go.referralcandy.com Open in urlscan Pro
3.165.82.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jackery.refr.cc/Referralprogram/u/alfiet?s=pppw
Effective URL:
https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Submission: On September 04 via manual (September 4th 2024, 8:29:34 pm UTC) from US — Scanned from SG

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 3.165.82.5, located in United States and belongs to AMAZON-02, US. The main domain is go.referralcandy.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 1st 2024. Valid for: a year.

This is the only time go.referralcandy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.169.206.184 54.169.206.184	16509 (AMAZON-02) (AMAZON-02)
13	3.165.82.5 3.165.82.5	16509 (AMAZON-02) (AMAZON-02)
1	54.36.108.71 54.36.108.71	16276 (OVH) (OVH)
1	2404:6800:400... 2404:6800:4003:c05::5f	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.254.17 108.157.254.17	16509 (AMAZON-02) (AMAZON-02)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c1a::5e	15169 (GOOGLE) (GOOGLE)
24	9

1 54.169.206.184 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-206-184.ap-southeast-1.compute.amazonaws.com

jackery.refr.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 3.165.82.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-82-5.sin2.r.cloudfront.net

go.referralcandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.108.71 (France)

ASN16276 (OVH, FR)
PTR: ns3113199.ip-54-36-108.eu

www.uptimiarum.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.254.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-254-17.sin2.r.cloudfront.net

client-assets.referralcandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	referralcandy.com go.referralcandy.com client-assets.referralcandy.com — Cisco Umbrella Rank: 967770	168 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	71 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	8 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	10 KB
1	uptimiarum.eu www.uptimiarum.eu — Cisco Umbrella Rank: 580740	1 KB
1	refr.cc 1 redirects jackery.refr.cc	284 B
24	7

	Domain	Requested by
13	go.referralcandy.com	go.referralcandy.com
4	cdnjs.cloudflare.com	srcdoc
2	use.fontawesome.com	srcdoc use.fontawesome.com
1	fonts.gstatic.com	fonts.googleapis.com
1	client-assets.referralcandy.com	srcdoc
1	fonts.googleapis.com	srcdoc
1	www.uptimiarum.eu	go.referralcandy.com www.uptimiarum.eu
1	jackery.refr.cc	1 redirects
24	8

This site contains no links.

Subject Issuer	Validity	Valid
go.referralcandy.com Amazon RSA 2048 M03	`2024-02-01` - `2025-03-02`	a year	crt.sh
www.uptimiarum.eu R11	`2024-08-27` - `2024-11-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
referralcandy.com Amazon RSA 2048 M02	`2024-08-07` - `2025-09-04`	a year	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Frame ID: 413D76B74B5173735FE0FE8F26A09058
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Abel&family=Abril+Fatface&family=Alegreya&family=Alegreya+Sans&family=Amiri&family=Anonymous+Pro&family=Arapey&family=Archivo&family=Archivo+Narrow&family=Arimo&family=Armata&family=Arvo&family=Asap&family=Assistant&family=Asul&family=Bitter&family=Cabin&family=Cardo&family=Catamaran&family=Chivo&family=Crimson+Text&family=Domine&family=Dosis&family=Fira+Sans&family=Fjalla+One&family=Glegoo&family=IBM+Plex+Sans&family=Inconsolata&family=Josefin+Sans&family=Josefin+Slab&family=Kalam&family=Karla&family=Kreon&family=Lato&family=Libre+Baskerville&family=Libre+Franklin&family=Lobster&family=Lobster+Two&family=Lora&family=Maven+Pro&family=Megrim&family=Merriweather+Sans&family=Montserrat&family=Mouse+Memoirs&family=Neuton&family=News+Cycle&family=Nobile&family=Noticia+Text&family=Noto+Serif&family=Nunito&family=Nunito+Sans&family=Old+Standard+TT&family=Open+Sans&family=Oswald&family=Ovo&family=Oxygen&family=PT+Mono&family=PT+Sans&family=PT+Sans+Narrow&family=PT+Serif&family=Pacifico&family=Playball&family=Playfair+Display&family=Poppins&family=Prata&family=Prompt&family=Quantico&family=Quattrocento&family=Quattrocento+Sans&family=Questrial&family=Quicksand&family=Rajdhani&family=Raleway&family=Righteous&family=Roboto&family=Roboto+Condensed&family=Roboto+Mono&family=Roboto+Slab&family=Rubik&family=Shadows+Into+Light&family=Slabo+13px&family=Source+Code+Pro&family=Source+Sans+Pro&family=Tenor+Sans&family=Tinos&family=Titillium+Web&family=Ubuntu&family=Unica+One&family=Unna&family=Varela&family=Varela+Round&family=Vidaloka&family=Volkhov&family=Vollkorn&family=Work+Sans&display=swap
Frame ID: 42626609D494F75C0F8EF501CA269AB0
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jackery Referral Program

Page URL History Show full URLs

https://jackery.refr.cc/Referralprogram/u/alfiet?s=pppw HTTP 302
https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

44 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

267 kB
Transfer

1037 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jackery.refr.cc/Referralprogram/u/alfiet?s=pppw HTTP 302
https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request NM93DNL Show response
go.referralcandy.com/share/
Redirect Chain

https://jackery.refr.cc/Referralprogram/u/alfiet?s=pppw
https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk

4 KB
2 KB

1783ms
1626ms

Document
text/html

3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: / Next.js
Resource Hash: c72378929c0e7a83a987897303b95021b0bf726e17c79b87196e970fe2917992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 04 Sep 2024 20:29:30 GMT
etag: W/"muiuqaq89a3gc"
vary: Accept-Encoding
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
x-amz-cf-id: NJ2QendGsj2HNRAtfCOfILJnEmEmy_gwM6cXVrZuPInyfghQFM_MQg==
x-amz-cf-pop: SIN2-P5
x-amzn-remapped-content-length: 4476
x-amzn-requestid: e3c79702-ceb4-4107-a083-8dfa11db2e9c
x-amzn-trace-id: root=1-66d8c329-2d1919f4296e37a276b6d0cf;parent=21609908adc3026e;sampled=0;lineage=1:c7a113e8:0
x-cache: Miss from cloudfront
x-middleware-next: 1
x-opennext: 1
x-powered-by: Next.js

Redirect headers

content-length: 147
content-type: text/html; charset=utf-8
date: Wed, 04 Sep 2024 20:29:28 GMT
location: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
vary: Origin

GET
H2 200 28ed73fb02927f71.css
go.referralcandy.com/_next/static/css/ 557 B
946 B 5ms
5ms Stylesheet
text/css 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/css/28ed73fb02927f71.css
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab04dd5c1a4f1ddeedae37eac38a14d1d02c079d808097de5229e06480df609b

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: "037c02299d072a9f0b149614a83385d1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css;charset=utf-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-length: 557
x-amz-cf-id: M419QR5dzV3PH_UqD9s-jECbI0LqlBK1ROrf97PT8-Nl-JVaIPXm2Q==

GET
H2 200 webpack-0b5d8249fb15f5f3.js Show response
go.referralcandy.com/_next/static/chunks/ 2 KB
1 KB 6ms
5ms Script
text/javascript 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/chunks/webpack-0b5d8249fb15f5f3.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c0f84a062266e54b480eebc8063c6c1a0aa00a4ceca01d26db7bb4fc08830fe

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
content-encoding: br
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: W/"82f80c9a6311fcf7b978b36a61a1271e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: rtkrQ58i2cEzfAB_6TDSclqpXyqa6XD3hLyY4fDc2OxS0vp7sSl_Tw==

GET
H2 200 framework-ecc4130bc7a58a64.js Show response
go.referralcandy.com/_next/static/chunks/ 138 KB
42 KB 8ms
8ms Script
text/javascript 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/chunks/framework-ecc4130bc7a58a64.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 761e9329d5dc491a063f81ea1dedaec335826413f3d7a7724d6b9f2ecc5e46f3

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
content-encoding: br
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: W/"6467a3dbdbf4c598f8e58e4219209026"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: BLBEIyI4PuCtAlqeyLy91-Dk3hEg5Fkbv2p8Lh6x03-exlCG7KSEQw==

GET
H2 200 main-0afafad490d4199a.js Show response
go.referralcandy.com/_next/static/chunks/ 107 KB
30 KB 12ms
10ms Script
text/javascript 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/chunks/main-0afafad490d4199a.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 076cb2895b7ee81c0406f9884e68dda1a62dac6d6d7441cfc75ecf31ad6853d4

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
content-encoding: br
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: W/"2a245740574396be281366e278053769"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: YfEwJw-dl61hqdmtgQExGcwQZenc4JuNzVB5RVV94inz8kd6MV21oA==

GET
H2 200 _app-6a8fc792742ba72d.js Show response
go.referralcandy.com/_next/static/chunks/pages/ 153 KB
48 KB 14ms
12ms Script
text/javascript 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/chunks/pages/_app-6a8fc792742ba72d.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8a9f35bb5e3610c36d8a706f1be00854eece6a03f37c93758f9a37220c71ada

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
content-encoding: br
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: W/"3341b1111dc2a9deedb8c553157a771a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: -wnnicD3cNMmes5e1WVxOj4kW-vqpnEZQYxIDaUWGPCsQY7IbsS6tQ==

GET
H2 200 121-3873827aee667e3e.js Show response
go.referralcandy.com/_next/static/chunks/ 7 KB
3 KB 9ms
7ms Script
text/javascript 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/chunks/121-3873827aee667e3e.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c9eefc6967199e79655ac03a5b29d6ea09b85864cd04d50b667358bfc79843

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
content-encoding: br
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: W/"9c5442bf27e054ceac52b0d71dd2a6e5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: Bk-NPnVaJQK-g1kC97EV_1keymPVAHCL8IKN6BG48foiW7rxQAJSow==

GET
H2 200 653-6a6fc6ab74603f42.js Show response
go.referralcandy.com/_next/static/chunks/ 18 KB
6 KB 10ms
8ms Script
text/javascript 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/chunks/653-6a6fc6ab74603f42.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae3a9edf51a0487fa10770efa82f66e05df3f824a124f2c999163ef304248659

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
content-encoding: br
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: W/"262ee5fb7c628fdbb5f3d4bb5bf45d95"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: IhSWfSX8KI65oxV8mdoe1RUK5qcLY27LHTt3DSh-tuj7O56Mhe9CPw==

GET
H2 200 %5BinviteCode%5D-2569516224184b78.js Show response
go.referralcandy.com/_next/static/chunks/pages/share/ 4 KB
2 KB 9ms
8ms Script
text/javascript 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/chunks/pages/share/%5BinviteCode%5D-2569516224184b78.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 431e98671d30f44596e456c2e3b132187121d82e21f833ffa5efb2f1a6d0c8f1

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
content-encoding: br
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: W/"3ef258ea0fde9a575eda1ce1f6b4dbea"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: FvoxW7BPrTWcXIUojWG6wjGxnqW9w3NZ_sP3Z_22fh9xpMR3hXjQ-w==

GET
H2 200 _buildManifest.js Show response
go.referralcandy.com/_next/static/YfbUNJc5kjlBerw4JnMWw/ 994 B
1 KB 17ms
16ms Script
text/javascript 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/YfbUNJc5kjlBerw4JnMWw/_buildManifest.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95ad244e849b0c38f0a1a618d1f7f156cacb05a1c27b8f216b49d18b70003c5c

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: "815ee9ce90db8a1b3627e683aef54d31"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-length: 994
x-amz-cf-id: JXRygkJtXzEm3Y1aNOD3MJTf-36B2VxL5yzew0O_YO7w9o7wDGpVpw==

GET
H2 200 _ssgManifest.js Show response
go.referralcandy.com/_next/static/YfbUNJc5kjlBerw4JnMWw/ 77 B
472 B 18ms
17ms Script
text/javascript 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/_next/static/YfbUNJc5kjlBerw4JnMWw/_ssgManifest.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:01:56 GMT
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2024 09:53:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P5
age: 210455
etag: "b6652df95db52feb4daf4eca35380933"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-length: 77
x-amz-cf-id: Ha_uJQSOO162qGw-vhzPdx4fiUHVqVejAlFGL5hNwWdDlufi7XyNJQ==

GET
H/1.1 200
OK rum.min.js Show response
www.uptimiarum.eu/ 3 KB
1 KB 778ms
257ms Script
application/javascript 54.36.108.71
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uptimiarum.eu/rum.min.js
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.108.71 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3113199.ip-54-36-108.eu
Software: nginx /
Resource Hash: 7d0500d2499f1228348fc454d969efd76e68d60dc500179cbd8ef99495de8cc7

Request headers

Referer: https://go.referralcandy.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 04 Sep 2024 20:29:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Apr 2024 06:05:09 GMT
Server: nginx
ETag: W/"66220995-a2f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 NM93DNL Show response
go.referralcandy.com/folp-api/share/ 50 KB
12 KB 1129ms
1128ms Fetch
application/json 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/folp-api/share/NM93DNL?s=pppw&t=uk
Requested by: Host: go.referralcandy.com
URL: https://go.referralcandy.com/_next/static/chunks/pages/_app-6a8fc792742ba72d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: /
Resource Hash: 85051f5544353369a4b3c147b7b3a9500e0b831b5e11b36977afbc4dc6008247

Request headers

accept: application/json
Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 20:29:31 GMT
content-encoding: gzip
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P5
vary: Origin, accept-encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
x-amz-cf-id: wxzWvFcxOx1xA0EeP5LqRX5VOnRE-WRbLLJqftlv5ybriSX3RyIAeQ==

GET
H2 404 favicon.ico
go.referralcandy.com/ 3 KB
2 KB 924ms
924ms Other
text/html 3.165.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.referralcandy.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.82.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-82-5.sin2.r.cloudfront.net
Software: / Next.js
Resource Hash: 7a28540e825d5b5d0104d189edd119ebed61c8c317cfca38850e565f3c8794cf

Request headers

Referer: https://go.referralcandy.com/share/NM93DNL?s=pppw&t=uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 20:29:31 GMT
content-encoding: br
via: 1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 3073
x-amz-cf-pop: SIN2-P5
x-amzn-requestid: 5c0346b9-346f-40f0-b46d-1d1eaf9680fb
etag: W/"15iznnavlzw2dd"
vary: Accept-Encoding
x-powered-by: Next.js
content-type: text/html; charset=utf-8
x-amzn-trace-id: root=1-66d8c32b-73187cf50aae19a84c9de0a1;parent=13e91c5a8fb02db7;sampled=0;lineage=1:c7a113e8:0
x-opennext: 1
x-cache: Error from cloudfront
x-middleware-next: 1
x-amz-cf-id: -LEUVy5GTm7CBereKQQN6Cc90alJj5Fbkhq2ua0PFx74_EI8Vr701g==

GET
H2 200 css2
fonts.googleapis.com/ Frame 4262 132 KB
10 KB 32ms
16ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abel&family=Abril+Fatface&family=Alegreya&family=Alegreya+Sans&family=Amiri&family=Anonymous+Pro&family=Arapey&family=Archivo&family=Archivo+Narrow&family=Arimo&family=Armata&family=Arvo&family=Asap&family=Assistant&family=Asul&family=Bitter&family=Cabin&family=Cardo&family=Catamaran&family=Chivo&family=Crimson+Text&family=Domine&family=Dosis&family=Fira+Sans&family=Fjalla+One&family=Glegoo&family=IBM+Plex+Sans&family=Inconsolata&family=Josefin+Sans&family=Josefin+Slab&family=Kalam&family=Karla&family=Kreon&family=Lato&family=Libre+Baskerville&family=Libre+Franklin&family=Lobster&family=Lobster+Two&family=Lora&family=Maven+Pro&family=Megrim&family=Merriweather+Sans&family=Montserrat&family=Mouse+Memoirs&family=Neuton&family=News+Cycle&family=Nobile&family=Noticia+Text&family=Noto+Serif&family=Nunito&family=Nunito+Sans&family=Old+Standard+TT&family=Open+Sans&family=Oswald&family=Ovo&family=Oxygen&family=PT+Mono&family=PT+Sans&family=PT+Sans+Narrow&family=PT+Serif&family=Pacifico&family=Playball&family=Playfair+Display&family=Poppins&family=Prata&family=Prompt&family=Quantico&family=Quattrocento&family=Quattrocento+Sans&family=Questrial&family=Quicksand&family=Rajdhani&family=Raleway&family=Righteous&family=Roboto&family=Roboto+Condensed&family=Roboto+Mono&family=Roboto+Slab&family=Rubik&family=Shadows+Into+Light&family=Slabo+13px&family=Source+Code+Pro&family=Source+Sans+Pro&family=Tenor+Sans&family=Tinos&family=Titillium+Web&family=Ubuntu&family=Unica+One&family=Unna&family=Varela&family=Varela+Round&family=Vidaloka&family=Volkhov&family=Vollkorn&family=Work+Sans&display=swap

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad476885f86471ca15b438bc0e97eca221f982f54432bc05945f37be07ea25ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.referralcandy.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Sep 2024 20:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Sep 2024 20:29:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Sep 2024 20:29:31 GMT

GET
H2 200 foundation.min.css
cdnjs.cloudflare.com/ajax/libs/foundation/6.4.3/css/ Frame 4262 118 KB
13 KB 41ms
19ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundation/6.4.3/css/foundation.min.css

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1928a8f2a6a66976a933c16af4961d18d4ef93f760b3e70c2e03de7af398131d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.referralcandy.com/
Origin: https://go.referralcandy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 20:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1917048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13273
last-modified: Mon, 04 May 2020 16:10:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e65-1d66a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6%2FDsL0XUE9RygN5YVOVb03bTMHjgQS7rt8rY3lnSMtoL%2Fpqc0LfYw9d%2Fo2ywkq7C05krX5yeuYNe7377ubvgrmCpsMD%2BtDl8bWNxE7Z3Pv1BsF4SYHFgxOMEN0KzHPiCO%2BDaqlYulgrxmDq%2Fnbz9jdE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8be0bb70db009c51-SIN
expires: Mon, 25 Aug 2025 20:29:31 GMT

GET
H2 200 a70183fe6e.css
use.fontawesome.com/ Frame 4262 1 KB
872 B 277ms
255ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/a70183fe6e.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4922081f4858c29568f4990baa87f2b64076df30be35f308101613b82a7608c2

Request headers

Referer: https://go.referralcandy.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 20:29:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 01:13:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4d700056a61fbefb92707febe3bb2cd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y789z1EeuCKoPgpiOnpfdXWpB6XPaWeARRV3nsxFt8uKxR5rsbMHo%2BPbSBH4V3TPJbnyp2YjIaTiZSYXMXY2T37%2BtGjg41k1VOMcBxNMqJkGVK5rIzzODTqNglPcg5JiUaCJK%2Bkkc02OwDPq9f6D4Ldw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 8be0bb70de2a658d-SIN
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK XKgc2rrUnBGdzpYx15T7O_dee89a50-9568-2ea9-a376-c84868d000b1.png
client-assets.referralcandy.com/ Frame 4262 16 KB
17 KB 1412ms
908ms Image
image/png 108.157.254.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client-assets.referralcandy.com/XKgc2rrUnBGdzpYx15T7O_dee89a50-9568-2ea9-a376-c84868d000b1.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-17.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c0f3b2cef8553e7595b051cfd099d8d0bf3cd80a1e427b9e71e3888c9715083

Request headers

Referer: https://go.referralcandy.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 04 Sep 2024 20:29:33 GMT
Via: 1.1 ed759b4c9b40a24358a2fd2628f105b2.cloudfront.net (CloudFront)
Last-Modified: Tue, 30 May 2023 10:23:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256
ETag: "f79896ca74a8585a215c9b1891e31f84"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16848
X-Amz-Cf-Id: 7VDkCnWTCsCTpYPe7GqxYQ5tOKM0wD3pvEMqYKhXtFAbpC598ZKtTQ==

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 4262 85 KB
27 KB 36ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.referralcandy.com/
Origin: https://go.referralcandy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 20:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3645202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQJB8fX2q%2BZdwYTV3KBQr7cTvFPbhQnidPrffEPEXhQX08coifWjZIonmFzhyShf04o%2FhNweHCDqZIaGQ9edNElUJlW%2FNBfWZvDoupCecFi6JuP2UUmot7uhv8LL7ivjXMPr6qwU%2Bh7zyLLDEVjGxzMp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8be0bb70db019c51-SIN
expires: Mon, 25 Aug 2025 20:29:31 GMT

GET
H2 200 foundation.min.js Show response
cdnjs.cloudflare.com/ajax/libs/foundation/6.4.3/js/ Frame 4262 145 KB
27 KB 11ms
10ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundation/6.4.3/js/foundation.min.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9916250aee441bea2e0f4ed6c4b17cbf8640658080e96ae67485f29f506ff559

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.referralcandy.com/
Origin: https://go.referralcandy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 20:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 73498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27396
last-modified: Mon, 04 May 2020 16:10:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e65-2454f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BtgZM4EhCx6KXwzL6IYZOjEUnbwFnSDvwMssP3y4IpAK%2Bj1aJiQdUdxF32xSBEP4yQSyfnsanEknbYOUQ2Ibs%2FtXK51zd4onCKkl8WU8gGfPFJuGpgGFENYb3Y9RauQVNw5BLtNfIXPgh5G2F7rbq94"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8be0bb710b1c9c51-SIN
expires: Mon, 25 Aug 2025 20:29:31 GMT

GET
H3 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.1/ Frame 4262 10 KB
4 KB 58ms
58ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.1/clipboard.min.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.referralcandy.com/
Origin: https://go.referralcandy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 20:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2974
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-2967"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4i00WGHEJMNL8%2F4MupekVrh3lSW5W89CuJEKx8xTEX3jl%2FhbIlvymTiVo5ookoO5COCTpEzIPMJ0OKywOkLXTzmwR8BuzkXtyOMZ4oslJvx9qmO%2Bae4lfcSYJBdM3AxEeHxgENUa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8be0bb714e8c23b0-HKG
expires: Mon, 25 Aug 2025 20:29:31 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ Frame 4262 30 KB
7 KB 14ms
14ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/a70183fe6e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer: https://use.fontawesome.com/a70183fe6e.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 20:29:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 805
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkS4dQ6BceXowgtXFYmVMpSOR9A%2FEJDxntA74O6sOkLIvleGbOr7sNE0JUDtpBg8bs%2F%2FMSFcpLqdEHJg64fyMJ8Q1TEkBhvPDNie8h%2BzSE2S8kfIYf5SEOTdU3Y5DlA41%2F%2FOYHnqvHX%2B1tBS85v4yKvJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8be0bb726ef0658d-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 4262 8 KB
8 KB 52ms
13ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel&family=Abril+Fatface&family=Alegreya&family=Alegreya+Sans&family=Amiri&family=Anonymous+Pro&family=Arapey&family=Archivo&family=Archivo+Narrow&family=Arimo&family=Armata&family=Arvo&family=Asap&family=Assistant&family=Asul&family=Bitter&family=Cabin&family=Cardo&family=Catamaran&family=Chivo&family=Crimson+Text&family=Domine&family=Dosis&family=Fira+Sans&family=Fjalla+One&family=Glegoo&family=IBM+Plex+Sans&family=Inconsolata&family=Josefin+Sans&family=Josefin+Slab&family=Kalam&family=Karla&family=Kreon&family=Lato&family=Libre+Baskerville&family=Libre+Franklin&family=Lobster&family=Lobster+Two&family=Lora&family=Maven+Pro&family=Megrim&family=Merriweather+Sans&family=Montserrat&family=Mouse+Memoirs&family=Neuton&family=News+Cycle&family=Nobile&family=Noticia+Text&family=Noto+Serif&family=Nunito&family=Nunito+Sans&family=Old+Standard+TT&family=Open+Sans&family=Oswald&family=Ovo&family=Oxygen&family=PT+Mono&family=PT+Sans&family=PT+Sans+Narrow&family=PT+Serif&family=Pacifico&family=Playball&family=Playfair+Display&family=Poppins&family=Prata&family=Prompt&family=Quantico&family=Quattrocento&family=Quattrocento+Sans&family=Questrial&family=Quicksand&family=Rajdhani&family=Raleway&family=Righteous&family=Roboto&family=Roboto+Condensed&family=Roboto+Mono&family=Roboto+Slab&family=Rubik&family=Shadows+Into+Light&family=Slabo+13px&family=Source+Code+Pro&family=Source+Sans+Pro&family=Tenor+Sans&family=Tinos&family=Titillium+Web&family=Ubuntu&family=Unica+One&family=Unna&family=Varela&family=Varela+Round&family=Vidaloka&family=Volkhov&family=Vollkorn&family=Work+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.referralcandy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 05:43:15 GMT
x-content-type-options: nosniff
age: 53177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Sep 2025 05:43:15 GMT

POST f1116f75ad2cacd4db900ec9a2bce696
www.uptimiarum.eu/rum-receive/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.uptimiarum.eu
URL: https://www.uptimiarum.eu/rum-receive/f1116f75ad2cacd4db900ec9a2bce696

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.go.referralcandy.com/	1970-01-21 08:03:37	Name: cova Value: ih18os8cz7tdpb9dalaveqgm9
			.go.referralcandy.com/	1970-01-21 00:01:13	Name: zeIwkNvD Value: fie8g9g25hzyhjpinwpcsh48q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:srcdoc Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://go.referralcandy.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
client-assets.referralcandy.com
fonts.googleapis.com
fonts.gstatic.com
go.referralcandy.com
jackery.refr.cc
use.fontawesome.com
www.uptimiarum.eu
www.uptimiarum.eu
104.17.24.14
108.157.254.17
2404:6800:4003:c05::5f
2404:6800:4003:c1a::5e
2606:4700:3037::ac43:8ef5
2606:4700::6811:190e
3.165.82.5
54.169.206.184
54.36.108.71
076cb2895b7ee81c0406f9884e68dda1a62dac6d6d7441cfc75ecf31ad6853d4
125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1928a8f2a6a66976a933c16af4961d18d4ef93f760b3e70c2e03de7af398131d
431e98671d30f44596e456c2e3b132187121d82e21f833ffa5efb2f1a6d0c8f1
4922081f4858c29568f4990baa87f2b64076df30be35f308101613b82a7608c2
4c0f3b2cef8553e7595b051cfd099d8d0bf3cd80a1e427b9e71e3888c9715083
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
761e9329d5dc491a063f81ea1dedaec335826413f3d7a7724d6b9f2ecc5e46f3
7a28540e825d5b5d0104d189edd119ebed61c8c317cfca38850e565f3c8794cf
7d0500d2499f1228348fc454d969efd76e68d60dc500179cbd8ef99495de8cc7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
85051f5544353369a4b3c147b7b3a9500e0b831b5e11b36977afbc4dc6008247
95ad244e849b0c38f0a1a618d1f7f156cacb05a1c27b8f216b49d18b70003c5c
9916250aee441bea2e0f4ed6c4b17cbf8640658080e96ae67485f29f506ff559
9c0f84a062266e54b480eebc8063c6c1a0aa00a4ceca01d26db7bb4fc08830fe
a8a9f35bb5e3610c36d8a706f1be00854eece6a03f37c93758f9a37220c71ada
ab04dd5c1a4f1ddeedae37eac38a14d1d02c079d808097de5229e06480df609b
ad476885f86471ca15b438bc0e97eca221f982f54432bc05945f37be07ea25ce
ae3a9edf51a0487fa10770efa82f66e05df3f824a124f2c999163ef304248659
c72378929c0e7a83a987897303b95021b0bf726e17c79b87196e970fe2917992
e2c9eefc6967199e79655ac03a5b29d6ea09b85864cd04d50b667358bfc79843

go.referralcandy.com Open in urlscan Pro 3.165.82.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

44 %IPv6

7 Domains

8 Subdomains

9 IPs

4 Countries

267 kBTransfer

1037 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

go.referralcandy.com Open in urlscan Pro
3.165.82.5 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

44 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

267 kB
Transfer

1037 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions