win.defifranc.com Open in urlscan Pro
2606:4700:10::ac43:16ca Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://win.defifranc.com/?kid=2FHJ40
Effective URL:
https://win.defifranc.com/?kid=2FHJ40
Submission: On May 26 via api (May 26th 2023, 8:54:08 am UTC) from FI — Scanned from FI

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2606:4700:10::ac43:16ca, located in United States and belongs to CLOUDFLARENET, US. The main domain is win.defifranc.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 18th 2023. Valid for: a year.

This is the only time win.defifranc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:3572	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:10:... 2606:4700:10::ac43:16ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.147.33 18.66.147.33	16509 (AMAZON-02) (AMAZON-02)
2	2a09:8280:1:d... 2a09:8280:1:d278:5448:dc98:c3db:7cb7	40509 (FLY) (FLY)
1	18.205.36.100 18.205.36.100	14618 (AMAZON-AES) (AMAZON-AES)
4	54.161.241.46 54.161.241.46	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
21	7

1 2606:4700:10::6816:3572 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

win.defifranc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::ac43:16ca (United States)

ASN13335 (CLOUDFLARENET, US)

win.defifranc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-33.fra60.r.cloudfront.net

cdn.kickoffpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a09:8280:1:d278:5448:dc98:c3db:7cb7 (United States)

ASN40509 (FLY, US)

options.kickoffpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.36.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-36-100.compute-1.amazonaws.com

api.kickofflabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.161.241.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-241-46.compute-1.amazonaws.com

leads.kickofflabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	defifranc.com 1 redirects win.defifranc.com	2 MB
5	kickofflabs.com api.kickofflabs.com — Cisco Umbrella Rank: 829106 leads.kickofflabs.com — Cisco Umbrella Rank: 840274	3 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 798 syndication.twitter.com — Cisco Umbrella Rank: 1074	132 KB
3	kickoffpages.com cdn.kickoffpages.com — Cisco Umbrella Rank: 902120 options.kickoffpages.com — Cisco Umbrella Rank: 836136	92 KB
21	4

	Domain	Requested by
11	win.defifranc.com	1 redirects win.defifranc.com
4	leads.kickofflabs.com	cdn.kickoffpages.com
2	platform.twitter.com	cdn.kickoffpages.com platform.twitter.com
2	options.kickoffpages.com	cdn.kickoffpages.com
1	syndication.twitter.com	platform.twitter.com
1	api.kickofflabs.com
1	cdn.kickoffpages.com	win.defifranc.com
21	7

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-18` - `2024-02-18`	a year	crt.sh
cdn.kickoffpages.com Amazon RSA 2048 M02	`2023-02-24` - `2023-09-05`	6 months	crt.sh
*.kickoffpages.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
api.kickofflabs.com R3	`2023-05-21` - `2023-08-19`	3 months	crt.sh
leads.kickofflabs.com R3	`2023-05-21` - `2023-08-19`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://win.defifranc.com/?kid=2FHJ40
Frame ID: E8739A869E022835F560AB1B83740540
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwin.defifranc.com
Frame ID: 227F7AB8659B1D4B2FCAC58A484474E5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Moneta

Page URL History Show full URLs

http://win.defifranc.com/?kid=2FHJ40 HTTP 301
https://win.defifranc.com/?kid=2FHJ40 Page URL

Detected technologies

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

7
Subdomains

7
IPs

1
Countries

2218 kB
Transfer

2919 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://win.defifranc.com/?kid=2FHJ40 HTTP 301
https://win.defifranc.com/?kid=2FHJ40 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
win.defifranc.com/
Redirect Chain

http://win.defifranc.com/?kid=2FHJ40
https://win.defifranc.com/?kid=2FHJ40

3 KB
996 B

226ms
139ms

Document
text/html

2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win.defifranc.com/?kid=2FHJ40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05dd969d18ee17439793777267ca0cbc59b0c80e6d2cb7d81ff9691d9d0481a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7cd4ca8b0a34d957-HEL
content-encoding: gzip
content-type: text/html
date: Fri, 26 May 2023 08:54:02 GMT
expect-ct: enforce; max-age=7776000
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
last-modified: Tue, 06 Sep 2022 16:55:24 GMT
permissions-policy: geolocation=()
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7cd4ca89cdf2376e-HEL
Connection: keep-alive
Content-Type: text/html
Date: Fri, 26 May 2023 08:54:02 GMT
Location: https://win.defifranc.com/?kid=2FHJ40
Server: cloudflare
Transfer-Encoding: chunked

GET
H/1.1 200
OK kol.js Show response
cdn.kickoffpages.com/2.1.0/ 325 KB
83 KB 214ms
63ms Script
text/javascript 18.66.147.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kickoffpages.com/2.1.0/kol.js
Requested by: Host: win.defifranc.com
URL: https://win.defifranc.com/?kid=2FHJ40
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-33.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58d38f24367314a046a75d252179432c0bc14e80dc55b21235c6ea07fcf27a06

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 08:26:45 GMT
Content-Encoding: gzip
Via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P4
Age: 1743
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 03 May 2023 20:26:49 GMT
Server: AmazonS3
ETag: W/"992603f93e63967bcb08ee84f80208b1"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
X-Amz-Cf-Id: ctH0gqbKw2FmUrL1B-fCDgV9UGG6hA-AWYmPK1PxcWL9fJ9npbBaYg==

GET
H2 200 main.423270c0.js Show response
win.defifranc.com/static/js/ 238 KB
73 KB 239ms
239ms Script
application/javascript 2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win.defifranc.com/static/js/main.423270c0.js

Requested by

Host: win.defifranc.com
URL: https://win.defifranc.com/?kid=2FHJ40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f7c84ae5d000310fee72153815205a70d088f807a5e5deade65f47cf80749dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:54:03 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Sep 2022 16:55:24 GMT
server: cloudflare
etag: W/"63177b7c-3b60d"
expect-ct: enforce; max-age=7776000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
permissions-policy: geolocation=()
cf-ray: 7cd4ca8bec55d957-HEL

GET
H2 200 main.b6f4776c.css
win.defifranc.com/static/css/ 6 KB
2 KB 153ms
152ms Stylesheet
text/css 2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win.defifranc.com/static/css/main.b6f4776c.css

Requested by

Host: win.defifranc.com
URL: https://win.defifranc.com/?kid=2FHJ40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a111f921f87b15af7d6a293aaa646c11c81311ec0b2be909b9c93cccfe995e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:54:02 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Sep 2022 16:55:24 GMT
server: cloudflare
etag: W/"63177b7c-1655"
expect-ct: enforce; max-age=7776000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
permissions-policy: geolocation=()
cf-ray: 7cd4ca8bec5bd957-HEL

GET
H2 200 moneta-by-dchf-logo.svg
win.defifranc.com/img/ 6 KB
3 KB 167ms
166ms Image
image/svg+xml 2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win.defifranc.com/img/moneta-by-dchf-logo.svg

Requested by

Host: win.defifranc.com
URL: https://win.defifranc.com/?kid=2FHJ40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e522405d5fd278e61b266dd5d7ed068abb243ef9c3ca24796810013d3a2db768

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:54:03 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Sep 2022 16:55:00 GMT
server: cloudflare
etag: W/"63177b64-1890"
expect-ct: enforce; max-age=7776000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
permissions-policy: geolocation=()
cf-ray: 7cd4ca8de9cad957-HEL

GET
H2 200 / Show response
options.kickoffpages.com/166262/ 20 KB
9 KB 430ms
429ms Fetch
application/json 2a09:8280:1:d278:5448:dc98:c3db:7cb7
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://options.kickoffpages.com/166262/

Requested by

Host: cdn.kickoffpages.com
URL: https://cdn.kickoffpages.com/2.1.0/kol.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1:d278:5448:dc98:c3db:7cb7 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fe06e9419 (2023-05-24) /

Resource Hash

55ba7846c6415dc4048a1d0df25ae88ef7b5df8318552175a59e2745b5a36a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 08:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 vegur, 2 fly.io
server: Fly/fe06e9419 (2023-05-24)
fly-request-id: 01H1BM7NRJ81H5GTTS0KBG8HMF-fra
x-fly-region: fra
content-type: application/json
access-control-allow-origin: *

OPTIONS
H2 200 /
options.kickoffpages.com/166262/ Frame 0
0 578ms
449ms Preflight
text/html 2a09:8280:1:d278:5448:dc98:c3db:7cb7
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://options.kickoffpages.com/166262/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1:d278:5448:dc98:c3db:7cb7 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fe06e9419 (2023-05-24) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://win.defifranc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type, Accept
access-control-allow-origin: *
allow: GET, OPTIONS
content-length: 0
content-security-policy: default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'
content-type: text/html;charset=utf-8
date: Fri, 26 May 2023 08:54:03 GMT
fly-request-id: 01H1BM7NAKPH26V4GF1KQ2NY4Y-fra
k-id: 11
k-protect: on
referrer-policy: no-referrer-when-downgrade
server: Fly/fe06e9419 (2023-05-24)
strict-transport-security: max-age=15552000;
via: 1.1 vegur, 2 fly.io
x-content-type-options: nosniff
x-fly-region: fra
x-xss-protection: 1; mode=block

GET
H2 200 frame.ea93dcf3383f0a2ce938.png
win.defifranc.com/static/media/ 498 KB
498 KB 204ms
204ms Image
image/png 2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win.defifranc.com/static/media/frame.ea93dcf3383f0a2ce938.png

Requested by

Host: win.defifranc.com
URL: https://win.defifranc.com/static/css/main.b6f4776c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

816685725214ff7e7849b3b83345589e3a198756e7fe4393e4949e5ace06ad3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:54:03 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
content-length: 509695
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Sep 2022 16:55:24 GMT
server: cloudflare
etag: "63177b7c-7c6ff"
expect-ct: enforce; max-age=7776000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
permissions-policy: geolocation=()
accept-ranges: bytes
cf-ray: 7cd4ca8e09f7d957-HEL

GET
H2 200 MenaGrotesk-Bold.f1b5515d738bef86bb19.ttf
win.defifranc.com/static/media/ 307 KB
307 KB 240ms
239ms Font
application/octet-stream 2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win.defifranc.com/static/media/MenaGrotesk-Bold.f1b5515d738bef86bb19.ttf

Requested by

Host: win.defifranc.com
URL: https://win.defifranc.com/static/css/main.b6f4776c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

239b8d92833bb1437381aa7a7dae50d89684c277223b08b3c63df5fefe4eaae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://win.defifranc.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:54:03 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
content-length: 314160
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Sep 2022 16:55:24 GMT
server: cloudflare
etag: "63177b7c-4cb30"
expect-ct: enforce; max-age=7776000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
permissions-policy: geolocation=()
accept-ranges: bytes
cf-ray: 7cd4ca8e0a00d957-HEL

GET
H2 200 MenaGrotesk-Regular.b5ee545b1026aff80910.ttf
win.defifranc.com/static/media/ 276 KB
277 KB 253ms
253ms Font
application/octet-stream 2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win.defifranc.com/static/media/MenaGrotesk-Regular.b5ee545b1026aff80910.ttf

Requested by

Host: win.defifranc.com
URL: https://win.defifranc.com/static/css/main.b6f4776c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c5ec64c075196d4c36877daafd449380a7aacca42eabbd8099aef1ae67f19f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://win.defifranc.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:54:03 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
content-length: 283104
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Sep 2022 16:55:24 GMT
server: cloudflare
etag: "63177b7c-451e0"
expect-ct: enforce; max-age=7776000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
permissions-policy: geolocation=()
accept-ranges: bytes
cf-ray: 7cd4ca8e0a02d957-HEL

GET
H2 200 MenaGrotesk-Medium.d124efa6db11820801fe.ttf
win.defifranc.com/static/media/ 279 KB
280 KB 240ms
239ms Font
application/octet-stream 2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win.defifranc.com/static/media/MenaGrotesk-Medium.d124efa6db11820801fe.ttf

Requested by

Host: win.defifranc.com
URL: https://win.defifranc.com/static/css/main.b6f4776c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a0cfe39b58de54735c2a41369c7028255ca29e50aee5a57571f7dc0782c2066

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://win.defifranc.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:54:03 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
content-length: 285864
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Sep 2022 16:55:24 GMT
server: cloudflare
etag: "63177b7c-45ca8"
expect-ct: enforce; max-age=7776000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
permissions-policy: geolocation=()
accept-ranges: bytes
cf-ray: 7cd4ca8e0a04d957-HEL

GET
H2 200 MenaGrotesk-Light.308457d3ffaee63c91bc.ttf
win.defifranc.com/static/media/ 275 KB
275 KB 239ms
238ms Font
application/octet-stream 2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win.defifranc.com/static/media/MenaGrotesk-Light.308457d3ffaee63c91bc.ttf

Requested by

Host: win.defifranc.com
URL: https://win.defifranc.com/static/css/main.b6f4776c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a592c497945df3b5cfeb256a8751775026e432513268b3bb37dd52da5fef20d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://win.defifranc.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:54:03 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
content-length: 281276
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Sep 2022 16:55:24 GMT
server: cloudflare
etag: "63177b7c-44abc"
expect-ct: enforce; max-age=7776000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
permissions-policy: geolocation=()
accept-ranges: bytes
cf-ray: 7cd4ca8e0a09d957-HEL

GET
H2 200 MenaGrotesk-Book.d394d1b890b82b6ec361.ttf
win.defifranc.com/static/media/ 274 KB
275 KB 213ms
213ms Font
application/octet-stream 2606:4700:10::ac43:16ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win.defifranc.com/static/media/MenaGrotesk-Book.d394d1b890b82b6ec361.ttf

Requested by

Host: win.defifranc.com
URL: https://win.defifranc.com/static/css/main.b6f4776c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:16ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

550983fd767f74c22fa74f9bb18c5b732f50aac5a6f95533a0e91868edbe8815

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://win.defifranc.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:54:03 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
content-length: 281064
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Sep 2022 16:55:24 GMT
server: cloudflare
etag: "63177b7c-449e8"
expect-ct: enforce; max-age=7776000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
feature-policy: camera 'none'; fullscreen 'self'; geolocation 'none'; microphone 'none'
permissions-policy: geolocation=()
accept-ranges: bytes
cf-ray: 7cd4ca8e0a0cd957-HEL

GET
H/1.1 200
OK a4064127-13f6-4698-b4d9-f2ab7163c939
api.kickofflabs.com/stats/b/ 35 B
271 B 445ms
140ms Image
image/gif 18.205.36.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.kickofflabs.com/stats/b/a4064127-13f6-4698-b4d9-f2ab7163c939?rid=4d96360e-9971-4348-8c7c-d7c70306a5d3&uid=9294631e-2213-416e-b13d-a9da0ef46869&sid=fcc4ef1c-5733-4db0-ac9e-fd0f5ef57a09&kid=2FHJ40&url=https%3A%2F%2Fwin.defifranc.com%2F%3Fkid%3D2FHJ40&lid=166262&language=en-US&&source=koljs&if=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.205.36.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-36-100.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 08:54:04 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 May 2023 17:49:09 GMT
Server: Cowboy
Content-Type: image/gif
Connection: keep-alive
Content-Length: 35

GET
H/1.1 200
OK 9294631e-2213-416e-b13d-a9da0ef46869 Show response
leads.kickofflabs.com/anon/166262/ 464 B
1 KB 147ms
147ms Fetch
application/json 54.161.241.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://leads.kickofflabs.com/anon/166262/9294631e-2213-416e-b13d-a9da0ef46869

Requested by

Host: cdn.kickoffpages.com
URL: https://cdn.kickoffpages.com/2.1.0/kol.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-241-46.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

d2ee366a459a67312ef8cf173cb6266c32930147e358c4402562936a8862a9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

Date: Fri, 26 May 2023 08:54:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 vegur
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 0
X-Request-Id: d0f32597-fa04-4af8-8c34-72d3af35eadc
Pragma: no-cache
X-Runtime: 0.008849
Referrer-Policy: strict-same-origin
Server: Cowboy
Etag: W/"95327092b8c72e15778fb2c22ca216d8"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Access-Control-Max-Age: 1728000
Vary: Accept-Encoding
Expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK 9294631e-2213-416e-b13d-a9da0ef46869
leads.kickofflabs.com/anon/166262/ Frame 0
0 455ms
140ms Preflight
text/plain 54.161.241.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://leads.kickofflabs.com/anon/166262/9294631e-2213-416e-b13d-a9da0ef46869

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-241-46.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://win.defifranc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Requested-With, X-Prototype-Version, Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/plain; charset=utf-8
Date: Fri, 26 May 2023 08:54:03 GMT
Etag: W/"4b272281d8ea89754c1cb1aed4cc4db5"
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Referrer-Policy: strict-same-origin
Server: Cowboy
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 37dbc8b4-0b94-49f7-ad41-689bceab72ff
X-Runtime: 0.003147
X-Xss-Protection: 0

GET
H/1.1 200
OK 2FHJ40 Show response
leads.kickofflabs.com/lead/166262/ 847 B
1 KB 160ms
157ms Fetch
application/json 54.161.241.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://leads.kickofflabs.com/lead/166262/2FHJ40

Requested by

Host: cdn.kickoffpages.com
URL: https://cdn.kickoffpages.com/2.1.0/kol.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-241-46.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

cf56fa1989fa65c3b326b17a4fa91eae469f2f7f4569c0d72534f19b5e43c81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

Date: Fri, 26 May 2023 08:54:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 vegur
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 0
X-Request-Id: fe8f2c9c-c59f-4dd1-a29a-acf8b8c9caa6
Pragma: no-cache
X-Runtime: 0.019936
Referrer-Policy: strict-same-origin
Server: Cowboy
Etag: W/"51a60889a724c8ad02d4c312b0023e1f"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Access-Control-Max-Age: 1728000
Vary: Accept-Encoding
Expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK 2FHJ40
leads.kickofflabs.com/lead/166262/ Frame 0
0 142ms
141ms Preflight
text/plain 54.161.241.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://leads.kickofflabs.com/lead/166262/2FHJ40

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-241-46.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://win.defifranc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Requested-With, X-Prototype-Version, Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/plain; charset=utf-8
Date: Fri, 26 May 2023 08:54:04 GMT
Etag: W/"4b272281d8ea89754c1cb1aed4cc4db5"
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Referrer-Policy: strict-same-origin
Server: Cowboy
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: ef81a1da-5c72-4b80-969c-b3209f0d2b3a
X-Runtime: 0.002816
X-Xss-Protection: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 134ms
37ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cdn.kickoffpages.com
URL: https://cdn.kickoffpages.com/2.1.0/kol.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F709) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 08:54:05 GMT
Content-Encoding: gzip
Age: 931
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (ska/F709)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 227F 320 KB
104 KB 37ms
37ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwin.defifranc.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F709) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2373706
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Fri, 26 May 2023 08:54:05 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 227F 869 B
658 B 281ms
158ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=01a3fb75f0450d619d23c1f63af5b3dc61bb0ea9

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwin.defifranc.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 103
date: Fri, 26 May 2023 08:54:04 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 26 May 2023 08:54:05 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 580c9a645d88976d
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: c148d58101f0518c647f501f64619a0274bc48571b8c7d660d1fc8ab616ed292
content-length: 337

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
win.defifranc.com/	1970-01-20 21:40:51	Name: kola.166262 Value: 9294631e-2213-416e-b13d-a9da0ef46869
win.defifranc.com/	1969-12-31 23:59:59	Name: kola.166262.session Value: fcc4ef1c-5733-4db0-ac9e-fd0f5ef57a09
win.defifranc.com/	1970-01-20 21:40:51	Name: kola.166262.social_id Value: 2FHJ40

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: geolocation. Values defined in Permissions-Policy header will be used.
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://win.defifranc.com/?kid=2FHJ40 Message: <link rel=preload> has an unsupported `type` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.kickofflabs.com
cdn.kickoffpages.com
leads.kickofflabs.com
options.kickoffpages.com
platform.twitter.com
syndication.twitter.com
win.defifranc.com
104.244.42.72
18.205.36.100
18.66.147.33
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:3572
2606:4700:10::ac43:16ca
2a09:8280:1:d278:5448:dc98:c3db:7cb7
54.161.241.46
05dd969d18ee17439793777267ca0cbc59b0c80e6d2cb7d81ff9691d9d0481a3
0a0cfe39b58de54735c2a41369c7028255ca29e50aee5a57571f7dc0782c2066
0f7c84ae5d000310fee72153815205a70d088f807a5e5deade65f47cf80749dc
239b8d92833bb1437381aa7a7dae50d89684c277223b08b3c63df5fefe4eaae7
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
550983fd767f74c22fa74f9bb18c5b732f50aac5a6f95533a0e91868edbe8815
55ba7846c6415dc4048a1d0df25ae88ef7b5df8318552175a59e2745b5a36a47
58d38f24367314a046a75d252179432c0bc14e80dc55b21235c6ea07fcf27a06
816685725214ff7e7849b3b83345589e3a198756e7fe4393e4949e5ace06ad3e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c5ec64c075196d4c36877daafd449380a7aacca42eabbd8099aef1ae67f19f8
a111f921f87b15af7d6a293aaa646c11c81311ec0b2be909b9c93cccfe995e72
a592c497945df3b5cfeb256a8751775026e432513268b3bb37dd52da5fef20d0
cf56fa1989fa65c3b326b17a4fa91eae469f2f7f4569c0d72534f19b5e43c81f
d2ee366a459a67312ef8cf173cb6266c32930147e358c4402562936a8862a9cb
e522405d5fd278e61b266dd5d7ed068abb243ef9c3ca24796810013d3a2db768

win.defifranc.com Open in urlscan Pro 2606:4700:10::ac43:16ca Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

50 %IPv6

4 Domains

7 Subdomains

7 IPs

1 Countries

2218 kBTransfer

2919 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

21 Console Messages

Security Headers

Indicators

win.defifranc.com Open in urlscan Pro
2606:4700:10::ac43:16ca Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

7
Subdomains

7
IPs

1
Countries

2218 kB
Transfer

2919 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions