bee8c965.kickoffpages.com Open in urlscan Pro
23.23.253.193 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bee8c965.kickoffpages.com/
Submission: On March 30 via manual (March 30th 2021, 11:16:52 am UTC) from IN

Summary HTTP 22 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 22 HTTP transactions. The main IP is 23.23.253.193, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bee8c965.kickoffpages.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 12th 2020. Valid for: 2 years.

This is the only time bee8c965.kickoffpages.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	23.23.253.193 23.23.253.193	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	52.85.114.11 52.85.114.11	16509 (AMAZON-02) (AMAZON-02)
2	13.226.159.88 13.226.159.88	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:218... 2600:9000:2182:3a00:6:4afb:9140:93a1	16509 (AMAZON-02) (AMAZON-02)
5	52.217.93.68 52.217.93.68	16509 (AMAZON-02) (AMAZON-02)
1	54.243.120.192 54.243.120.192	14618 (AMAZON-AES) (AMAZON-AES)
2	54.235.185.216 54.235.185.216	14618 (AMAZON-AES) (AMAZON-AES)
22	10

3 23.23.253.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-253-193.compute-1.amazonaws.com

bee8c965.kickoffpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
options.kickoffpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.114.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-114-11.hel50.r.cloudfront.net

d1y0v6ricksqp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-88.dus51.r.cloudfront.net

cdn.kickoffpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:3a00:6:4afb:9140:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.mcauto-images-production.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.217.93.68 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

marketing-image-production.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.120.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-120-192.compute-1.amazonaws.com

api.kickofflabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.235.185.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-185-216.compute-1.amazonaws.com

leads.kickofflabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	amazonaws.com marketing-image-production.s3.amazonaws.com	8 KB
5	kickoffpages.com bee8c965.kickoffpages.com cdn.kickoffpages.com options.kickoffpages.com	139 KB
4	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	23 KB
3	kickofflabs.com api.kickofflabs.com leads.kickofflabs.com	2 KB
3	sendgrid.net cdn.mcauto-images-production.sendgrid.net	63 KB
1	cloudfront.net d1y0v6ricksqp.cloudfront.net	11 KB
1	googleapis.com fonts.googleapis.com	739 B
22	7

	Domain	Requested by
5	marketing-image-production.s3.amazonaws.com	bee8c965.kickoffpages.com
3	cdn.mcauto-images-production.sendgrid.net	bee8c965.kickoffpages.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	leads.kickofflabs.com	cdn.kickoffpages.com
2	options.kickoffpages.com	cdn.kickoffpages.com
2	cdn.kickoffpages.com	bee8c965.kickoffpages.com
1	api.kickofflabs.com
1	d1y0v6ricksqp.cloudfront.net	bee8c965.kickoffpages.com
1	fonts.googleapis.com	bee8c965.kickoffpages.com
1	kit.fontawesome.com	bee8c965.kickoffpages.com
1	bee8c965.kickoffpages.com
22	11

This site contains links to these domains. Also see Links.

Domain
sidneygsne.xyz
www.facebook.com
twitter.com
instagram.com
pinterest.com
linkedin.com
kickofflabs.com

Subject Issuer	Validity	Valid
*.kickoffpages.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-06-12`	2 years	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
cdn.kickoffpages.com Amazon	`2020-10-04` - `2021-11-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-13` - `2021-10-12`	a year	crt.sh
cdn.mcauto-images-production.sendgrid.net Amazon	`2020-07-16` - `2021-08-16`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.kickofflabs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://bee8c965.kickoffpages.com/
Frame ID: 35A627BB342196F0FB95289AF3D570FA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Page Statistics

22
Requests

100 %
HTTPS

40 %
IPv6

7
Domains

11
Subdomains

10
IPs

2
Countries

246 kB
Transfer

679 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://sidneygsne.xyz/Mil/Priv8/Priv8/index.html
Title: View Document

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/
Title:

Search URL Search Domain Scan URL

URL: https://linkedin.com/
Title:

Search URL Search Domain Scan URL

URL: https://kickofflabs.com/?utm_source=kickofflabs&utm_term=customer_164898&utm_medium=bar&utm_content=powered%2Blp%2Bby&utm_campaign=branding
Title: Powered by KickoffLabs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bee8c965.kickoffpages.com/ 47 KB
47 KB 633ms
174ms Document
text/html 23.23.253.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bee8c965.kickoffpages.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.253.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-253-193.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

a478a9408bf9d83f7beea2aa7bd59e8800ad9a4491c6ee7fc7274e2f8cae7853

Security Headers

Name	Value
Content-Security-Policy	default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: bee8c965.kickoffpages.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Cowboy
Date: Tue, 30 Mar 2021 11:16:34 GMT
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=15552000;
K-Protect: on
K-Id: 11
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Length: 47654
Via: 1.1 vegur

GET
H2 200 4d24be3fdc.js Show response
kit.fontawesome.com/ 11 KB
4 KB 51ms
34ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/4d24be3fdc.js

Requested by

Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

771954590aef702d686f04cc09458587bfb76309912e47f02e213c57a0b6dcf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:16:35 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; preload
cf-request-id: 092472995e00004a7969af7000000001
x-request-id: Fm7IJY1rUc3tYgsAAnsB
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 6380ed3bcb7f4a79-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 css
fonts.googleapis.com/ 4 KB
739 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:400&display=swap

Requested by

Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 11:16:35 GMT
server: ESF
date: Tue, 30 Mar 2021 11:16:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 11:16:35 GMT

GET
H/1.1 200
OK bootstrap.min.css
d1y0v6ricksqp.cloudfront.net/css/bootstrap/3.4.1_simple/ 56 KB
11 KB 223ms
68ms Stylesheet
text/css 52.85.114.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1y0v6ricksqp.cloudfront.net/css/bootstrap/3.4.1_simple/bootstrap.min.css
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.114.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-114-11.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2246212770d7ee65ae37c08cf280be33a1cf5a1fe0409d5aac3ae8a964907ce9

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:46:52 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 03 Apr 2020 10:15:09 GMT
Server: AmazonS3
Age: 37784
ETag: W/"e0ff97da4feada5cdc71e2df2060b4c3"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 5ffe5df2b6c8f15be82e79251546b54a.cloudfront.net (CloudFront)
Cache-Control: max-age=43200
Transfer-Encoding: chunked
X-Amz-Cf-Pop: HEL50-C2
X-Amz-Cf-Id: xvO1GVHASyMGmzE1IhfCT_acXTVy1ycf6CoEK_IxcngYbQ_SNMx-gg==

GET
H/1.1 200
OK kickofflabs.css
cdn.kickoffpages.com/droppable_theme_styles/1.2/ 157 KB
24 KB 201ms
62ms Stylesheet
text/css 13.226.159.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kickoffpages.com/droppable_theme_styles/1.2/kickofflabs.css
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-88.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae194939ebfc37e77eca6cf7da71f3bf5faf91b0dbc1a93fdc09f8c1ca85781d

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 10:55:40 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 22 Mar 2021 17:32:52 GMT
Server: AmazonS3
Age: 1600
ETag: W/"59bfa226a0d74eea2c4f00c774684723"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: h-yaZiV8D93NXasHgt0bNczgNwJerKuvCvex_wIS-c_qfsgcrc2ZKw==

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 59 KB
13 KB 21ms
20ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=4d24be3fdc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4d24be3fdc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:16:35 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 61437
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 092472998900004e613392b000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dSkBYrZ%2FLJRbqoyXzQ7rSrAS8uHKB4DncezevV%2BK7RCa%2BnLO69R75lqIPXufrHHcAyRjusmyS1othoV%2Fa4i1EM3XragFOuXElDLKudItbL55FCto4bN3oGVA7Yb5PttV3g%3D%3D"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA56-C2
cf-ray: 6380ed3c08024e61-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: n-LVGYf_0nGPof7Vqi-4ZXLFtqalKxzHVJVbYm7CpLs0Ry_vYePqaQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 26 KB
4 KB 30ms
29ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=4d24be3fdc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4d24be3fdc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:16:35 GMT
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5d.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 61437
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 092472998700004e618c2d3000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=slcqGqOj%2Br7xNB1lXB0fku58%2FH9i114pL7psgn9u%2FP3QZbeX4XO1NGDB7UQTmgVf1ZpGQEBcAT%2BjEX3ZDAUVoNEMPZrr0bqX4v%2BTF4Ybur%2FECr6IK5Lq%2FXqI310wvkR91Q%3D%3D"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA56-C2
cf-ray: 6380ed3c08044e61-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: pMWxwQymc1ex1U4rt_viJBXX-dwoZm7H480pjoizna-pt55QZRWz4A==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 3 KB
1 KB 20ms
19ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=4d24be3fdc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4d24be3fdc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:16:35 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 61437
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 092472998700004e6190b22000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VYYJu3Yiro%2BFFjXcgSwdYskbgPKUMzElhzl0J7cI9XhYit47y4PFwpyAPA7YnM11%2BsgvbyhQB5MMMofVYpd7eklinKzn1XD0ImWubkj4HhbEs66sPiSQzG%2BO8Cbn6gYRIA%3D%3D"}],"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA56-C2
cf-ray: 6380ed3c08054e61-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: FwqxeP40gCafjF0ltCCetdbhAb_Zee_x-IAVRX-Yk79bS-aj_OihjQ==

GET
H2 200 469x107.png
cdn.mcauto-images-production.sendgrid.net/07d9ac8cc71e2271/ef118e0f-126b-4dce-bb7e-15870d850db0/ 5 KB
5 KB 462ms
432ms Image
binary/octet-stream 2600:9000:2182:3a00:6:4afb:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mcauto-images-production.sendgrid.net/07d9ac8cc71e2271/ef118e0f-126b-4dce-bb7e-15870d850db0/469x107.png
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3a00:6:4afb:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cee502c5b67f76895134d68fd3a23374dc9b57e32ca42b72855ae5e33a541097

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dbKZ8T6OUnndv7UdcLBnYGZQ6X27akD1
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jan 2020 23:51:27 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "b606619de32829fa1725ae31a828ea39"
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
date: Tue, 30 Mar 2021 11:16:37 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 4893
x-amz-cf-id: Zv-7Up9ijJqnxrPH1NKSBClORCbiGSAXyLHvm0mRw0NfP7ghhQJERw==

GET
H2 200 466x288.png
cdn.mcauto-images-production.sendgrid.net/07d9ac8cc71e2271/fee04730-2e11-46f8-a27c-9d6fa89b1d97/ 48 KB
48 KB 437ms
407ms Image
binary/octet-stream 2600:9000:2182:3a00:6:4afb:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mcauto-images-production.sendgrid.net/07d9ac8cc71e2271/fee04730-2e11-46f8-a27c-9d6fa89b1d97/466x288.png
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3a00:6:4afb:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 035ffda1f12b59c12b3e8e702cf98d555634e088dacc3d4d6f836290ffe92cfc

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: ZErvJ_UVaEUDBjnvXRlrAbbJlyFj17Hh
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
last-modified: Mon, 02 Nov 2020 14:11:31 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "d4213d403e8deefbf0bf8a4e5e38541b"
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
date: Tue, 30 Mar 2021 11:16:37 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 48872
x-amz-cf-id: 2ijnaDsGdxhXCQlTAj2GYEAfyHbqMhmmZAFxtRPvBRhj81ek6EFs_w==

GET
H2 200 149x87.png
cdn.mcauto-images-production.sendgrid.net/07d9ac8cc71e2271/2ca8985f-8769-4456-b98c-94a807c1ea45/ 9 KB
9 KB 428ms
403ms Image
binary/octet-stream 2600:9000:2182:3a00:6:4afb:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mcauto-images-production.sendgrid.net/07d9ac8cc71e2271/2ca8985f-8769-4456-b98c-94a807c1ea45/149x87.png
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3a00:6:4afb:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad759fa2c31b5d717c304d14567cf436338b054b247bc10bdc736b394944d463

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: pnEc7x5oeC5aqHzby9UOWOAqyta4t0W0
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
last-modified: Mon, 02 Nov 2020 14:14:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "270ddaed1302ac2fd6e7319ffdb02f7c"
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
date: Tue, 30 Mar 2021 11:16:37 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 9010
x-amz-cf-id: nqvC7J1FMlFgn7p4iZhtsSGLFmAniHejm1lkq9wYUIIKE5uCOqmn_Q==

GET
H/1.1 200
OK facebook.png
marketing-image-production.s3.amazonaws.com/social/white/ 746 B
1 KB 526ms
140ms Image
image/png 52.217.93.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketing-image-production.s3.amazonaws.com/social/white/facebook.png
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.93.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 40d145934118f5fa7dc39207d3f63992143bcd74d58f54ef0837b321df072029

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 11:16:37 GMT
Last-Modified: Tue, 29 Dec 2015 21:55:05 GMT
Server: AmazonS3
x-amz-request-id: MYP85G9F6ERXDK2K
ETag: "1818ac1941f85157cf5c049321b59e8a"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 746
x-amz-id-2: HGzIwNyDSlyeoghZItVJ3rpLkNxEqbyo1XKtfq8Kf1ZKAX7hKiPOBJ7yU29UqYTqm/VmbntRRqU=

GET
H/1.1 200
OK twitter.png
marketing-image-production.s3.amazonaws.com/social/white/ 1 KB
2 KB 533ms
142ms Image
image/png 52.217.93.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketing-image-production.s3.amazonaws.com/social/white/twitter.png
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.93.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 31cd010d4129451a24e7a27700c8602fa695f7dc3e57f7189418e17c18605d2b

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 11:16:37 GMT
Last-Modified: Tue, 29 Dec 2015 21:55:07 GMT
Server: AmazonS3
x-amz-request-id: MYPDVZG9M2PDCGQD
ETag: "4e54386509b2a7881627dde6e50a5eb8"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 1389
x-amz-id-2: s1aB9/jlOeppPYF5p6K1PTonIspQCptrbPEes0U7O14+K0tLKqPaTzLP6ftYMu7NYUIspzaZFXY=

GET
H/1.1 200
OK instagram.png
marketing-image-production.s3.amazonaws.com/social/white/ 1 KB
2 KB 542ms
143ms Image
image/png 52.217.93.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketing-image-production.s3.amazonaws.com/social/white/instagram.png
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.93.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0154369b7faddde0dd9042555d53afab09935a99d1e4c035ba6dab3ba91e1728

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 11:16:37 GMT
Last-Modified: Tue, 29 Dec 2015 21:55:06 GMT
Server: AmazonS3
x-amz-request-id: MYP7TEN40JDRCVWY
ETag: "c1fb933d57b4122893734f136176860a"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 1289
x-amz-id-2: XJ6iY2r0XUVhQIDB0ynC34sw4bMVc2vPRbTSTnxpxDYXplrRyUZDUcGyeG53HYARDmhMv4zgtoc=

GET
H/1.1 200
OK pinterest.png
marketing-image-production.s3.amazonaws.com/social/white/ 2 KB
2 KB 543ms
143ms Image
image/png 52.217.93.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketing-image-production.s3.amazonaws.com/social/white/pinterest.png
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.93.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a6007bc753977879bb74f610f4c193eb5ac81648b8de4e0582554017c1ba1791

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 11:16:37 GMT
Last-Modified: Tue, 29 Dec 2015 21:55:06 GMT
Server: AmazonS3
x-amz-request-id: MYP8GK52ZXSSN1X8
ETag: "de120ffa43278ad99c946d56727c3f44"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 2057
x-amz-id-2: K6jjg2m/YqN7WhXyoxUcVlwxXGv6O6H7wKzmVW0/kGpGQhOZdWoQAHkZG6Rg4QcQGB3emlGO01A=

GET
H/1.1 200
OK linkedin.png
marketing-image-production.s3.amazonaws.com/social/white/ 1 KB
1 KB 545ms
143ms Image
image/png 52.217.93.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketing-image-production.s3.amazonaws.com/social/white/linkedin.png
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.93.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d83af247def45828af6233ddafc93309bd81d5c64817a66b24e8b9ed572123ee

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 11:16:37 GMT
Last-Modified: Tue, 15 Mar 2016 18:17:18 GMT
Server: AmazonS3
x-amz-request-id: MYPFYCZXNK8Q91RS
ETag: "cf25ec9b79612be7393ffb8251fdfc26"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 1062
x-amz-id-2: azBGLrDmob3LkXjrF+qN+OBWN97NEgZxeGQDZzDWn03aHCe3w4MDQi04/gXp2YK1UGiEv19eXDM=

GET
H/1.1 200
OK kol.js Show response
cdn.kickoffpages.com/2.0.0/ 248 KB
68 KB 75ms
59ms Script
text/javascript 13.226.159.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kickoffpages.com/2.0.0/kol.js
Requested by: Host: bee8c965.kickoffpages.com
URL: https://bee8c965.kickoffpages.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-88.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a397ddd187e22cfae68c5ef7fa8c870e4625c548f5af4f4f8f04ea1de8e130d7

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 11:11:39 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 30 Mar 2021 00:05:02 GMT
Server: AmazonS3
Age: 486
ETag: W/"3d80d41bcf75a03ae0f73510628b7c78"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: ymA-S8GcBcAwf77CrJ3HGDKxkm3L4eRd8d2YmuZEf4xuQyHAx6hvTQ==

GET
H/1.1 404
Not Found / Show response
options.kickoffpages.com/148312/ 59 B
537 B 156ms
156ms Fetch
text/html 23.23.253.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://options.kickoffpages.com/148312/

Requested by

Host: cdn.kickoffpages.com
URL: https://cdn.kickoffpages.com/2.0.0/kol.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.253.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-253-193.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e9e2c23858043dd0a2de1358fa1f7d939984a675e097e7a29b27a2d2c6373223

Security Headers

Name	Value
Content-Security-Policy	default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

Date: Tue, 30 Mar 2021 11:16:36 GMT
Via: 1.1 vegur
Referrer-Policy: no-referrer-when-downgrade
Server: Cowboy
Strict-Transport-Security: max-age=15552000;
K-Id: 11
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
X-Xss-Protection: 1; mode=block
K-Protect: on
Content-Security-Policy: default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'
Connection: keep-alive
Content-Length: 59
X-Content-Type-Options: nosniff

OPTIONS
H/1.1 200
OK /
options.kickoffpages.com/148312/ 0
0 560ms
148ms Preflight
text/html 23.23.253.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://options.kickoffpages.com/148312/

Protocol

HTTP/1.1

Server

23.23.253.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-253-193.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bee8c965.kickoffpages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Date: Tue, 30 Mar 2021 11:16:36 GMT
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Allow: GET, OPTIONS
Access-Control-Allow-Headers: Authorization, Content-Type, Accept
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=15552000;
K-Protect: on
K-Id: 11
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Length: 0
Via: 1.1 vegur

GET
H/1.1 200
OK 2d531d40-2ac8-4b0d-85da-8b5360ca1166
api.kickofflabs.com/stats/b/ 35 B
271 B 589ms
144ms Image
image/gif 54.243.120.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.kickofflabs.com/stats/b/2d531d40-2ac8-4b0d-85da-8b5360ca1166?rid=7f69a1cf-0a1a-4840-b618-63263f8fc304&uid=2019a4ba-edb0-43ae-9528-a2de621c4f73&sid=0a63f828-2ab0-4f72-98e1-4878cdd2dfba&url=https%3A%2F%2Fbee8c965.kickoffpages.com%2F&lid=148312&language=en-US&%5Bcustom%5Dtheme=rewards_program_droppable&%5Bcustom%5DpageType=single_page&source=koljs.335740&if=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.120.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-120-192.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 11:16:36 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 17:57:56 GMT
Server: Cowboy
Content-Type: image/gif
Connection: keep-alive
Content-Length: 35

GET
H/1.1 200
OK 2019a4ba-edb0-43ae-9528-a2de621c4f73 Show response
leads.kickofflabs.com/anon/148312/ 448 B
1 KB 196ms
195ms Fetch
application/json 54.235.185.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://leads.kickofflabs.com/anon/148312/2019a4ba-edb0-43ae-9528-a2de621c4f73

Requested by

Host: cdn.kickoffpages.com
URL: https://cdn.kickoffpages.com/2.0.0/kol.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.235.185.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-235-185-216.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

a731032ebf2f7baab700b3d6e99be26b2f26c6561e983233b384b2c21671ab1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://bee8c965.kickoffpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

Date: Tue, 30 Mar 2021 11:16:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
X-Xss-Protection: 0
X-Request-Id: 74c58dd1-015f-443d-ac8d-bdd87532e7f1
X-Runtime: 0.058920
Referrer-Policy: strict-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"c05920fbf2fa7d07f713497de6bc492b"
X-Download-Options: noopen
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Via: 1.1 vegur
Cache-Control: max-age=0, private, must-revalidate

OPTIONS
H/1.1 200
OK 2019a4ba-edb0-43ae-9528-a2de621c4f73
leads.kickofflabs.com/anon/148312/ 0
0 596ms
149ms Preflight
text/plain 54.235.185.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://leads.kickofflabs.com/anon/148312/2019a4ba-edb0-43ae-9528-a2de621c4f73

Protocol

HTTP/1.1

Server

54.235.185.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-235-185-216.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bee8c965.kickoffpages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Date: Tue, 30 Mar 2021 11:16:36 GMT
Connection: keep-alive
X-Xss-Protection: 0
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: X-Requested-With, X-Prototype-Version, Content-Type
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
Etag: W/"cbe3c4c828c43d63a128de3f3a0ecaca"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 4017d228-370e-4e4e-a7c2-5ee9443e64b4
X-Runtime: 0.007917
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 vegur

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://cdn.kickoffpages.com/2.0.0/kol.js(Line 1) Message: Not Found (404)
console-api	warning	URL: https://cdn.kickoffpages.com/2.0.0/kol.js(Line 1) Message: PAGE: Error looking up Configuration: Not Found (404)
console-api	warning	URL: https://cdn.kickoffpages.com/2.0.0/kol.js(Line 1) Message: PAGE: Configuration could not be loaded. Using defaults where possible
console-api	log	URL: https://cdn.kickoffpages.com/2.0.0/kol.js(Line 1) Message: Contest forms powered by KickoffLabs. Learn more at https://kickofflabs.com.
console-api	warning	URL: https://cdn.kickoffpages.com/2.0.0/kol.js(Line 1) Message: PAGE: ContestBox skipped, no valid configuration

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: wss: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.kickofflabs.com
bee8c965.kickoffpages.com
cdn.kickoffpages.com
cdn.mcauto-images-production.sendgrid.net
d1y0v6ricksqp.cloudfront.net
fonts.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
leads.kickofflabs.com
marketing-image-production.s3.amazonaws.com
options.kickoffpages.com
13.226.159.88
23.23.253.193
2600:9000:2182:3a00:6:4afb:9140:93a1
2606:4700::6812:1634
2606:4700:e6::ac40:cb1c
2a00:1450:4001:828::200a
52.217.93.68
52.85.114.11
54.235.185.216
54.243.120.192
0154369b7faddde0dd9042555d53afab09935a99d1e4c035ba6dab3ba91e1728
035ffda1f12b59c12b3e8e702cf98d555634e088dacc3d4d6f836290ffe92cfc
1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87
2246212770d7ee65ae37c08cf280be33a1cf5a1fe0409d5aac3ae8a964907ce9
31cd010d4129451a24e7a27700c8602fa695f7dc3e57f7189418e17c18605d2b
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
40d145934118f5fa7dc39207d3f63992143bcd74d58f54ef0837b321df072029
771954590aef702d686f04cc09458587bfb76309912e47f02e213c57a0b6dcf9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a397ddd187e22cfae68c5ef7fa8c870e4625c548f5af4f4f8f04ea1de8e130d7
a478a9408bf9d83f7beea2aa7bd59e8800ad9a4491c6ee7fc7274e2f8cae7853
a6007bc753977879bb74f610f4c193eb5ac81648b8de4e0582554017c1ba1791
a731032ebf2f7baab700b3d6e99be26b2f26c6561e983233b384b2c21671ab1a
ad759fa2c31b5d717c304d14567cf436338b054b247bc10bdc736b394944d463
ae194939ebfc37e77eca6cf7da71f3bf5faf91b0dbc1a93fdc09f8c1ca85781d
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
cee502c5b67f76895134d68fd3a23374dc9b57e32ca42b72855ae5e33a541097
d83af247def45828af6233ddafc93309bd81d5c64817a66b24e8b9ed572123ee
e9e2c23858043dd0a2de1358fa1f7d939984a675e097e7a29b27a2d2c6373223

bee8c965.kickoffpages.com Open in urlscan Pro 23.23.253.193 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

40 %IPv6

7 Domains

11 Subdomains

10 IPs

2 Countries

246 kBTransfer

679 kBSize

0 Cookies

7 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

22 JavaScript Global Variables

0 Cookies

5 Console Messages

Security Headers

Indicators

bee8c965.kickoffpages.com Open in urlscan Pro
23.23.253.193 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

40 %
IPv6

7
Domains

11
Subdomains

10
IPs

2
Countries

246 kB
Transfer

679 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!