iq-play.ffeleven.com Open in urlscan Pro
34.36.169.173 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592
Submission Tags: falconsandbox
Submission: On October 28 via api (October 28th 2024, 11:37:57 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 34.36.169.173, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is iq-play.ffeleven.com.
TLS certificate: Issued by WR3 on September 23rd 2024. Valid for: 3 months.

This is the only time iq-play.ffeleven.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	34.36.169.173 34.36.169.173	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.111.123.130 34.111.123.130	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.110.176.164 34.110.176.164	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
19	6

12 34.36.169.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.169.36.34.bc.googleusercontent.com

iq-play.ffeleven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.123.130 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 130.123.111.34.bc.googleusercontent.com

apis.ffeleven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.110.176.164 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 164.176.110.34.bc.googleusercontent.com

test.ffeleven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ffeleven.com iq-play.ffeleven.com apis.ffeleven.com test.ffeleven.com	3 MB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 6169	29 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	28 KB
19	4

	Domain	Requested by
12	iq-play.ffeleven.com	iq-play.ffeleven.com
2	apis.ffeleven.com	iq-play.ffeleven.com
2	fonts.googleapis.com	iq-play.ffeleven.com client
1	test.ffeleven.com
1	pro.fontawesome.com	iq-play.ffeleven.com
1	cdn.jsdelivr.net	iq-play.ffeleven.com
19	6

This site contains no links.

Subject Issuer	Validity	Valid
iq-play.ffeleven.com WR3	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
apis.ffeleven.com WR3	`2024-09-26` - `2024-12-25`	3 months	crt.sh
test.ffeleven.com WR3	`2024-10-21` - `2025-01-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592
Frame ID: C28DE5326A90623A0C7849E28C4D2BB5
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ffeleven

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

3487 kB
Transfer

4056 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
iq-play.ffeleven.com/ 2 KB
3 KB 258ms
165ms Document
text/html 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 26bc02a38ea5974428886442a6cfbf153d115410ab25a0344376fa0fe39406a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2529
content-type: text/html
date: Mon, 28 Oct 2024 11:37:50 GMT
etag: "671208fd-9e1"
last-modified: Fri, 18 Oct 2024 07:06:37 GMT
server: Google Frontend
via: 1.1 google
x-cloud-trace-context: d75ea526af8381f9714f486cae0a5f34

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ 227 KB
28 KB 190ms
71ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css

Requested by

Host: iq-play.ffeleven.com
URL: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age: 414053
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wtfgfl67QFFNgvOmBNU6KxXkjMjF8nU8dqvvSu08PH9jpnjLo%2F10d3NSbF59ZaTNVLRgHwfbhLPSM9xyF4gLTFYycUxTrl7Zlys8L3eYf18f7m80FDu7GM0pK3Zzqg8Y%2B%2BrzUwrfaM05HDglXgs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Mon, 28 Oct 2024 11:37:50 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230088-FRA, cache-lga21982-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9aa2dad8da9ba6-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27424
server: cloudflare
x-jsd-version: 5.3.0

GET
H2 200 css
fonts.googleapis.com/ 794 B
840 B 167ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: iq-play.ffeleven.com
URL: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a619c7ffa7d48d0a2901958b94251ccf03df56d451086b23af37adc84ed00fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 11:37:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 11:37:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 28 Oct 2024 10:02:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.10.0/css/ 153 KB
29 KB 834ms
714ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by: Host: iq-play.ffeleven.com
URL: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://iq-play.ffeleven.com
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

access-control-max-age: 3000
cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: MISS
etag: W/"aa1272633e7e552395d147a499bad186"
access-control-allow-methods: GET
x-amz-request-id: YXKZKWWGVWZ9PBDX
cf-ray: 8d9aa2daddd25d93-FRA
access-control-allow-origin: *
date: Mon, 28 Oct 2024 11:37:51 GMT
content-type: text/css
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
server: cloudflare
last-modified: Mon, 28 Jun 2021 16:54:32 GMT
x-amz-id-2: 6h6jgJh4XAY4G0NX0FV7psypYe7plpUH/J9o5XIxcEUXgvcnMgZIkqkOU423WKRoP1VPYDoix01EGjlT3tWmTj1X2uSrAeCV8Jx0Zd6wuVg=

GET
H2 200 ffstars.prod.1729235143281.js Show response
iq-play.ffeleven.com/ 2 MB
2 MB 205ms
204ms Script
application/javascript 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iq-play.ffeleven.com/ffstars.prod.1729235143281.js
Requested by: Host: iq-play.ffeleven.com
URL: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 9e86308ac63f551f795e1033288b480683c9b22d9568a7c3945206aaa02ec936

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

cache-control: public,max-age=3600
etag: "671208fc-190547"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1639751
date: Mon, 28 Oct 2024 11:37:50 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
x-cloud-trace-context: 7e9352eb58641f9e48f0f27c4d84cb4d

GET
H3 200 icon.png
iq-play.ffeleven.com/assets/images/ 70 KB
70 KB 163ms
161ms Image
image/png 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iq-play.ffeleven.com/assets/images/icon.png
Requested by: Host: iq-play.ffeleven.com
URL: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 277799002e328582e4d3bb650f8980800f430847e0f0fc57f7d1970687120ead

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

cache-control: public,max-age=3600
etag: "671208fc-1161f"
age: 0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71199
date: Mon, 28 Oct 2024 11:37:51 GMT
x-cloud-trace-context: 59bfedaf4fc5d8ee8d58ad728f9f5787
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
content-type: image/png

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
855 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Commissioner:wght@400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc8eebea92984556d00b06b4db6d16f13be90baca7c3d353bd4dcef4b79a23a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 11:37:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 11:37:51 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 28 Oct 2024 11:37:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 4a7d59f898225cc2f2e7.ttf
iq-play.ffeleven.com/ 180 KB
180 KB 170ms
170ms Font
application/octet-stream 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iq-play.ffeleven.com/4a7d59f898225cc2f2e7.ttf
Requested by: Host: iq-play.ffeleven.com
URL: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6d00aa5531c8b8ba0934de7925985c6636c99fbc89b4c9f79629fb4a9067654f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://iq-play.ffeleven.com
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

etag: "671208fc-2d08c"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184460
date: Mon, 28 Oct 2024 11:37:51 GMT
content-type: application/octet-stream
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
x-cloud-trace-context: 244bbc7e7612a724462e7e926ea606d4

GET
H3 200 logo_ff.png
iq-play.ffeleven.com/assets/images/ 9 KB
9 KB 181ms
172ms Image
image/png 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iq-play.ffeleven.com/assets/images/logo_ff.png
Requested by: Host: iq-play.ffeleven.com
URL: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: dd863b20f8aa84a6d19a01a79bd921fa9fada406bb67a10d03eda0c45b325830

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

cache-control: public,max-age=3600
etag: "671208fc-22be"
age: 0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8894
date: Mon, 28 Oct 2024 11:37:51 GMT
x-cloud-trace-context: 33939adeb67bc8bd725013b99da5c90c
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
content-type: image/png

GET
H2 200 get_leagues Show response
apis.ffeleven.com/game/web_portal/ 643 B
730 B 203ms
202ms XHR
application/json 34.111.123.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.ffeleven.com/game/web_portal/get_leagues?operator_code=ZAIN_IRAQ

Requested by

Host: iq-play.ffeleven.com
URL: https://iq-play.ffeleven.com/ffstars.prod.1729235143281.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.123.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

130.123.111.34.bc.googleusercontent.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

20d02a05a889a87a1f9403ef9eea618c08441b52b3d8d6a86c53ad488938c66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592
device-type: web
auth-token
API-KEY: ffa13cd9-670a-4698-b844-576b7881f941
app-version: 1
device-id: 123
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

x-content-type-options: nosniff
referrer-policy: same-origin
via: 1.1 google
access-control-allow-origin: https://iq-play.ffeleven.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
date: Mon, 28 Oct 2024 11:37:51 GMT
content-type: application/json
vary: Origin
server: nginx/1.14.0 (Ubuntu)
x-frame-options: DENY

OPTIONS
H2 200 get_leagues
apis.ffeleven.com/game/web_portal/ 0
0 310ms
165ms Preflight
text/html 34.111.123.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.ffeleven.com/game/web_portal/get_leagues?operator_code=ZAIN_IRAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.123.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

130.123.111.34.bc.googleusercontent.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,app-version,auth-token,device-id,device-type
Access-Control-Request-Method: GET
Origin: https://iq-play.ffeleven.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, auth-token, device-id, app-version, device-type, api-key, host-name
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://iq-play.ffeleven.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 28 Oct 2024 11:37:51 GMT
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H3 200 673ed42382ab264e0bf5.ttf
iq-play.ffeleven.com/ 153 KB
153 KB 200ms
199ms Font
application/octet-stream 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iq-play.ffeleven.com/673ed42382ab264e0bf5.ttf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://iq-play.ffeleven.com
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

etag: "671208fc-26368"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156520
date: Mon, 28 Oct 2024 11:37:51 GMT
content-type: application/octet-stream
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
x-cloud-trace-context: 763a2752edda105fff87e3529206bf17

GET
H3 200 favicon.ico
iq-play.ffeleven.com/ 242 KB
242 KB 482ms
481ms Other
image/x-icon 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iq-play.ffeleven.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: d818e18db64521f6abce582a305b8537e2827e531e1c63090009a77ff14762d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

cache-control: public,max-age=3600
etag: "671208fd-3c78b"
age: 1
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247691
date: Mon, 28 Oct 2024 11:37:51 GMT
x-cloud-trace-context: 34cb94ee799b66a414682d9e5332ace1
last-modified: Fri, 18 Oct 2024 07:06:37 GMT
server: Google Frontend
content-type: image/x-icon

GET
H3 200 ac8d04b620e54be9b0f0.ttf
iq-play.ffeleven.com/ 152 KB
152 KB 177ms
172ms Font
application/octet-stream 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iq-play.ffeleven.com/ac8d04b620e54be9b0f0.ttf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://iq-play.ffeleven.com
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

etag: "671208fc-25e60"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155232
date: Mon, 28 Oct 2024 11:37:52 GMT
content-type: application/octet-stream
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
x-cloud-trace-context: 75c3deae5d569ae2c212b08193b0f9cb

GET
H3 200 372d58a9bf10285baebe.ttf
iq-play.ffeleven.com/ 25 KB
25 KB 184ms
183ms Font
application/octet-stream 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iq-play.ffeleven.com/372d58a9bf10285baebe.ttf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 66043cef20c68c6f5b2117395ee75691344b2d4d37c3814c79031f676ff68c76

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://iq-play.ffeleven.com
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

etag: "671208fc-62a8"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25256
date: Mon, 28 Oct 2024 11:37:52 GMT
content-type: application/octet-stream
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
x-cloud-trace-context: cc9c25d98d1723a84dfb7a98d79ba676

GET
H3 200 Brazil_new.png
iq-play.ffeleven.com/assets/images/ 64 KB
64 KB 165ms
163ms Image
image/png 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iq-play.ffeleven.com/assets/images/Brazil_new.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 9efa01fd70e8e769a58fb11ec2488f17cfa6eebf22937dee3c58ee069c266862

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

cache-control: public,max-age=3600
etag: "671208fc-101c6"
age: 0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65990
date: Mon, 28 Oct 2024 11:37:52 GMT
x-cloud-trace-context: cbe659897d9d0829b9fc588ccd79b012
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
content-type: image/png

GET
H3 200 close-up-football-action-scene-with-competing-soccer-players-stadium.png
iq-play.ffeleven.com/assets/images/ 838 KB
839 KB 175ms
173ms Image
image/png 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iq-play.ffeleven.com/assets/images/close-up-football-action-scene-with-competing-soccer-players-stadium.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1457bfdcd3fb8e3837868cdc2ac7f4b4e8851495025a4c11860130836a738608

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

cache-control: public,max-age=3600
etag: "671208fc-d19ff"
age: 0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 858623
date: Mon, 28 Oct 2024 11:37:52 GMT
x-cloud-trace-context: 0e1ad7fb67f3452a72708d285f220041
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
content-type: image/png

GET
H2 200 england.png
test.ffeleven.com/assets/images/ 89 KB
89 KB 671ms
202ms Image
image/png 34.110.176.164
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test.ffeleven.com/assets/images/england.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.176.164 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 164.176.110.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 0a7298a4e8047b16ca74c0bb92de7fdedc98885ad3b85e7f196245f82bc902e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

cache-control: public,max-age=3600
etag: "671208fc-16312"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90898
date: Mon, 28 Oct 2024 11:37:52 GMT
content-type: image/png
last-modified: Fri, 18 Oct 2024 07:06:36 GMT
server: Google Frontend
x-cloud-trace-context: 91811653fb844c7ca3191f3f95f6385a

GET
H3 200 favicon.ico
iq-play.ffeleven.com/ 242 KB
0 0ms
0ms Other
image/x-icon 34.36.169.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iq-play.ffeleven.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.169.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.169.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: d818e18db64521f6abce582a305b8537e2827e531e1c63090009a77ff14762d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592

Response headers

cache-control: public,max-age=3600
etag: "671208fd-3c78b"
age: 1
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247691
date: Mon, 28 Oct 2024 11:37:51 GMT
x-cloud-trace-context: 34cb94ee799b66a414682d9e5332ace1
last-modified: Fri, 18 Oct 2024 07:06:37 GMT
server: Google Frontend
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592 Message: Mixed Content: The page at 'https://iq-play.ffeleven.com/?user_public_id=27676392-7a2f-4ba4-af5c-bb1757941592' was loaded over HTTPS, but requested an insecure element 'http://test.ffeleven.com/assets/images/england.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.ffeleven.com
cdn.jsdelivr.net
fonts.googleapis.com
iq-play.ffeleven.com
pro.fontawesome.com
test.ffeleven.com
2606:4700:4400::ac40:93bc
2606:4700::6812:bb1f
2a00:1450:4001:82f::200a
34.110.176.164
34.111.123.130
34.36.169.173
0a7298a4e8047b16ca74c0bb92de7fdedc98885ad3b85e7f196245f82bc902e9
1457bfdcd3fb8e3837868cdc2ac7f4b4e8851495025a4c11860130836a738608
20d02a05a889a87a1f9403ef9eea618c08441b52b3d8d6a86c53ad488938c66f
248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36
26bc02a38ea5974428886442a6cfbf153d115410ab25a0344376fa0fe39406a8
277799002e328582e4d3bb650f8980800f430847e0f0fc57f7d1970687120ead
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
66043cef20c68c6f5b2117395ee75691344b2d4d37c3814c79031f676ff68c76
6d00aa5531c8b8ba0934de7925985c6636c99fbc89b4c9f79629fb4a9067654f
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e
9e86308ac63f551f795e1033288b480683c9b22d9568a7c3945206aaa02ec936
9efa01fd70e8e769a58fb11ec2488f17cfa6eebf22937dee3c58ee069c266862
a619c7ffa7d48d0a2901958b94251ccf03df56d451086b23af37adc84ed00fe9
d818e18db64521f6abce582a305b8537e2827e531e1c63090009a77ff14762d4
dd863b20f8aa84a6d19a01a79bd921fa9fada406bb67a10d03eda0c45b325830
fc8eebea92984556d00b06b4db6d16f13be90baca7c3d353bd4dcef4b79a23a7

iq-play.ffeleven.com Open in urlscan Pro 34.36.169.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

50 %IPv6

4 Domains

6 Subdomains

6 IPs

2 Countries

3487 kBTransfer

4056 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

iq-play.ffeleven.com Open in urlscan Pro
34.36.169.173 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

3487 kB
Transfer

4056 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions