URL: https://kqixoomnkfa.click/
Submission: On December 10 via api from BE — Scanned from IT

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 24 HTTP transactions. The main IP is 172.67.132.150, located in United States and belongs to CLOUDFLARENET, US. The main domain is kqixoomnkfa.click.
TLS certificate: Issued by WE1 on December 5th 2024. Valid for: 3 months.
This is the only time kqixoomnkfa.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.132.150 13335 (CLOUDFLAR...)
22 172.217.23.118 15169 (GOOGLE)
24 2
Apex Domain
Subdomains
Transfer
22 googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 557
1 MB
2 kqixoomnkfa.click
kqixoomnkfa.click
6 KB
24 2
Domain Requested by
22 play-lh.googleusercontent.com kqixoomnkfa.click
2 kqixoomnkfa.click
24 2

This site contains links to these domains. Also see Links.

Domain
play.google.com
Subject Issuer Validity Valid
kqixoomnkfa.click
WE1
2024-12-05 -
2025-03-05
3 months crt.sh
edgestatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://kqixoomnkfa.click/
Frame ID: 3D5C38C297A17DF31C42618DF4031C81
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Candy Crush Saga

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1124 kB
Transfer

1129 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
kqixoomnkfa.click/
9 KB
4 KB
Document
General
Full URL
https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.132.150 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ab3c3d638473996c75fd481eacbb740487349b1a9fe0fefa47c0118e0dd0f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8efa13224e2e9136-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 10 Dec 2024 03:16:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUGcdmIica5ikH4SKQyh%2FtYKaN95RVSQ6%2F4RiIttf3su5FNcu5WAhDPzmznSEp3ZrG1ztX9AvozDSAH23OSnxu%2F%2BWRHEgCGgVARRnnj5x6dHUnqx7QiD5rBLLII0mgOqNNEZ%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=21618&min_rtt=19198&rtt_var=10226&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3908&recv_bytes=2290&delivery_rate=198877&cwnd=253&unsent_bytes=0&cid=9791336bfa04c201&ts=219&x=0"
gU9NKwpgLDYA6LIYK4dnkAkVyqNHUfTIqklEiNuO4oZ2OCpWQhQdqhnDh8Yb9B8SWIM
play-lh.googleusercontent.com/
382 KB
382 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/gU9NKwpgLDYA6LIYK4dnkAkVyqNHUfTIqklEiNuO4oZ2OCpWQhQdqhnDh8Yb9B8SWIM
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
5271755079528b8024a00b244abbe813ef6c0830c322fb82bc711d596156ee23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
9757
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:33:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:33:34 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
391081
x-xss-protection
0
server
fife
UFj49IM8KZm2W86fLZy_NmjrDMlP6WOocEok6uK0UdLyeK3ZBQDDzZi3vLqqFUn2qg=w526-h296
play-lh.googleusercontent.com/
41 KB
42 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/UFj49IM8KZm2W86fLZy_NmjrDMlP6WOocEok6uK0UdLyeK3ZBQDDzZi3vLqqFUn2qg=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
c36106894fa0cb9e0c5fbe42ae396d2099ff75e9a0a71ec35dcbf68ed5a2f343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
9757
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:33:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:33:34 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
42465
x-xss-protection
0
server
fife
7E2P--MUH23Bguuq7f6itFLyZAgC_Z0vsoh4y3cw_Ld5D_v00hZhKUEuZmoMzf43Wtg=w526-h296
play-lh.googleusercontent.com/
37 KB
37 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/7E2P--MUH23Bguuq7f6itFLyZAgC_Z0vsoh4y3cw_Ld5D_v00hZhKUEuZmoMzf43Wtg=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
349a380b6d6c162d6ed450e89366599400a59acb6a82bd13a9d6caca5ed611b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10208
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:26:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:26:03 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
37590
x-xss-protection
0
server
fife
yq3Ghwz-A6b5qbA8IXbNaBt9V9gpYMV34f3344kgPqAEB9UNz368kHXfEHxwNQwXSw=w526-h296
play-lh.googleusercontent.com/
35 KB
35 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/yq3Ghwz-A6b5qbA8IXbNaBt9V9gpYMV34f3344kgPqAEB9UNz368kHXfEHxwNQwXSw=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
a0f4c1e43adde5a6faccd2b369e824c1fa6831289697f642d2ff99c7fbd116b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
1684
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 02:48:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 02:48:07 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
35792
x-xss-protection
0
server
fife
FL4MaVmXGt-TXewT-ZxuWOzoKPsRpZ5n9pjt5xZgP-sKk25DA27pzTy2naB6slYPBw0=w526-h296
play-lh.googleusercontent.com/
38 KB
38 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/FL4MaVmXGt-TXewT-ZxuWOzoKPsRpZ5n9pjt5xZgP-sKk25DA27pzTy2naB6slYPBw0=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
adc93d89c1742295709152ffd6332835b0864e21d32859019df3c01c0c36260a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
9660
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:35:11 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
39190
x-xss-protection
0
server
fife
RMVbCCiiufNaIAYsdoWDP9NNEkfHx94206TtjqUshn9ZT9YAmmx_hE7bw19akRpdMP8=w526-h296
play-lh.googleusercontent.com/
23 KB
23 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/RMVbCCiiufNaIAYsdoWDP9NNEkfHx94206TtjqUshn9ZT9YAmmx_hE7bw19akRpdMP8=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
0594edc1dee114812102db2bddc7ecf767adb898beb014331fae518b833117d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10208
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:26:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:26:03 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
23086
x-xss-protection
0
server
fife
iKdf7T_qk8chQvW_KFRPqvdgo_y1PEzBr0hs9kaCAf2tzgP6q2ZNxBPNFDhAfNEaImo=w526-h296
play-lh.googleusercontent.com/
35 KB
36 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/iKdf7T_qk8chQvW_KFRPqvdgo_y1PEzBr0hs9kaCAf2tzgP6q2ZNxBPNFDhAfNEaImo=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
8e77c1b44f30980fa62639ab20d87f62c440fd379532cd5d22d1c94e43a37627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10208
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:26:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:26:03 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
36289
x-xss-protection
0
server
fife
D27jVt7bvD4EfPsK4KHK0y6H38A2k-XV5SgYTej3KWie9EzJrDpu7-jnMorTSkoy_nI=w526-h296
play-lh.googleusercontent.com/
32 KB
32 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/D27jVt7bvD4EfPsK4KHK0y6H38A2k-XV5SgYTej3KWie9EzJrDpu7-jnMorTSkoy_nI=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
bcdea83164756053f329ea1712e9299944d21cea5695c68cb8e2034cd543d71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
9756
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:33:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:33:35 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
33128
x-xss-protection
0
server
fife
PyCrvJYCKCO-rxHgaRtes-lcHgYzD8K4r-v16q_EZnWtl8hUNUuRk97yD-_QLs0Dwg=w526-h296
play-lh.googleusercontent.com/
42 KB
43 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/PyCrvJYCKCO-rxHgaRtes-lcHgYzD8K4r-v16q_EZnWtl8hUNUuRk97yD-_QLs0Dwg=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
cf1e1f43da4f48d168e69c6670ce34ec4de34cb2aec1319582e4e358b8cba3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
1684
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 02:48:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 02:48:07 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
43513
x-xss-protection
0
server
fife
ghAMjgqGj8wjNl9v5v5iDhvpu9apuglwgLHSXPRyAoOi6Ydvx3HSNuhkwmO0-uKbOyNh=w526-h296
play-lh.googleusercontent.com/
37 KB
37 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/ghAMjgqGj8wjNl9v5v5iDhvpu9apuglwgLHSXPRyAoOi6Ydvx3HSNuhkwmO0-uKbOyNh=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
244106e881a865aab8eca824501a6fad35fd2d2e1e2862e17b5f2dc580303d2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
9660
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:35:11 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
38114
x-xss-protection
0
server
fife
3ZR4LuboSStXb7TmrvVR_-_RN3S3X2r71HzBSw8rOK07zXTvQ8W4_4uCjzhKdzdSO0k=w526-h296
play-lh.googleusercontent.com/
35 KB
35 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/3ZR4LuboSStXb7TmrvVR_-_RN3S3X2r71HzBSw8rOK07zXTvQ8W4_4uCjzhKdzdSO0k=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
3e8f0e548208e0960d0c2c2d22033875c9e28a939e437271c78e12c9579427ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10207
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:26:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:26:04 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
36181
x-xss-protection
0
server
fife
dPks-YJKQPENQ6xUL8ldYtw5mqod74wie251K391vq_OU9ddhwiMl8PPxZaod5EZTaZD=w526-h296
play-lh.googleusercontent.com/
39 KB
39 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/dPks-YJKQPENQ6xUL8ldYtw5mqod74wie251K391vq_OU9ddhwiMl8PPxZaod5EZTaZD=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
6b699e2bdc0558eb299b013905c488ca90e4da4932786499745cbe8c245b3c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10207
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:26:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:26:04 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
39857
x-xss-protection
0
server
fife
4mpkvEoqQevQ-jNDJ4-jLMJZ6Zoef8Dd9-tPNh1-bgQigpRtNry_jbO4otemJ80nBDvF=w526-h296
play-lh.googleusercontent.com/
23 KB
23 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/4mpkvEoqQevQ-jNDJ4-jLMJZ6Zoef8Dd9-tPNh1-bgQigpRtNry_jbO4otemJ80nBDvF=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
2386a4b9a9aed631b5f52990e6762765bedaf349ef4d2241ec995c541af3c808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
9756
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:33:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:33:35 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
23627
x-xss-protection
0
server
fife
IwrsksIcZfXp03rSjidA2VhKMglNIgNCakEXuXBhN-nE9y6Is_Aq9j14x0FQ50_jKA=w526-h296
play-lh.googleusercontent.com/
37 KB
37 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/IwrsksIcZfXp03rSjidA2VhKMglNIgNCakEXuXBhN-nE9y6Is_Aq9j14x0FQ50_jKA=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
cbce9e4907dba7220e6cceb1c759c090757ccd75fc8572a84a39b62e0298e6ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10207
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:26:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:26:04 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
37415
x-xss-protection
0
server
fife
ujcM1QL2Mso1xNlqm3hgfUFodjmPPe42WOKxqKm8heKLAB3mifOK3G3UrFpIzSg_Qw=w526-h296
play-lh.googleusercontent.com/
34 KB
34 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/ujcM1QL2Mso1xNlqm3hgfUFodjmPPe42WOKxqKm8heKLAB3mifOK3G3UrFpIzSg_Qw=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
18ae55c7dc59e286d502c0c3cade48f4c01796799e76620029b66e4358026db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10207
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:26:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:26:04 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
34376
x-xss-protection
0
server
fife
VHeD8esgiFSsY7uynPx1laLVgt6VgtLm340_lQ67Eqo7KJ-4_ls0FaR5OyshtTtF8Q=w526-h296
play-lh.googleusercontent.com/
43 KB
43 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/VHeD8esgiFSsY7uynPx1laLVgt6VgtLm340_lQ67Eqo7KJ-4_ls0FaR5OyshtTtF8Q=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
0959f3ea515d6e5360e3bcdc6dfb241e357fd5063bbacfee72e657578df480e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
11599
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:02:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:02:52 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
43619
x-xss-protection
0
server
fife
WbZW-iq0WyrHlgD879cAtUoFZ1OpyB5syKyS7vSd27pm7ZuhP51UNxRMeJpN-BRp38E=w526-h296
play-lh.googleusercontent.com/
37 KB
37 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/WbZW-iq0WyrHlgD879cAtUoFZ1OpyB5syKyS7vSd27pm7ZuhP51UNxRMeJpN-BRp38E=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
9e1597399240d20023f7adc20af1c6e0ef0a4c06d4fa275ac66cde54bcf8d4d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
606
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 03:06:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 03:06:05 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
37867
x-xss-protection
0
server
fife
v9zkhS14VuZV97fFTGidEZ3WWjoXcjq-zoMIthSz_-DOLQy9w6tl2zknX5yA1-HJdBc=w526-h296
play-lh.googleusercontent.com/
35 KB
35 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/v9zkhS14VuZV97fFTGidEZ3WWjoXcjq-zoMIthSz_-DOLQy9w6tl2zknX5yA1-HJdBc=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
e2ad1c1bb40b9e765d20d4ed608c4f1d3ab2b8716ac857c97e0451251bcdd316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10207
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:26:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:26:04 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
35474
x-xss-protection
0
server
fife
_3h4IwbvalEd6oo6mdd2w1Y0Tel27NST4_9S3D_X1k2-R_TAfxYNJTbN4A5OaBx5vQ=w526-h296
play-lh.googleusercontent.com/
38 KB
38 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/_3h4IwbvalEd6oo6mdd2w1Y0Tel27NST4_9S3D_X1k2-R_TAfxYNJTbN4A5OaBx5vQ=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
278f808eda837b0a72e75f55cb0cbcf445804cc8de94631d2fdf186196501364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
9756
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:33:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:33:35 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
39341
x-xss-protection
0
server
fife
TbUocb0JtPk6X8ZnRQMILSYmKF090M9lufBjzTNq5UtL87ntkQhXS1iF_8Gly_p4Akg=w526-h296
play-lh.googleusercontent.com/
23 KB
23 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/TbUocb0JtPk6X8ZnRQMILSYmKF090M9lufBjzTNq5UtL87ntkQhXS1iF_8Gly_p4Akg=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
eb10578047017db6c8839fc2bd76b7d01f38ee3af625cac0232b3e674971c013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
11831
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 23:59:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 23:59:00 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
fife
l_eSQaq1hXwp1CPOnRm_9-Mjf6naPKOHhVyX1gAFz3mnpiN22cZLuBqV3RyVbcCb7B0=w526-h296
play-lh.googleusercontent.com/
36 KB
36 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/l_eSQaq1hXwp1CPOnRm_9-Mjf6naPKOHhVyX1gAFz3mnpiN22cZLuBqV3RyVbcCb7B0=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
41bf43dbb052ddb7b26d92df27463ed5d6c74b5e00b912b6052a90db94dc7a01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10207
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:26:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:26:04 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
36519
x-xss-protection
0
server
fife
U_1Stc2X0iHmvrIJiewHCSVHAHMNJHttTux_-D-e_Ua6YyWw3Rwo2QOWhT2KUGFdCQ=w526-h296
play-lh.googleusercontent.com/
34 KB
34 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/U_1Stc2X0iHmvrIJiewHCSVHAHMNJHttTux_-D-e_Ua6YyWw3Rwo2QOWhT2KUGFdCQ=w526-h296
Requested by
Host: kqixoomnkfa.click
URL: https://kqixoomnkfa.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f22.1e100.net
Software
fife /
Resource Hash
c450d963ff82b9de4a1874df28b52276cd50f74471af96b2bc99eab50f4c5039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
9756
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 00:33:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:33:35 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
35104
x-xss-protection
0
server
fife
favicon.ico
kqixoomnkfa.click/
4 KB
1 KB
Other
General
Full URL
https://kqixoomnkfa.click/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.132.150 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0566ee8e8104709b6f8e08617d963ff06f4ef225b1bbb05b6978a52236cffc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kqixoomnkfa.click/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67505a68-10be"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8xdbwbSAAGm0dvcWtmfjeSpQu1FxlW7H5WS0%2FhPpn6o%2F%2BTImB8n%2BH22rePJX0hjrLZOWjQLI02qn2gB2JV9CA6vMdfmxSNilFc1QgnzYAFB6WeFPAvVIcwtGVjLy6Tu6QREzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8efa1327d8ad9136-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=26199&min_rtt=19198&rtt_var=15277&sent=13&recv=12&lost=0&retrans=0&sent_bytes=8288&recv_bytes=2478&delivery_rate=332284&cwnd=256&unsent_bytes=0&cid=9791336bfa04c201&ts=979&x=0"
date
Tue, 10 Dec 2024 03:16:12 GMT
content-type
image/x-icon
last-modified
Wed, 04 Dec 2024 13:34:32 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
kqixoomnkfa.click/ Name: PHPSESSID
Value: uidt7u0rts407r0sjosa35c627

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kqixoomnkfa.click
play-lh.googleusercontent.com
172.217.23.118
172.67.132.150
0594edc1dee114812102db2bddc7ecf767adb898beb014331fae518b833117d9
0959f3ea515d6e5360e3bcdc6dfb241e357fd5063bbacfee72e657578df480e6
18ae55c7dc59e286d502c0c3cade48f4c01796799e76620029b66e4358026db1
2386a4b9a9aed631b5f52990e6762765bedaf349ef4d2241ec995c541af3c808
244106e881a865aab8eca824501a6fad35fd2d2e1e2862e17b5f2dc580303d2c
278f808eda837b0a72e75f55cb0cbcf445804cc8de94631d2fdf186196501364
33ab3c3d638473996c75fd481eacbb740487349b1a9fe0fefa47c0118e0dd0f0
349a380b6d6c162d6ed450e89366599400a59acb6a82bd13a9d6caca5ed611b9
3e8f0e548208e0960d0c2c2d22033875c9e28a939e437271c78e12c9579427ed
41bf43dbb052ddb7b26d92df27463ed5d6c74b5e00b912b6052a90db94dc7a01
5271755079528b8024a00b244abbe813ef6c0830c322fb82bc711d596156ee23
6b699e2bdc0558eb299b013905c488ca90e4da4932786499745cbe8c245b3c6b
8e77c1b44f30980fa62639ab20d87f62c440fd379532cd5d22d1c94e43a37627
9e1597399240d20023f7adc20af1c6e0ef0a4c06d4fa275ac66cde54bcf8d4d9
9f0566ee8e8104709b6f8e08617d963ff06f4ef225b1bbb05b6978a52236cffc
a0f4c1e43adde5a6faccd2b369e824c1fa6831289697f642d2ff99c7fbd116b4
adc93d89c1742295709152ffd6332835b0864e21d32859019df3c01c0c36260a
bcdea83164756053f329ea1712e9299944d21cea5695c68cb8e2034cd543d71a
c36106894fa0cb9e0c5fbe42ae396d2099ff75e9a0a71ec35dcbf68ed5a2f343
c450d963ff82b9de4a1874df28b52276cd50f74471af96b2bc99eab50f4c5039
cbce9e4907dba7220e6cceb1c759c090757ccd75fc8572a84a39b62e0298e6ce
cf1e1f43da4f48d168e69c6670ce34ec4de34cb2aec1319582e4e358b8cba3a1
e2ad1c1bb40b9e765d20d4ed608c4f1d3ab2b8716ac857c97e0451251bcdd316
eb10578047017db6c8839fc2bd76b7d01f38ee3af625cac0232b3e674971c013