urlscan.io logo urlscan.io
SecurityTrails logo

iballsort0605.minigame.vip Open in urlscan Pro
104.18.3.128  Public Scan

Go To Rescan Add Verdict Report
URL: https://iballsort0605.minigame.vip/
Submission: On September 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 35 HTTP transactions. The main IP is 104.18.3.128, located in and belongs to CLOUDFLARENET, US. The main domain is iballsort0605.minigame.vip.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on January 8th 2024. Valid for: a year.
This is the only time iballsort0605.minigame.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    104.18.3.128 (None, )

ASN13335 (CLOUDFLARENET, US)
iballsort0605.minigame.vip
res.minigame.vip
3    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net
securepubads.g.doubleclick.net
7    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6bdc5e4b32cce654d536410bc1cdb4a7.safeframe.googlesyndication.com
4    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
6bdc5e4b32cce654d536410bc1cdb4a7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 162
73 KB
11 minigame.vip
iballsort0605.minigame.vip
res.minigame.vip — Cisco Umbrella Rank: 202993
379 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 502
104 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
195 KB
1 gstatic.com
fonts.gstatic.com
34 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
35 6
Domain Requested by
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
iballsort0605.minigame.vip
7 iballsort0605.minigame.vip iballsort0605.minigame.vip
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
iballsort0605.minigame.vip
tpc.googlesyndication.com
4 res.minigame.vip iballsort0605.minigame.vip
3 securepubads.g.doubleclick.net iballsort0605.minigame.vip
securepubads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 6bdc5e4b32cce654d536410bc1cdb4a7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
35 9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
play.google.com
www.minigame.vip
about.minigame.vip
Subject Issuer Validity Valid
*.minigame.vip
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-01-08 -
2025-02-06		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
misc-sni.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://iballsort0605.minigame.vip/
Frame ID: 5D17E6FF93236F625249C759D4918014
Requests: 18 HTTP requests in this frame

Frame: https://6bdc5e4b32cce654d536410bc1cdb4a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 82807BF02F35F47371696BB70C5E01CA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Frame ID: AA5BED5911BAAC974720AC4663CBE486
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D526139BCB1C7949774F141C97AC6ED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Play Minigame and Have Fun

Detected technologies

Overall confidence: 100%
Detected patterns
  • handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

35
Requests

94 %
HTTPS

63 %
IPv6

6
Domains

9
Subdomains

9
IPs

3
Countries

787 kB
Transfer

1750 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
iballsort0605.minigame.vip/ 		216 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb2dcfb24e37767c966ddd1571bfe60c2024585b7390161724a1d49e02da0478

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
68266
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
8c3090ff5d1d62ba-HAM
content-encoding
br
content-md5
BbRQ12595YHGmClw6CJ5Zg==
content-type
text/html; charset=utf-8
date
Sat, 14 Sep 2024 13:01:33 GMT
expires
Sat, 14 Sep 2024 14:01:33 GMT
last-modified
Tue, 10 Sep 2024 05:48:18 GMT
server
cloudflare
vary
Accept-Encoding
x-oss-hash-crc64ecma
15411507283837614202
x-oss-object-type
Normal
x-oss-request-id
66E3FE6341CA943739621FE3
x-oss-server-time
15
x-oss-storage-class
Standard
handlebars.runtime.min.js
iballsort0605.minigame.vip/static/lib/handlebars/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iballsort0605.minigame.vip/static/lib/handlebars/handlebars.runtime.min.js
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d4f2087bafa41335f248a267683d382489057856bb3c66465be2220964d749

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
content-encoding
gzip
x-oss-request-id
66E16104A6B4B039320BE52C
cf-cache-status
HIT
content-md5
X2z1BWNKJrnwIuSjST/VMg==
age
68267
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 10 Sep 2024 06:32:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
x-oss-storage-class
Standard
cf-ray
8c309100eefc62ba-HAM
x-oss-hash-crc64ecma
2534428391629716180
x-oss-server-time
9
expires
Sat, 14 Sep 2024 14:01:34 GMT
gamebox.precompiled.min.js
iballsort0605.minigame.vip/static/scripts/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iballsort0605.minigame.vip/static/scripts/gamebox.precompiled.min.js
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f474329659302bd1c84413b3df3c1116c0543de959f2bdd0df76d9c3afdc10a

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
content-encoding
gzip
x-oss-request-id
66DA6C68E6F8413137CA61D0
cf-cache-status
HIT
content-md5
DUlCu6XmAp03xGnNTbmPsg==
age
68267
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Wed, 28 Feb 2024 10:11:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
x-oss-storage-class
Standard
cf-ray
8c309100eefe62ba-HAM
x-oss-hash-crc64ecma
13727359308223823417
x-oss-server-time
9
expires
Sat, 14 Sep 2024 14:01:34 GMT
logo.png
iballsort0605.minigame.vip/static/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iballsort0605.minigame.vip/static/images/logo.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eafbefe0e4664610fc0eabbb188c0e69480c3dfbb7d8aac576e58dd56efb074

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
x-oss-request-id
66726EC16134EA313615AFC7
cf-cache-status
HIT
content-md5
i+AzHroWkZ5wqNgpa9JPcw==
age
68267
cf-polished
origSize=16270
alt-svc
h3=":443"; ma=86400
content-length
13755
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
last-modified
Wed, 28 Feb 2024 10:11:02 GMT
server
cloudflare
etag
"8BE0331EBA16919E70A8D8296BD24F73"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=3600
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8c309100ef0062ba-HAM
x-oss-hash-crc64ecma
6350996011986990953
x-oss-server-time
5
expires
Sat, 14 Sep 2024 14:01:34 GMT
email-decode.min.js
iballsort0605.minigame.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iballsort0605.minigame.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Sep 2024 18:11:43 GMT
server
cloudflare
etag
W/"66e08bdf-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8c309100ef0162ba-HAM
expires
Mon, 16 Sep 2024 13:01:34 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		103 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
4d47a9d6c007f3bc8096bd41a71ffd338cc33e0abb16bf47a6064fee69d4dcc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32009
x-xss-protection
0
server
cafe
etag
24 / 19980 / m202409050101 / config-hash: 6381089854016581128
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 14 Sep 2024 13:01:34 GMT
lazy-img.png
iballsort0605.minigame.vip/static/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iballsort0605.minigame.vip/static/images/lazy-img.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad2e9ec259db18061c2262f83e305abae3c58c926774861c7bb6e1d9a6eb9c4

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
x-oss-request-id
66E3EC12675238343949D746
cf-cache-status
HIT
content-md5
IqpcmpLDckEQn7IObr+hmQ==
cf-polished
origSize=35882
alt-svc
h3=":443"; ma=86400
content-length
25875
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Sep 2024 06:31:57 GMT
server
cloudflare
etag
"22AA5C9A92C37241109FB20E6EBFA199"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=3600
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8c309102d94362ba-HAM
x-oss-hash-crc64ecma
1766066214863945840
x-oss-server-time
20
expires
Sat, 14 Sep 2024 14:01:34 GMT
hard-worker_banner.png
res.minigame.vip/gc-assets/hard-worker/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.minigame.vip/gc-assets/hard-worker/hard-worker_banner.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ea47dba63e5012fae25eb359652ec994d21dd356e7ed96eedf636918ca9acdc

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
x-oss-request-id
66326568B75B033838CBDCC9
cf-cache-status
HIT
content-md5
ZrCdTLcWikbd2LdhVK8UuA==
age
851956
cf-polished
origSize=71619
alt-svc
h3=":443"; ma=86400
content-length
63944
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
last-modified
Wed, 29 Nov 2023 07:30:41 GMT
server
cloudflare
etag
"66B09D4CB7168A46DDD8B76154AF14B8"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1382400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8c309102d94d62ba-HAM
x-oss-hash-crc64ecma
3202106006374394220
x-oss-server-time
37
expires
Mon, 30 Sep 2024 13:01:34 GMT
hehe-forest-house_banner.png
res.minigame.vip/gc-assets/hehe-forest-house/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.minigame.vip/gc-assets/hehe-forest-house/hehe-forest-house_banner.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81692010ded1646b7891d2daa1ff20a7dc4c2ec71e5ea5a50c5eaaee63f5d755

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
x-oss-request-id
66327A51CC62293936D55090
cf-cache-status
HIT
content-md5
4S/x51I7Y8SdSsfbfy8TyA==
age
846441
cf-polished
origSize=88150
alt-svc
h3=":443"; ma=86400
content-length
79190
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
last-modified
Tue, 19 Dec 2023 09:15:48 GMT
server
cloudflare
etag
"E12FF1E7523B63C49D4AC7DB7F2F13C8"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1382400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8c309102d94862ba-HAM
x-oss-hash-crc64ecma
16446268319286289098
x-oss-server-time
6
expires
Mon, 30 Sep 2024 13:01:34 GMT
buy-to-buy_banner.png
res.minigame.vip/gc-assets/buy-to-buy/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.minigame.vip/gc-assets/buy-to-buy/buy-to-buy_banner.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4640bfe28d15593a53c8f8e6a185b40ca6df64f63240c9ea4933bdc14250000d

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
x-oss-request-id
669491D6B92E9C3737A3D799
cf-cache-status
HIT
content-md5
QclconhnRp3sCoDijMMO0g==
age
466086
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
80497
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
last-modified
Fri, 14 Jun 2024 09:25:40 GMT
server
cloudflare
etag
"41C95CA27867469DEC0A80E28CC30ED2"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1382400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8c309102d94762ba-HAM
x-oss-hash-crc64ecma
13321549281482699718
x-oss-server-time
5
expires
Mon, 30 Sep 2024 13:01:34 GMT
neo-adventure_banner.png
res.minigame.vip/gc-assets/neo-adventure/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.minigame.vip/gc-assets/neo-adventure/neo-adventure_banner.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f6531ab6ae6b164ff042e8615cfca802de547b75624c7b415ccb147f6c67f2

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:34 GMT
x-oss-request-id
66327ADFD5D12B3739846CF7
cf-cache-status
HIT
content-md5
6u/vWaw75CWkEcRbo3es8w==
age
844562
cf-polished
origSize=91031
alt-svc
h3=":443"; ma=86400
content-length
82116
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
last-modified
Mon, 04 Sep 2023 01:52:54 GMT
server
cloudflare
etag
"EAEFEF59AC3BE425A411C45BA377ACF3"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1382400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8c309102d94a62ba-HAM
x-oss-hash-crc64ecma
15999455343745758977
x-oss-server-time
54
expires
Mon, 30 Sep 2024 13:01:34 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/ 		475 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
9fd2f63c1c9cb94ccd7d258e81648758206f1a581780a73c30e657af74b6e3f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
73592
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151712
x-xss-protection
0
server
cafe
etag
16156987026240680160
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 13 Sep 2025 16:35:02 GMT
ads
pagead2.googlesyndication.com/gampad/ 		58 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2032955532639271&correlator=1861995033833521&eid=31079957%2C31086879&output=ldjh&gdfp_req=1&vrg=202409050101&ptt=17&impl=fifs&iu_parts=22817871455%2Cca-pub-3168355978380813-tag%2Cisotatoweraces.anchor%2Cisotatoweraces.gamebox_header&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=1x1%2C300x250&ifi=1&sfv=1-0-40&fas=1%2C0&sc=1&abxe=1&dt=1726318894936&lmt=1725947298&adxs=-9%2C650&adys=-9%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fiballsort0605.minigame.vip%2F&vis=1&psz=0x-1%7C1600x250&msz=0x-1%7C1600x250&fws=2%2C0&ohw=0%2C0&td=1&egid=20994&tan=e5f648c9-8eac-4ff5-b187-b39fb25cd924%2Ce5f648c9-8eac-4ff5-b187-b39fb25cd925&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726318894202&idt=628&adks=2734217424%2C1730096826&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e92374fe9f73a5cafde5640e7f70f9fe3ea588c21bfb84c04c0dc507522cc7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13843
x-xss-protection
0
google-lineitem-id
-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iballsort0605.minigame.vip
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6bdc5e4b32cce654d536410bc1cdb4a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8280 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6bdc5e4b32cce654d536410bc1cdb4a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 14 Sep 2024 13:01:35 GMT
expires
Sat, 14 Sep 2024 13:01:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
425348d9ecc351154293a15a07ed03aa0cc31f501f5543c0e317797c0633f6a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 16:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
74047
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15391
x-xss-protection
0
server
cafe
etag
8933644079369662271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 13 Sep 2025 16:27:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202409050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9c580b24902c111d7233720e5facc848d7e3e1537eb7fcc0af5c4229ded1a661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12877
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 13:01:36 GMT
favicon.ico
iballsort0605.minigame.vip/static/images/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://iballsort0605.minigame.vip/static/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c46759ec358f6f9bab6bb9b741882e541d0805b6633038c321338ca2ce621e2

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 13:01:36 GMT
content-encoding
br
x-oss-request-id
66E58930D74EC836377AF22D
cf-cache-status
MISS
content-md5
ulhZIZGQFAyYZWo762caoA==
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 10 Sep 2024 06:31:49 GMT
server
cloudflare
etag
W/"BA5859219190140C98656A3BEB671AA0"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=3600
x-oss-storage-class
Standard
cf-ray
8c30910b1c5a62ba-HAM
x-oss-hash-crc64ecma
13837686420236040192
x-oss-server-time
10
expires
Sat, 14 Sep 2024 14:01:36 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012406241625000/ Frame AA5B 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Sep 2024 12:01:48 GMT
age
349188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56144
x-xss-protection
0
server
sffe
etag
"cc18f0752fb26ed7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Sep 2025 12:01:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame AA5B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Sep 2024 11:43:14 GMT
age
350302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5218
x-xss-protection
0
server
sffe
etag
"a54ee7ef81300879"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Sep 2025 11:43:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame AA5B 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 12 Sep 2024 18:00:46 GMT
age
154850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29004
x-xss-protection
0
server
sffe
etag
"ed67e306da4f50af"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Sep 2025 18:00:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame AA5B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 12 Sep 2024 18:01:11 GMT
age
154825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"318c9ffc754fdb7f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 12 Sep 2025 18:01:11 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame AA5B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 07 Sep 2024 15:35:10 GMT
age
595586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12940
x-xss-protection
0
server
sffe
etag
"6b189ee8e91db6e8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 07 Sep 2025 15:35:10 GMT
css
fonts.googleapis.com/ Frame AA5B 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9bf164fd8f85bbe262753bca4167f5baacb295fa1f167e0dfcc43fbf3e21a876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Sep 2024 13:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Sep 2024 11:20:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Sep 2024 13:01:36 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/16414422265850411512/ Frame AA5B 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16414422265850411512/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5240914497e4a1a6e322df287ea46837420c32cbfefcc196b7b8e0dbdb48b8a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sat, 14 Sep 2024 06:19:20 GMT
x-content-type-options
nosniff
age
24136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35997
x-xss-protection
0
last-modified
Thu, 18 Jul 2024 06:23:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 Sep 2025 06:19:20 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7335817497068258773/ Frame AA5B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7335817497068258773/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a31cee18c87816fe230ecb705a3e09abb3021a4d87cc51fe1e0ece58f324da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 10 Sep 2024 11:57:56 GMT
x-content-type-options
nosniff
age
349420
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1335
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 14:14:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 10 Sep 2025 11:57:56 GMT
truncated
/ Frame AA5B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf908d262b2224302338288332e2041ae4f51e6e97e9853364e8f1109b5e8d69

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame AA5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 11:55:42 GMT
x-content-type-options
nosniff
server
cafe
age
3954
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 15 Sep 2024 11:55:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame AA5B 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:07:18 GMT
x-content-type-options
nosniff
server
cafe
age
68058
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 14 Sep 2024 18:07:18 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame AA5B 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
97059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Sep 2024 10:03:57 GMT
expires
Sat, 13 Sep 2025 10:03:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v61/ Frame AA5B 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v61/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://iballsort0605.minigame.vip
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:56:00 GMT
x-content-type-options
nosniff
age
349536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34184
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 17:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 11:56:00 GMT
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame AA5B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 11:55:42 GMT
x-content-type-options
nosniff
server
cafe
age
3954
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 15 Sep 2024 11:55:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame AA5B 		295 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: iballsort0605.minigame.vip
URL: https://iballsort0605.minigame.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:07:18 GMT
x-content-type-options
nosniff
server
cafe
age
68058
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 14 Sep 2024 18:07:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA5B 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstArIm0VEZIyfNvaKMTZxJ3HZxM52_0X8cflDGnynk5A3M54oG1AUVtO0LJISI5R3_ynMvGMait0H0aWTP9HAngmr71Upp96EF4F3iS4PvnenxEX8JwIyewqnBu770G4K_YAsaeBqe8yCYsA9HZgf5yk2edQt_MQzjpaqoO7CeOtrqa&sig=Cg0ArKJSzFcz_dDmU_IJEAE&id=ampim&o=650,0&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=444&tls=1445&g=100&h=100&tt=1445&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iballsort0605.minigame.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Sep 2024 13:01:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=C5VTHL4nlZqyzIamRjuwPpq_yKPSvvdB5jpbMgucS2tkeEAEg9JX6igFglfrwgYwHoAGMp77XA8gBAakCHpBcRpiUsj7gAgCoAwHIAwqqBLcCT9CoDXKsu3tkOcalNR_mmWQcEK9sv7O6nwnKv7Wn964DyN0E-7chLSs6a-I-NpZwrjSPmZQP-BwmbJKr0EhsDy_hWk5EdEU28AQzg0ALoofFyEN_YZRbcl8Ia7Z39J4Sqd-fCxKalZGGj4qtVLn-cf4ENVT1ItiZ3cgsGm2rzc2C129SeElRZMz4kpWNh_KerOIJ-6CyADSJUPQ_znPA-EsxmE-cn7ALGyTZOA15zs2bV3QJDdCxIUxW_QKY98BUP2Pk3KJSBVmxOZV_b-k_oXFTjNT9hEPpFpC2Y_3Z_QZXKBovFcFOzs8Stw_NqEvxlR_MnUIpdA6-E1mL012u48621C64goEHT7dc23xAaC1ufdFfAUZiCiTRa1bVaoKqUX0_y5PEKb2_CKUoAM61XQD8k8QPKcPABIq0u8zqBOAEAYgFj_L19E-SBQQIBBgBkgUECAUYBIAH3NjBKKgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcB8gcFEJ_UrAHSCCwIkeGAcBABGB0yB-uLgOC_gA06CgCAgICAgJSoiAJIvf3BOli59KSEv8KIA5oJvAFodHRwczovL3d3dy5taHAuY29tL2RlL2luc2lnaHRzL3Vuc2VyZS1lcmZhaHJ1bmcvZXJmb2xncmVpY2hlLXNhcC1zNGhhbmEtaW1wbGVtZW50aWVydW5nLWJlaS1icm9zZS1zaXRlY2g_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1nb29nbGVkaXNwbGF5LWJyb3NlJmdhZF9zb3VyY2U9NYAKAcgLAeINEwjtvKWEv8KIAxWpiIMHHaaXHAXYEwqIFATQFQGAFwGyFyEKHQgAEhRwdWItMzk2MjI0MjU4NzE5MDM5NRiS2ooBGAG6FwI4AbIYCRICqE4YASIBANAYAQ&sigh=m5FjX0NHS74&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&template_id=5007
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202409050101&jk=2032955532639271&bg=!Y2ClYC_NAAbpMHvgyTA7ADQBe5WfOFDpFvQIKHZEwwQ8jJmrWrrrZPrAbGq6shhE2J7CScZakHBv8fZHIkWmWwPyv43gAgAAAhhSAAAACGgBB34ANtmVM36TpXREvUlkxR6JxGAkNTiDSR4b9RTLDNR0XCvV3vSJXsETrJmCwEAEKD5ElMjWT-YuXJkCq-m5pG2Em-07xp6VGY5z5SAUGt3KzimdZsELpxDiBuee_ntGjukDOZCX_RCa9rPgDaYUAhQ882Meoh7L6h12AZZbsBEAO141NGACEHHlnlNxu12Rry9YyNEx9Pm8NIEenD_sNdKNK00FqZH3XYuMZ3CL4-oUyJKGE35d8_rgxK5SXZjLgYCAQzuf6c_nHNzqSJYqJ5UmuTvjYwlOTGVVbLqM6YnfGPICXCQCope87G3qaoGC2Gs9hWLGChFbjIXicD1NC5soRaR43vn3lXSO6T9vmdKbSyu6c0dwcUHK2CnmnoguhAd4Gz0m1FtSxB45QgwVM04eq0vrCFKUAUIJBEIbJ2f9XFdEpJaVwG5D4oSRpQ8UNF75bkOiw0dWFP8zDTvC1hOlJjPQU-iDpikKNI-fF6wMTRwDCj76-hNuddoMc1C9JvMrwuqzTLi1c1_aXzMLDxskkTGhrKKVI5hoi3ITQpPYR-D6SxMlkCdYrsKPbkDgY25BfyL52vx4eOsZTZOcp9RPEZtGYxx8DzR2C5r5Eyisr5XZr0yBVBi66-HHERSAJjR5xgY47cACgYf_6KIPNLDYpp_YkwWD47AHPDgMJ1JacmwnEp5r3dN38kcnJMCUKMgmG4VIJkTo26hSTzmsrTkwjJ8NfafbjU0AY0TY81ADRU4SgPnpfrOp6usS-zoweFyyJID7efjvS_zXClOrv1NZEJMHDKmrjWdccCurDpqudRlmPE9qiWTJayky-71njq9YSornTp4l_l_mD2zQhHnPezAh48V7_TZD8OYJ482p0lvZ3KktY4UQSe1x1YQdZJr5JqEJA9iZq8l0cMQWuyaU06ejqVQwy2WugNYGSn_3ZcITxZqxdmp5dy3ChHO9y-b4njrPlCoDkbRCyXMqgOokiIz240rv

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| openCube function| changeVar function| award function| registerTemplates function| renderTemplates function| renderStrategy object| Handlebars object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state number| google_unique_id object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

1 Cookies

Domain/Path Name / Value
.minigame.vip/ Name: __eoi
Value: ID=d30abacea7bde998:T=1726318895:RT=1726318895:S=AA-AfjapsGxxBi8n7t-WKJkpeUHO

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6bdc5e4b32cce654d536410bc1cdb4a7.safeframe.googlesyndication.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
iballsort0605.minigame.vip
pagead2.googlesyndication.com
res.minigame.vip
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
104.18.3.128
142.250.186.162
216.58.206.66
2a00:1450:4001:802::2003
2a00:1450:4001:806::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
0a31cee18c87816fe230ecb705a3e09abb3021a4d87cc51fe1e0ece58f324da5
1c46759ec358f6f9bab6bb9b741882e541d0805b6633038c321338ca2ce621e2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ea47dba63e5012fae25eb359652ec994d21dd356e7ed96eedf636918ca9acdc
425348d9ecc351154293a15a07ed03aa0cc31f501f5543c0e317797c0633f6a6
4640bfe28d15593a53c8f8e6a185b40ca6df64f63240c9ea4933bdc14250000d
4d47a9d6c007f3bc8096bd41a71ffd338cc33e0abb16bf47a6064fee69d4dcc9
4eafbefe0e4664610fc0eabbb188c0e69480c3dfbb7d8aac576e58dd56efb074
5240914497e4a1a6e322df287ea46837420c32cbfefcc196b7b8e0dbdb48b8a6
5f474329659302bd1c84413b3df3c1116c0543de959f2bdd0df76d9c3afdc10a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c
7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81692010ded1646b7891d2daa1ff20a7dc4c2ec71e5ea5a50c5eaaee63f5d755
8ad2e9ec259db18061c2262f83e305abae3c58c926774861c7bb6e1d9a6eb9c4
9bf164fd8f85bbe262753bca4167f5baacb295fa1f167e0dfcc43fbf3e21a876
9c580b24902c111d7233720e5facc848d7e3e1537eb7fcc0af5c4229ded1a661
9fd2f63c1c9cb94ccd7d258e81648758206f1a581780a73c30e657af74b6e3f8
a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551
bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9
c7f6531ab6ae6b164ff042e8615cfca802de547b75624c7b415ccb147f6c67f2
cb2dcfb24e37767c966ddd1571bfe60c2024585b7390161724a1d49e02da0478
cf908d262b2224302338288332e2041ae4f51e6e97e9853364e8f1109b5e8d69
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
e7d4f2087bafa41335f248a267683d382489057856bb3c66465be2220964d749
e92374fe9f73a5cafde5640e7f70f9fe3ea588c21bfb84c04c0dc507522cc7ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629