urlscan.io logo urlscan.io
SecurityTrails logo

install.xdefi.io Open in urlscan Pro
172.67.68.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go.xdefi.io/cryptolush
Effective URL: https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
Submission: On January 09 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 172.67.68.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is install.xdefi.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2023. Valid for: a year.
This is the only time install.xdefi.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 172.67.68.48 13335 (CLOUDFLAR...)
1 104.16.56.101 13335 (CLOUDFLAR...)
3 99.86.8.175 16509 (AMAZON-02)
10 4
Apex Domain
Subdomains		 Transfer
6 xdefi.io
go.xdefi.io
install.xdefi.io
85 KB
3 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2979
11 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1429
7 KB
0 segment.io Failed
api.segment.io Failed
10 4
Domain Requested by
5 install.xdefi.io install.xdefi.io
static.cloudflareinsights.com
3 cdn.segment.com install.xdefi.io
cdn.segment.com
1 static.cloudflareinsights.com install.xdefi.io
1 go.xdefi.io 1 redirects
0 api.segment.io Failed install.xdefi.io
10 5

This site contains no links.

Subject Issuer Validity Valid
xdefi.io
Cloudflare Inc ECC CA-3		 2023-08-08 -
2024-08-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
Frame ID: 2FC37FADE90B9BD99BDBC87A2153692C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Install XDEFI

Page URL History Show full URLs

  1. https://go.xdefi.io/cryptolush HTTP 302
    https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_camp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

103 kB
Transfer

316 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.xdefi.io/cryptolush HTTP 302
    https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
install.xdefi.io/
Redirect Chain
  • https://go.xdefi.io/cryptolush
  • https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
945 B
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f392cd2ac30f3b842ad8918a985bbc9a6b305bf6d16b1eae30c12d88f434ce53

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

age
27076
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
842e1cd10ec55699-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 16:38:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUy7aswtXGYxrgp%2FgeDrpzZLh3vS2DQRwdSuGEpGDJsqvn6kXo0VINyNCUqUyyHGYHSuedyj86A46hTDwtrC0wL9NLWNRWKYWzteJ%2FDhLXwa4b3i4%2B3XyFnZHMJLozckTUY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-nf-request-id
01HKQHEFQJCWKGEJZFW6V94KJ2

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
842e1cce49715699-OSL
content-length
0
date
Tue, 09 Jan 2024 16:38:46 GMT
location
https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbZv7aHp28yxqr3zfRTsS43eBqO6%2BQ3UiB9TiN9QVr32gI%2BqUo7Ponc50nNmybeh3yaKmJaTCOOs3dIRzZ5QOkAM3OvTTuAMdc4olY9oTVY3QLaudOjZxa7hUdMT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-ratelimit-limit
100
x-ratelimit-remaining
100
x-ratelimit-reset
1704818340
main.4b2f3c2d.js
install.xdefi.io/static/js/ 		239 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://install.xdefi.io/static/js/main.4b2f3c2d.js
Requested by
Host: install.xdefi.io
URL: https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09934f608bdec7cf90f3460eb18cdd96d96152ef0a55afb627126b902382e7da

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nf-request-id
01HKQEM7THYS5FVSDTFPMYX2ZM
date
Tue, 09 Jan 2024 16:38:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"3e01f74db9cc91c4cc86f3450892c4d0-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV7UMgwbjo%2BVEtvs8tmP4aXnZqAWEr38XXVDhegp5svFCsmL302PxpMXfJV5JIlUJqQiA0uQxj3I9Pmz4V9ErJNPjL%2FASVk4zSfXVbSN26owcENyqb1YiIipjh%2BwPV2Rzhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800, must-revalidate
cf-ray
842e1cd34ac45699-OSL
alt-svc
h3=":443"; ma=86400
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: install.xdefi.io
URL: https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://install.xdefi.io/
Origin
https://install.xdefi.io
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 16:38:48 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
842e1cd878900a34-ARN
settings
cdn.segment.com/v1/projects/APaFGDu7eLZw6tJz2pTuracy1bSRZqPx/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/APaFGDu7eLZw6tJz2pTuracy1bSRZqPx/settings
Requested by
Host: install.xdefi.io
URL: https://install.xdefi.io/static/js/main.4b2f3c2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa333a39e5f6d5ff82514c93037ff1135918597d08564d7317ded764c069967e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://install.xdefi.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
pDwAHZm4dbSLy0QZOKd97otTh714C95r
content-encoding
br
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
date
Tue, 09 Jan 2024 16:24:23 GMT
x-amz-cf-pop
FRA6-C1
age
894
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 17 Oct 2023 19:33:53 GMT
server
AmazonS3
etag
W/"a10e1723acedea3030111b4c3423237f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
1bgXPoGfSs_OnjVXyCcEdbBY02fIAsWo16vDzktlo7390TTCTEjU2g==
rum
install.xdefi.io/cdn-cgi/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://install.xdefi.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 09 Jan 2024 16:38:48 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://install.xdefi.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
842e1cdb090d5699-OSL
ajs-destination.6a9f4140.chunk.js
install.xdefi.io/static/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://install.xdefi.io/static/js/ajs-destination.6a9f4140.chunk.js
Requested by
Host: install.xdefi.io
URL: https://install.xdefi.io/static/js/main.4b2f3c2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cab634820ba52d7d929fc1b6f90ce05712b1622dff922bd3cb2a6d50b9709033

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nf-request-id
01HKMATBVWQQR7CD6AYT3RFCR1
date
Tue, 09 Jan 2024 16:38:49 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"16c688e9873cfb0495f416382a3889d0-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AurP%2BMw%2BSVoDViKQqizERz3K0sxm2nZyvhG15bXA7m04cdZEBW2zvrJB0U6X%2F4FnKh3vOWmMFVDbDLPNvgFFOK7eMfnoMPs%2BM8%2B%2BkogXvp8jcSibTsz5CpcWsMKKN%2FsUWCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800, must-revalidate
cf-ray
842e1cdc5c715699-OSL
alt-svc
h3=":443"; ma=86400
schemaFilter.16722d9a.chunk.js
install.xdefi.io/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://install.xdefi.io/static/js/schemaFilter.16722d9a.chunk.js
Requested by
Host: install.xdefi.io
URL: https://install.xdefi.io/static/js/main.4b2f3c2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b794c1ddb1fcc628ca0ad023cb2392e2632dfa36d1a2813a204f1512460868ac

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://install.xdefi.io/?xdefi_id=cryptolush&xdefi_source=reflink&xdefi_medium=influencer&xdefi_campaign=influencer&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nf-request-id
01HKKZQV8V4DD4VJ5EZ0GT5VSR
date
Tue, 09 Jan 2024 16:38:49 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"82e2e4d6e436ccebde6f02098767f4e6-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHxRx%2FBEooendv7S0YGnUiorrEe0ogIbd4jYab2CIDi6aGi7Gbb5VLhYfdQP3xG%2Ff%2FuDItw9tFbZqlaS5bX7GaGbfHNenk%2BZwWF5g57K1TbulxgxsBmq11JvDdeZ%2BLM5%2BRM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800, must-revalidate
cf-ray
842e1cde4a415699-OSL
alt-svc
h3=":443"; ma=86400
a34a371cbfe602dec23c.js
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/amplitude-plugins/a34a371cbfe602dec23c.js
Requested by
Host: install.xdefi.io
URL: https://install.xdefi.io/static/js/main.4b2f3c2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff189b7232ea907669cf4baaa0021acb799dcc2c8fe3b6ed0faa90c22229944

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://install.xdefi.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 22:23:35 GMT
x-amz-version-id
2G8TH4PlueUXyY_FNvPZHu31h5B8t8.6
content-encoding
br
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
65715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 04 Dec 2023 18:51:00 GMT
server
AmazonS3
etag
W/"49546ead7dacae87d94f26ad378d2425"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
l7MvqHb9rHXg7grDR_4HJ7avhB_AxKV0EicQ5RXNJ5G896gd1o1eBQ==
b0eab045596385f932c0.js
cdn.segment.com/next-integrations/actions/962/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/962/b0eab045596385f932c0.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/a34a371cbfe602dec23c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
659bf6fd03ae6ef2baabe1ec8bb4073f9834ea694254bc78f8839589a4eeb285

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://install.xdefi.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
zk9rxxlqKCjHbsFrMYTC7R6tXRM31okT
content-encoding
br
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
date
Mon, 08 Jan 2024 20:51:56 GMT
x-amz-cf-pop
FRA6-C1
age
71216
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 04 Dec 2023 18:50:59 GMT
server
AmazonS3
etag
W/"566a0711c9f794ab81f9adf75b9544ce"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
kSHnjnmOz59Rixxv8RUgJpK8FkQZgwNL0b_Yie4Ki_DxhuhKsAvDuA==
i
api.segment.io/v1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.segment.io
URL
https://api.segment.io/v1/i

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunkxdefi_redirect object| __cfBeacon object| webpackChunkDestination function| amplitude-pluginsDestination

7 Cookies

Domain/Path Name / Value
install.xdefi.io/ Name: userId
Value: 9a3c54ba-4230-4bea-9d82-a996093c2a93
install.xdefi.io/ Name: medium
Value: influencer
install.xdefi.io/ Name: source
Value: reflink
install.xdefi.io/ Name: campaign
Value: influencer
install.xdefi.io/ Name: id
Value: cryptolush
.xdefi.io/ Name: ajs_user_id
Value: 9a3c54ba-4230-4bea-9d82-a996093c2a93
.xdefi.io/ Name: ajs_anonymous_id
Value: f2403ef8-b74f-4c5a-8a99-80cc2e90cc8d