urlscan.io logo urlscan.io
SecurityTrails logo

go.referralcandy.com Open in urlscan Pro
52.74.5.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portal.referralcandy.com/VHZ3MFQ/share_redirect?location=reminder_email&message_id=559442201&type=referral_link_email_click
Effective URL: https://go.referralcandy.com/share/6T2C7XG
Submission: On June 29 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 18 HTTP transactions. The main IP is 52.74.5.11, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is go.referralcandy.com.
TLS certificate: Issued by Amazon on February 4th 2020. Valid for: a year.
This is the only time go.referralcandy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.220.4.156 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-4-156.ap-southeast-1.compute.amazonaws.com
portal.referralcandy.com
5    52.74.5.11 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-5-11.ap-southeast-1.compute.amazonaws.com
nogglenation.refr.cc
go.referralcandy.com
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
4    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.224.102.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-90.zrh50.r.cloudfront.net
cdn.referralcandy.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
4 cdnjs.cloudflare.com go.referralcandy.com
3 go.referralcandy.com go.referralcandy.com
2 connect.facebook.net go.referralcandy.com
connect.facebook.net
2 fonts.gstatic.com go.referralcandy.com
2 use.fontawesome.com go.referralcandy.com
2 nogglenation.refr.cc 2 redirects
1 www.facebook.com go.referralcandy.com
1 cdn.referralcandy.com go.referralcandy.com
1 www.googletagmanager.com go.referralcandy.com
1 www.google-analytics.com go.referralcandy.com
1 fonts.googleapis.com go.referralcandy.com
1 portal.referralcandy.com 1 redirects
18 12

This site contains no links.

Subject Issuer Validity Valid
referralcandy.com
Amazon		 2020-02-04 -
2021-03-07		 a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://go.referralcandy.com/share/6T2C7XG
Frame ID: C1601C55A78C7E4CDAC199F4F2ACAA77
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://portal.referralcandy.com/VHZ3MFQ/share_redirect?location=reminder_email&message_id=559442201&type=ref... HTTP 302
    http://nogglenation.refr.cc/jmitchell HTTP 302
    https://nogglenation.refr.cc/jmitchell HTTP 302
    https://go.referralcandy.com/share/6T2C7XG Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

18
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

10
IPs

4
Countries

221 kB
Transfer

686 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portal.referralcandy.com/VHZ3MFQ/share_redirect?location=reminder_email&message_id=559442201&type=referral_link_email_click HTTP 302
    http://nogglenation.refr.cc/jmitchell HTTP 302
    https://nogglenation.refr.cc/jmitchell HTTP 302
    https://go.referralcandy.com/share/6T2C7XG Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6T2C7XG
go.referralcandy.com/share/
Redirect Chain
  • http://portal.referralcandy.com/VHZ3MFQ/share_redirect?location=reminder_email&message_id=559442201&type=referral_link_email_click
  • http://nogglenation.refr.cc/jmitchell
  • https://nogglenation.refr.cc/jmitchell
  • https://go.referralcandy.com/share/6T2C7XG
35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.5.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-5-11.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
42069ff7113596d875a862f75d6d67608305b980d9fca44b98e44b08bf117bf1

Request headers

:method
GET
:authority
go.referralcandy.com
:scheme
https
:path
/share/6T2C7XG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 29 Jun 2020 14:29:31 GMT
content-type
text/html; charset=utf-8
server
nginx/1.10.3 (Ubuntu)
x-ua-compatible
IE=Edge,chrome=1
etag
W/"a9bc7fedbf8c5d23633a21cb7626648d"
cache-control
max-age=0, private, must-revalidate
set-cookie
cova=iq41tujqc4qt3w2yoz8tg2bo8; domain=go.referralcandy.com; path=/; expires=Tue, 29-Jun-2021 14:29:31 GMT; secure; SameSite=None; Secure _rc_sp_network_cookie=3323537d-164f-42da-8f20-6a0ed9ad8963; domain=.referralcandy.com; path=/; expires=Fri, 29-Jun-2040 14:29:31 GMT; secure; SameSite=None; Secure _rc_webapp=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTllN2YzZWRiMTllODY1MWY0ZWExODM3ZDI4OGQ2NDJkBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXR2R29FMk4zOXphSTRWM0hrYWtOdGdKVzkxMHNWRlFXNzFtZk1ML1c3djA9BjsARg%3D%3D--4959a8f5d7f7682a98405601c2f86446acd08862; domain=.referralcandy.com; path=/; expires=Tue, 29-Jun-2021 14:29:31 GMT; HttpOnly; Secure; SameSite=None
x-request-id
336a17e9ecd2f49aec1f4cd16a58fc92
x-runtime
0.479065
x-rack-cache
miss
content-encoding
gzip

Redirect headers

status
302
date
Mon, 29 Jun 2020 14:29:31 GMT
content-type
text/html; charset=utf-8
location
https://go.referralcandy.com/share/6T2C7XG
server
nginx/1.10.3 (Ubuntu)
x-ua-compatible
IE=Edge,chrome=1
cache-control
no-cache
x-request-id
de2a0f6410af49d2fd18176d457954c3
x-runtime
0.035264
x-rack-cache
miss
a70183fe6e.css
use.fontawesome.com/ 		1 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/a70183fe6e.css
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4922081f4858c29568f4990baa87f2b64076df30be35f308101613b82a7608c2

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 14:29:31 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2017 08:11:12 GMT
server
NetDNA-cache/2.2
x-amz-request-id
629A8F253BD25109
etag
W/"4d700056a61fbefb92707febe3bb2cd8"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
LbQg4H8lkv1I4hT58yrVqabNh2CGUtTmBNYKSqpKSvv+k2aWzFLmnSBA/fSTQ+1LRefhd22+5gw=
foundation-flex.css
cdnjs.cloudflare.com/ajax/libs/foundation/6.2.4/ 		92 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/foundation/6.2.4/foundation-flex.css
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b28a9979f196241d6ebc6ffdfb3623ad771c8fb5cc4c91e6279b047473aa846
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://go.referralcandy.com/share/6T2C7XG
Origin
https://go.referralcandy.com

Response headers

date
Mon, 29 Jun 2020 14:29:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
29394163
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a214c4410000176a859be200000001
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:17 GMT
server
cloudflare
etag
W/"5afd4915-16f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5ab0571a0ac0176a-FRA
expires
Sat, 19 Jun 2021 14:29:31 GMT
css
fonts.googleapis.com/ 		7 KB
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Jun 2020 13:54:30 GMT
server
ESF
date
Mon, 29 Jun 2020 14:29:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jun 2020 14:29:31 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5592
date
Mon, 29 Jun 2020 12:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 29 Jun 2020 14:56:19 GMT
js
www.googletagmanager.com/gtag/ 		82 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=ua-23908406-2
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5086d5026e76d8dfc9f1885245465f3a1a4f4864383dc4ad1b8fb15b68346dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 14:29:31 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33247
x-xss-protection
0
last-modified
Mon, 29 Jun 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jun 2020 14:29:31 GMT
landing-placeholder.png
cdn.referralcandy.com/themes/optimized/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.referralcandy.com/themes/optimized/landing-placeholder.png
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.102.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-90.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68c08e155b7c59fcce878f9d31655c61786728a88367731fba9008d9a6996af6

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 14:29:08 GMT
Via
1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
Last-Modified
Fri, 02 Jun 2017 15:59:40 GMT
Server
AmazonS3
Age
24
ETag
"32051453a0838cdb8e617f167fe52841"
X-Cache
Hit from cloudfront
x-amz-version-id
55M3J4j5i.jnl2AZtk5GNedh5G8Vuyn0
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
16944
X-Amz-Cf-Id
tuRdiX3z8ymglI5XyUzy2Eb2ey3OzSEtsouXHDUp3wx2xRJHnghwjw==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://go.referralcandy.com/share/6T2C7XG
Origin
https://go.referralcandy.com

Response headers

date
Mon, 29 Jun 2020 14:29:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5745021
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a214c4540000176a859bf200000001
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5ab0571a2af0176a-FRA
expires
Sat, 19 Jun 2021 14:29:31 GMT
foundation.min.js
cdnjs.cloudflare.com/ajax/libs/foundation/6.2.4/ 		106 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/foundation/6.2.4/foundation.min.js
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fa3bdea50e7c47ebbcab43cbcf073745f1eb08f1dd996781c7098ec215a488
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://go.referralcandy.com/share/6T2C7XG
Origin
https://go.referralcandy.com

Response headers

date
Mon, 29 Jun 2020 14:29:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
12376928
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a214c4680000176a859c1200000001
served-in-seconds
0.004
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:17 GMT
server
cloudflare
etag
W/"5afd4915-1a9ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5ab0571a4b22176a-FRA
expires
Sat, 19 Jun 2021 14:29:31 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.1/clipboard.min.js
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://go.referralcandy.com/share/6T2C7XG
Origin
https://go.referralcandy.com

Response headers

date
Mon, 29 Jun 2020 14:29:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7402902
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a214c4780000176a859c2200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:30 GMT
server
cloudflare
etag
W/"5afd48e6-2967"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5ab0571a5b61176a-FRA
expires
Sat, 19 Jun 2021 14:29:31 GMT
6T2C7XG.js
go.referralcandy.com/share/ 		1 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.referralcandy.com/share/6T2C7XG.js
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.5.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-5-11.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 14:29:32 GMT
server
nginx/1.10.3 (Ubuntu)
content-type
text/javascript
status
200
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
must-revalidate, no-cache, no-store, private, max-age=0
content-transfer-encoding
binary
content-disposition
inline
x-request-id
0789f48a9fd18c9b0159bddcaffb6964
x-runtime
0.127886
x-rack-cache
miss
x-ua-compatible
IE=Edge,chrome=1
6T2C7XG.jpg
go.referralcandy.com/share/ 		761 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.referralcandy.com/share/6T2C7XG.jpg
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.5.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-5-11.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e5318900d5d1c6bc8c8c0748aa757d2ccd0375fca017ea783c6f22c2386a3dcd

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 14:29:32 GMT
server
nginx/1.10.3 (Ubuntu)
content-type
image/jpeg
status
200
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
must-revalidate, no-cache, no-store, private, max-age=0
content-transfer-encoding
binary
content-disposition
inline
x-request-id
d064d4c4136c9b02264ac08a6808327f
x-runtime
0.153917
x-rack-cache
miss
x-ua-compatible
IE=Edge,chrome=1
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 14:29:31 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2016 17:21:58 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin
https://go.referralcandy.com

Response headers

date
Thu, 11 Jun 2020 05:23:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1587988
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Fri, 11 Jun 2021 05:23:03 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin
https://go.referralcandy.com

Response headers

date
Tue, 09 Jun 2020 22:05:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1700619
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Wed, 09 Jun 2021 22:05:52 GMT
fbevents.js
connect.facebook.net/en_US/ 		133 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34036
x-xss-protection
0
pragma
public
x-fb-debug
vbMNv1cMKYLlIe6HgJdIsTkW15TH4HAfx0RdZb5fCH1WzGKUxtqudKXrJz9Q4lFBvTcSujtTT5tyKYhTGKd3lw==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Mon, 29 Jun 2020 14:29:32 GMT, Mon, 29 Jun 2020 14:29:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
36869799
connect.facebook.net/signals/config/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/36869799?v=2.9.21&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d0d254ff9c547ffd0bdecbc3ff6543cdc3e78b49a528df8b2b2a31a7d18c4d8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
8112
x-xss-protection
0
pragma
public
x-fb-debug
94AYwkAB+jJaQRra6sumuFAejShfHutVy70zLBBZjL1rmXf4p7z27qFmECDgFtag9myHB4SLnAueZ24B5jiVjw==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Mon, 29 Jun 2020 14:29:32 GMT, Mon, 29 Jun 2020 14:29:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=36869799&ev=PageView&dl=https%3A%2F%2Fgo.referralcandy.com%2Fshare%2F6T2C7XG&rl=&if=false&ts=1593440972241&sw=1600&sh=1200&v=2.9.21&r=stable&ec=0&o=28&it=1593440972230&coo=false&rqm=GET
Requested by
Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/6T2C7XG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://go.referralcandy.com/share/6T2C7XG
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 14:29:32 GMT, Mon, 29 Jun 2020 14:29:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 29 Jun 2020 14:29:32 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer function| $ function| jQuery function| _classCallCheck function| _createClass object| Foundation object| google_tag_data function| ga object| gaplugins object| google_tag_manager function| fbq function| _fbq

4 Cookies

Domain/Path Name / Value
.go.referralcandy.com/ Name: rfcr_fs
Value: 46
.referralcandy.com/ Name: _rc_sp_network_cookie
Value: 3323537d-164f-42da-8f20-6a0ed9ad8963
.referralcandy.com/ Name: _rc_webapp
Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTllN2YzZWRiMTllODY1MWY0ZWExODM3ZDI4OGQ2NDJkBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXR2R29FMk4zOXphSTRWM0hrYWtOdGdKVzkxMHNWRlFXNzFtZk1ML1c3djA9BjsARg%3D%3D--4959a8f5d7f7682a98405601c2f86446acd08862
.go.referralcandy.com/ Name: cova
Value: iq41tujqc4qt3w2yoz8tg2bo8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.referralcandy.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
go.referralcandy.com
nogglenation.refr.cc
portal.referralcandy.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.224.102.90
23.111.9.35
2606:4700::6810:84e5
2a00:1450:4001:801::200a
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:824::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.220.4.156
52.74.5.11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
42069ff7113596d875a862f75d6d67608305b980d9fca44b98e44b08bf117bf1
4922081f4858c29568f4990baa87f2b64076df30be35f308101613b82a7608c2
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
68c08e155b7c59fcce878f9d31655c61786728a88367731fba9008d9a6996af6
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
7b28a9979f196241d6ebc6ffdfb3623ad771c8fb5cc4c91e6279b047473aa846
7d0d254ff9c547ffd0bdecbc3ff6543cdc3e78b49a528df8b2b2a31a7d18c4d8
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5086d5026e76d8dfc9f1885245465f3a1a4f4864383dc4ad1b8fb15b68346dc
e5318900d5d1c6bc8c8c0748aa757d2ccd0375fca017ea783c6f22c2386a3dcd
e8fa3bdea50e7c47ebbcab43cbcf073745f1eb08f1dd996781c7098ec215a488
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955