andromeda.see2kometa.com Open in urlscan Pro
172.67.12.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kometacasino252.com/
Effective URL:
https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-reg...
Submission Tags: @phish_report
Submission: On December 12 via api (December 12th 2024, 10:51:03 pm UTC) from FI — Scanned from FI

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 172.67.12.105, located in United States and belongs to CLOUDFLARENET, US. The main domain is andromeda.see2kometa.com.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.

This is the only time andromeda.see2kometa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.139.51 172.67.139.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.59.252 104.21.59.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.12.105 172.67.12.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	3

1 172.67.139.51 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kometacasino252.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.59.252 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spangle-flight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.12.105 (United States)

ASN13335 (CLOUDFLARENET, US)

andromeda.see2kometa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	see2kometa.com andromeda.see2kometa.com	62 KB
2	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 3147	16 KB
1	spangle-flight.com 1 redirects spangle-flight.com	901 B
1	kometacasino252.com 1 redirects kometacasino252.com	7 KB
9	4

	Domain	Requested by
5	andromeda.see2kometa.com	andromeda.see2kometa.com
2	challenges.cloudflare.com	andromeda.see2kometa.com challenges.cloudflare.com
1	spangle-flight.com	1 redirects
1	kometacasino252.com	1 redirects
9	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
see2kometa.com WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
challenges.cloudflare.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo
Frame ID: 3C03808F52DC61E09AFA4F7B1D658EBA
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/ourwe/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 58E071BEB7F69A79316F3920E790AAA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pieni hetki...

Page URL History Show full URLs

https://kometacasino252.com/ HTTP 302
https://spangle-flight.com/sf401a345 HTTP 302
https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long... Page URL

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

78 kB
Transfer

178 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kometacasino252.com/ HTTP 302
https://spangle-flight.com/sf401a345 HTTP 302
https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

Primary Request / Show response
andromeda.see2kometa.com/
Redirect Chain

https://kometacasino252.com/
https://spangle-flight.com/sf401a345
https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo

12 KB
9 KB

484ms
64ms

Document
text/html

172.67.12.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.12.105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2422dd255ea4c7b7a5050b6e5c10ae9cd4186078fbe01a7830b661b74dd83747

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: cEh3I7xELYMbYTPVr1zQL3qDK09i2HmvB1DSqpj80m7rHCew/qxWhQmWhERUULqE3lvT5VQz6RBaTWi67ouaB+8QqSmfbSge9yGMFhIA6kV1OcKPSNmhJxX/6ixAYiL5PxeBoUmU+SCiCuIUoiFnRA==$joaAKR7nmoJ7tquFYz8omw==
cf-mitigated: challenge
cf-ray: 8f1146c85ee28d7d-HEL
content-encoding: br
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 12 Dec 2024 22:50:59 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f1146c4ba0a06d6-AMS
content-type: text/html; charset=utf-8
date: Thu, 12 Dec 2024 22:50:58 GMT
location: https://Andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BP%2FjfCC3UnnKp5%2B3rVdwPVhl%2FPShtwsHnewAaoLMLV4zoUAhNKDSjDwfztPfJJgbb9LXdJGmLh%2FhiZpeFy0NkB3SdzHjY4Z6e%2FqmNAGYBffTtQL5LoUqNGt%2FukmMyLPcTQnLYfE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=71140&min_rtt=70905&rtt_var=15163&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4241&recv_bytes=4477&delivery_rate=8208&cwnd=12000&unsent_bytes=0&cid=3d9522b199acf71b&ts=169&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=15724800; includeSubDomains max-age=31536000
vary: Accept-Encoding

GET
H2 200 v1 Show response
andromeda.see2kometa.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 95 KB
36 KB 75ms
75ms Script
application/javascript 172.67.12.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andromeda.see2kometa.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f1146c85ee28d7d
Requested by: Host: andromeda.see2kometa.com
URL: https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.12.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f427e831eeb1c565c24e0a80189fa66302357cb736d98f6ba0d8c920fc6c42

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo&__cf_chl_rt_tk=uJ7fx9s7xqIwYPTzS.F0QfG6XjmN.7nyzDnfGWqMcqI-1734043859-1.0.1.1-JSsn62CUMGf1prBKXzLsJiSnkiro42Renq0IHNZcrJA

Response headers

cf-ray: 8f1146c8ef5b8d7d-HEL
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
date: Thu, 12 Dec 2024 22:50:59 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare

GET b27d34b4-d98f-4cb8-9d9d-c24f3081405d
https://andromeda.see2kometa.com/ Frame 0
0

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/ 47 KB
16 KB 774ms
71ms Script
application/javascript 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Requested by: Host: andromeda.see2kometa.com
URL: https://andromeda.see2kometa.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f1146c85ee28d7d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://andromeda.see2kometa.com
Referer

Response headers

cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8f1146cdbcac8db3-HEL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 22:51:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 03 Dec 2024 18:31:41 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 403 favicon.ico
andromeda.see2kometa.com/ 3 KB
3 KB 54ms
54ms Image
text/html 172.67.12.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andromeda.see2kometa.com/favicon.ico

Requested by

Host: andromeda.see2kometa.com
URL: https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.12.105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ea13e185a2846059dc0f973147bce007c677188325aed0d59c2786691b2580c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-content-options: nosniff
date: Thu, 12 Dec 2024 22:50:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: BqX0FBL82As7bhywAtgkpXtVobwVPrCLKn8OxJzYXJgg1xJPHrLb0Yjgy5hRB8QAOQpOeUziW0KuZmZlwHihlFZj0gZ1wu/NF+yedB24kEYdDm5gHzqWZ9M4D2G/t1GCUWnA77r+XZLtjV+V1DLzqw==$ZGeU80vzgquKJm0vRm+tXw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8f1146c95fb68d7d-HEL
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

POST
H2 200 C1NfP9KniWxHXIM5Lvyb3z5UtgeF8plyd7mtljCIQqs-1734043859-1.2.1.1-2OOMJOopoEPKPVyM041vI2zcigNVp1tL4lcweIN.Mrjw6zC..Hcd5vSzXg0IYHRw Show response
andromeda.see2kometa.com/cdn-cgi/challenge-platform/h/g/flow/ov1/81455600:1734020727:fqbOsUtMzpjLZUCMCs77U2T9iSDI0nvtb-Arm5GUSqk/8f1146c85ee28d7d/ 13 KB
9 KB 258ms
257ms XHR
text/plain 172.67.12.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andromeda.see2kometa.com/cdn-cgi/challenge-platform/h/g/flow/ov1/81455600:1734020727:fqbOsUtMzpjLZUCMCs77U2T9iSDI0nvtb-Arm5GUSqk/8f1146c85ee28d7d/C1NfP9KniWxHXIM5Lvyb3z5UtgeF8plyd7mtljCIQqs-1734043859-1.2.1.1-2OOMJOopoEPKPVyM041vI2zcigNVp1tL4lcweIN.Mrjw6zC..Hcd5vSzXg0IYHRw
Requested by: Host: andromeda.see2kometa.com
URL: https://andromeda.see2kometa.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f1146c85ee28d7d
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.12.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9f923c3deae77ddf79c2229b07b7702829eb37c6d2b559375ce2abb0a6fde4

Request headers

Referer: https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo
CF-Chl-RetryAttempt: 0
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded
CF-Challenge: C1NfP9KniWxHXIM5Lvyb3z5UtgeF8plyd7mtljCIQqs-1734043859-1.2.1.1-2OOMJOopoEPKPVyM041vI2zcigNVp1tL4lcweIN.Mrjw6zC..Hcd5vSzXg0IYHRw

Response headers

cf-ray: 8f1146cb39288d7d-HEL
content-encoding: br
date: Thu, 12 Dec 2024 22:50:59 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 8Zoe9chQ5iTramRIfghXyqHSNRn7q45oSekLVjShFjiZSeVwopvUgfXkhgq0T6DS0hp5HtlNBXI=$RIEJjJsx3uKlre/s
server: cloudflare

GET ecdc0e4f-2b95-49ef-9ceb-30b85c1af6e4
https://andromeda.see2kometa.com/ Frame 0
0

GET
H2 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/ourwe/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 58E0 0
0 766ms
62ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/ourwe/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8f1146d2ac1a8dda-HEL
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 22:51:00 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H2 403 favicon.ico
andromeda.see2kometa.com/ 9 KB
6 KB 56ms
56ms Other
text/html 172.67.12.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://andromeda.see2kometa.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.12.105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f6b72888cbf0f5d33c2732f485ba12892b6e0211469db806d1b623ed80d2a9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-content-options: nosniff
date: Thu, 12 Dec 2024 22:51:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yAO08yNLOdtEtQgwTuGMBTzlIBS+u29227o5zas4IPbJv8oGB+ev+A++tS5QhzdL9ZtyRnXtOhyzwKF7K+Ms+THipYXkcRHQzVnndKoRH2ZbkYUNRHpwXOw9PfmtwXovvsP0texnHrhKfhX93jwqQQ==$Xt2Q/hjAtXV04E4+KD3Qfw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8f1146d3b8178d7d-HEL
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: andromeda.see2kometa.com
URL: blob:https://andromeda.see2kometa.com/b27d34b4-d98f-4cb8-9d9d-c24f3081405d

Domain: andromeda.see2kometa.com
URL: blob:https://andromeda.see2kometa.com/ecdc0e4f-2b95-49ef-9ceb-30b85c1af6e4

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			spangle-flight.com/	1970-01-21 02:23:55	Name: 0a2d643bfd24a028cd23 Value: 675b68d2759a3ad6bc5bc9ea

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://andromeda.see2kometa.com/?stag=110987_675b68d2759a3ad6bc5bc9ea&promo=&tags=type-redirector%2Creg-long-code%2Ctemplate-regform%2Caction-no%2Cpath-promo Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://andromeda.see2kometa.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://andromeda.see2kometa.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andromeda.see2kometa.com
challenges.cloudflare.com
kometacasino252.com
spangle-flight.com
andromeda.see2kometa.com
104.18.94.41
104.21.59.252
172.67.12.105
172.67.139.51
02f427e831eeb1c565c24e0a80189fa66302357cb736d98f6ba0d8c920fc6c42
2422dd255ea4c7b7a5050b6e5c10ae9cd4186078fbe01a7830b661b74dd83747
5ea13e185a2846059dc0f973147bce007c677188325aed0d59c2786691b2580c
6d9f923c3deae77ddf79c2229b07b7702829eb37c6d2b559375ce2abb0a6fde4
8f6b72888cbf0f5d33c2732f485ba12892b6e0211469db806d1b623ed80d2a9b
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

andromeda.see2kometa.com Open in urlscan Pro 172.67.12.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

78 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

78 kBTransfer

178 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

1 Cookies

3 Console Messages

Security Headers

Indicators

andromeda.see2kometa.com Open in urlscan Pro
172.67.12.105 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

78 kB
Transfer

178 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions