
Requested by
Host: howfv.smashballs.lat
URL: https://howfv.smashballs.lat/master/us190/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624af9f00e0d48f5473e96415f0ab72b099703952708157f1eef15a6c3cf0bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/master/us190/style.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
182154
x-xss-protection
1; mode=block
last-modified
Thu, 23 May 2024 18:43:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfHTLAGB7fVfoe80bMfVuoGVEv6L7Jr3h45Qa0wAg6k15%2BSJ%2F0TZokcdWPYGLrBo4dmpFlkMBiMd2sPBDE8jlOUkFN%2BJaKwGjDPYScYNQspgIZrVaHoL3oP7qJkhgRhDqXg%2FLhKzc8%2FRGneJ9BILA8RAow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8be6e00ce99654a3-YYZ
expires
Thu, 12 Sep 2024 14:23:05 GMT
logo.png
howfv.smashballs.lat/master/us190/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://howfv.smashballs.lat/master/us190/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed957cc0c4499afbb8d9a7460a48f82f5c637128cafc99cdd6d4a5be6bea2aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
75416
x-xss-protection
1; mode=block
last-modified
Thu, 23 May 2024 18:43:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9otg0PxoQA4LIX8nI4SkMrj9lHdpoXmqENHq3u6ta2PKtlRlC8SK8wIXDz0VmClfIonQjSWjaObvVeIAlMr9NS8FXIxOAdQ2O%2Bev7DM1ZYWy2WwxS%2FcYp1mUaDlqF8SM8OghONUmFIhI%2BTq8aSL%2FRkRGQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8be6e0136d6f54a3-YYZ
expires
Thu, 12 Sep 2024 14:23:06 GMT
flaglogo.png
howfv.smashballs.lat/master/us190/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://howfv.smashballs.lat/master/us190/flaglogo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1781
x-xss-protection
1; mode=block
last-modified
Thu, 23 May 2024 18:43:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4iZcIegU20nhzVKv08psAnjzEQc%2FzWgD%2BAl2VIdpU55al%2BNHwDdYxIvbP896jAdE4U6v0QcSrrgn8JommQps2%2Fg8jYtm73Ngp2pId%2FS6rFHY9xmq37G8cs0pVDvX5jkbmUGEeqlIqZCwKJpYdUFF0SdeA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8be6e0136d7054a3-YYZ
expires
Thu, 12 Sep 2024 14:23:06 GMT
prize983.png
howfv.smashballs.lat/master/us190/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://howfv.smashballs.lat/master/us190/prize983.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee84710ba67451fd3a66faf259ea7dc44e3dd873cf06478518208aa53130490b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
75183
x-xss-protection
1; mode=block
last-modified
Thu, 30 May 2024 17:56:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qf1E5O2kYyBX3hSLRtVX%2FZyN6ZTtbVbvKZGKO1RmWR7LK56pKIzv6bcYwn4oN8UyzzhpWxlH8EgbBXUzys%2B2Ab99%2Bwm7or%2BkGBecOAzx%2BDxdV0iprips9C1Ki4lxqf06%2FyNCJW%2FzyKcpMG9LhOJuC6WfVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8be6e0136d7154a3-YYZ
expires
Thu, 12 Sep 2024 14:23:06 GMT
f_guarantee.png
howfv.smashballs.lat/master/us190/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://howfv.smashballs.lat/master/us190/f_guarantee.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6352
x-xss-protection
1; mode=block
last-modified
Thu, 23 May 2024 18:43:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=svKIfQv2B2g4W79Qfw%2BvJ2ghlqOO%2FUITuAsi9XQpqN5NETS63IddjsGP2ho2FbLRXZKHaQAyDm9VM5Cjv%2Fw1ZOMewx01qnDoxdUvBu300DJlYlRo9vVdtCMYlHudT7hjo4VtJcPlIJWruwjPmJUEpp3BPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8be6e0136d7254a3-YYZ
expires
Thu, 12 Sep 2024 14:23:06 GMT
f_secure_1.png
howfv.smashballs.lat/master/us190/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://howfv.smashballs.lat/master/us190/f_secure_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9862
x-xss-protection
1; mode=block
last-modified
Thu, 23 May 2024 18:43:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ujng1bUslgdCA5dlJAbM08xwhIEzrHmbOhU2cYF3r8EY99iwqw%2BVQ%2FSk5IKBO9uPgyzDUscBKGjDN6YbjP3Ilw1LKfqKLFTRs%2BC90uYUcpGV7QSYnXXw377%2B9u74UFlbMRpF35P%2BwxtUNxeqKEm7Yd74LA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8be6e0136d7354a3-YYZ
expires
Thu, 12 Sep 2024 14:23:06 GMT
favicon.ico
howfv.smashballs.lat/ 		0
516 B 		Other
General
Check archive.org
Download Go to
Full URL
https://howfv.smashballs.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:dbce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Thu, 05 Sep 2024 14:23:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67700
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
last-modified
Tue, 11 Jun 2024 20:46:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cB9mPQfel4kGcXW2WLRwh3tb%2BLTUgvl8y08PNkgjdc6hG0xn73EagTA3kuNfVyfe8AjUo3sP4rbYnOHC5ayv7W8BYiwPZUMxDx0of0wPnhraJpQ%2BLUtKvmh02HgusgeGX4XC7FY5eVG2on63nyGCOSbk5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8be6e0138d7b54a3-YYZ
expires
Wed, 11 Sep 2024 19:34:46 GMT
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:6008 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Thu, 05 Sep 2024 14:23:08 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJVVAGXp8TLuRo4REDoFbGZyC4qYBdR0FoeHfmSm1HPgcIM8QPwyZoddd6Ct5FQKEIfWuEG7gunAOU6VR91oeR6qVIhfGbKa%2BEcT5vSsdE87kPEtG078fL81lJW4VdUN1sSes9n354FCexiyyfXKzDSVVWKskA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8be6e0170f75ab03-YYZ
expires
0
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:6008 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://howfv.smashballs.lat
Sec-Fetch-Mode
cors
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8be6e0162ed3ab03-YYZ
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Thu, 05 Sep 2024 14:23:07 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFuYImrIoVD0jgt5dvL89Dt%2F5xbhc9gwg2ZhmHueSgQDg4x4gQRfJi4wu3yKhEimZGz0Uw15OYj%2F1NP%2FHcRYl3RbCknnzrm4pJaTw4SHNjujZoIQHAP7SAJifaBj3x9O9zc71CyR%2BHtS3%2BymmXJ4uHe3S40kzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:6008 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://howfv.smashballs.lat/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Thu, 05 Sep 2024 14:23:08 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qj78%2B0Et%2BahWd6HRih5pRvZkVfXMJlTsHbp0lCXvsWsQSGKUWp3bSNPZ%2Fyc5W1dT8UUKR7cq1XJjC4W7QpvB2u1vJBXJrjyB8raYre%2BXJao3lndGRLKpEIvyi48gWGfzrocwd5owf6ALSyBaqQ2m7ee76CqqJw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8be6e01f6e0aab03-YYZ
expires
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| datehax function| datenhax function| datenhay function| startTimer function| change object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain object| answers number| lastQnum function| toNext object| states object| dones object| loadImg object| loadBgCol function| drawloader number| qn number| dsq object| modal object| modalContent object| termsText object| btn object| span function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

3 Cookies

Domain/Path Name / Value
overdonerun.com/ Name: uid7089
Value: 1225096865-20240905102303-18266311169120bbc4ddc49223a57135-4046
globalline.site/ Name: PHPSESSID
Value: 24068d066e50b70df6846ea39f3703f8
howfv.smashballs.lat/ Name: PHPSESSID
Value: 884cafd0ef785b7a2471dc7cd0235875

1 Console Messages

Source Level URL
Text
other error URL: https://howfv.smashballs.lat/mmlom/mnfbu/zhpv/yklr?c9179bb655213334bd5633c41510ea43
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-elevostra.com
globalline.site
howfv.smashballs.lat
naminsadyeffctr.blob.core.windows.net
overdonerun.com
trk-elevostra.com
use.fontawesome.com
194.31.223.186
2606:4700:3032::6815:921
2606:4700:3035::6815:6008
2606:4700:3036::6815:1b98
2606:4700:3036::ac43:961e
2606:4700:3037::ac43:dbce
52.239.221.226
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
19f7dd15af70121da291e6df75452886b47a5d0e074f2ed422be30e8ec5d9671
1ed957cc0c4499afbb8d9a7460a48f82f5c637128cafc99cdd6d4a5be6bea2aa
46d905535d1c01dce9ae142489d9b063640d239444eadf5e86ed2911764238c2
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
62334e18cc6d573d1af0f52ffb7e4c4cff42ed5eecaee73ae9e95ddc7f62aec2
624af9f00e0d48f5473e96415f0ab72b099703952708157f1eef15a6c3cf0bf7
63203afa9c1545114209fc6c6a9032faf3e7b750ba428a3a8343c4e722222116
6a3010d861d84dddcf1103b715268bfd9832ee57b3c66e6f373800f6f7a5db96
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
a45cef5e46aa1a339428e2ad060b97029c6e4470bff8b15d6a04c1d614d7b791
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c13143d30386f99ed1f568d31d682054bec5dd0b74be1d5d98ec27eb81cd670c
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
ee84710ba67451fd3a66faf259ea7dc44e3dd873cf06478518208aa53130490b