mywit.referralcandy.com Open in urlscan Pro
52.74.5.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mywit.referralcandy.com/7KH4X3D
Submission: On June 16 via api (June 16th 2020, 3:50:40 am UTC) from US

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 8 HTTP transactions. The main IP is 52.74.5.11, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is mywit.referralcandy.com.
TLS certificate: Issued by Amazon on February 4th 2020. Valid for: a year.

This is the only time mywit.referralcandy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	52.74.5.11 52.74.5.11	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
2	143.204.237.64 143.204.237.64	16509 (AMAZON-02) (AMAZON-02)
8	4

3 52.74.5.11 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-5-11.ap-southeast-1.compute.amazonaws.com

mywit.referralcandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.237.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-64.cph50.r.cloudfront.net

d1p6b1fqdxr5o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	referralcandy.com mywit.referralcandy.com	118 KB
2	cloudfront.net d1p6b1fqdxr5o.cloudfront.net	19 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com	28 KB
1	google-analytics.com www.google-analytics.com	18 KB
8	4

	Domain	Requested by
3	mywit.referralcandy.com	mywit.referralcandy.com
2	d1p6b1fqdxr5o.cloudfront.net	mywit.referralcandy.com
2	netdna.bootstrapcdn.com	mywit.referralcandy.com
1	www.google-analytics.com	mywit.referralcandy.com
8	4

This site contains links to these domains. Also see Links.

Domain
www.flickr.com
www.referralcandy.com

Subject Issuer	Validity	Valid
referralcandy.com Amazon	`2020-02-04` - `2021-03-07`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mywit.referralcandy.com/7KH4X3D
Frame ID: C0E5BB2E76D6FA52BE16A0B3AFD253D3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

183 kB
Transfer

330 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.flickr.com/photos/hacky/3673119542/in/photostream/
Title: hacky

Search URL Search Domain Scan URL

URL: http://www.referralcandy.com/?ref=ap10_ap11

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request 7KH4X3D Show response
mywit.referralcandy.com/ 3 KB
2 KB 693ms
240ms Document
text/html 52.74.5.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mywit.referralcandy.com/7KH4X3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.5.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-5-11.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f962d89c8a31a5484050e484d5ce6087d008d5931a3f2efc4801a0c7d2f0728f

Request headers

:method: GET
:authority: mywit.referralcandy.com
:scheme: https
:path: /7KH4X3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
date: Tue, 16 Jun 2020 03:50:21 GMT
content-type: text/html; charset=utf-8
server: nginx/1.10.3 (Ubuntu)
x-ua-compatible: IE=Edge,chrome=1
cache-control: no-cache
set-cookie: _referral_corner_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWE5MjQ1NWNhNWVjNzRiMTAyNDVlN2E1OWFiNTA1NmIzBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMVNuWEk2QTc4Tzg0YkdlS21iVjh1TFZQYVh6NGtUOGxZVGp5SGVOaGlxbE09BjsARg%3D%3D--a394c091f1c3c521f2688ea144720998ec26d057; path=/; HttpOnly
x-request-id: a5f82fbba181d30a433b2c1f4b6741ff
x-runtime: 0.033510
x-rack-cache: miss
vary: Origin
content-encoding: gzip

GET
H2 200 bootstrap-combined.min.css
netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/css/ 117 KB
20 KB 248ms
222ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/css/bootstrap-combined.min.css

Requested by

Host: mywit.referralcandy.com
URL: https://mywit.referralcandy.com/7KH4X3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

13431ebc8279cd6b43d9b4e94a137e59a2f848555cfa8293da2071d9b98149d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mywit.referralcandy.com/7KH4X3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 03:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:21 GMT
status: 200
etag: "1544639721"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 20320

GET
H2 200 screen-f57d7979263a5317a824178c8b8b0d73.css
mywit.referralcandy.com/assets/ 8 KB
8 KB 209ms
208ms Stylesheet
text/css 52.74.5.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mywit.referralcandy.com/assets/screen-f57d7979263a5317a824178c8b8b0d73.css
Requested by: Host: mywit.referralcandy.com
URL: https://mywit.referralcandy.com/7KH4X3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.5.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-5-11.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8597c7a064523e57f41e905f9aaa18585b97e0dea4d6a49d3312ccddae50652e

Request headers

Referer: https://mywit.referralcandy.com/7KH4X3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 03:50:21 GMT
last-modified: Thu, 28 May 2020 04:09:46 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5ecf398a-20cf"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 8399

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mywit.referralcandy.com
URL: https://mywit.referralcandy.com/7KH4X3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mywit.referralcandy.com/7KH4X3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3242
date: Tue, 16 Jun 2020 02:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 16 Jun 2020 04:56:19 GMT

GET
H2 200 application-b3b874838faf8e212f6594a13ab34448.js Show response
mywit.referralcandy.com/assets/ 108 KB
108 KB 212ms
211ms Script
application/javascript 52.74.5.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mywit.referralcandy.com/assets/application-b3b874838faf8e212f6594a13ab34448.js
Requested by: Host: mywit.referralcandy.com
URL: https://mywit.referralcandy.com/7KH4X3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.5.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-5-11.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 39cb0edcf837c5b59cf8c7cd01fd44c5d0c2e8ec78d3f8bf6fdb86c1b53c0f6c

Request headers

Referer: https://mywit.referralcandy.com/7KH4X3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 03:50:21 GMT
last-modified: Thu, 28 May 2020 04:09:46 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5ecf398a-1aee1"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 110305

GET
H2 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/js/ 31 KB
8 KB 255ms
228ms Script
text/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/js/bootstrap.min.js

Requested by

Host: mywit.referralcandy.com
URL: https://mywit.referralcandy.com/7KH4X3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

34c5b7b058640503224a11acd9e5edd7a3d11d6dd1a1d05e9cb971855e798849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mywit.referralcandy.com/7KH4X3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 03:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:55 GMT
status: 200
etag: "1544639635"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7839

GET
H/1.1 200
OK baby.jpg
d1p6b1fqdxr5o.cloudfront.net/images/error/ 15 KB
16 KB 1000ms
833ms Image
image/jpeg 143.204.237.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1p6b1fqdxr5o.cloudfront.net/images/error/baby.jpg
Requested by: Host: mywit.referralcandy.com
URL: https://mywit.referralcandy.com/7KH4X3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-64.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f99f0fb01e2239b3d8c3c9b04da677bbe1d4a3cd207fbd6075077e023cdbef2

Request headers

Referer: https://mywit.referralcandy.com/7KH4X3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 03:50:23 GMT
Via: 1.1 060df07995f24318e95556d506f04e13.cloudfront.net (CloudFront)
Last-Modified: Wed, 21 Dec 2011 06:58:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: CPH50-C1
ETag: "a92628d006ad7e0402ef0213784b6727"
X-Cache: Miss from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 15524
X-Amz-Cf-Id: 3v-RE5ScWo9AC1C6aLfDJlaE7g7MGT4T6fme4vDWRDt9rE1vGervYA==

GET
H/1.1 200
OK refer-a-friend-program-powered-by-referralcandy.png
d1p6b1fqdxr5o.cloudfront.net/images/ 3 KB
3 KB 148ms
50ms Image
image/png 143.204.237.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1p6b1fqdxr5o.cloudfront.net/images/refer-a-friend-program-powered-by-referralcandy.png
Requested by: Host: mywit.referralcandy.com
URL: https://mywit.referralcandy.com/7KH4X3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-64.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bf356b1ac5d7badc1ba9ef6ac2f6f6708e170f3602ee88da24e8717b098df9f

Request headers

Referer: https://mywit.referralcandy.com/7KH4X3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 01:42:33 GMT
Via: 1.1 7c587fa0463f61b130aff5ca04c29170.cloudfront.net (CloudFront)
Last-Modified: Thu, 31 Oct 2013 08:08:49 GMT
Server: AmazonS3
Age: 7671
ETag: "419c65a555c10567bea2864798d0f415"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
X-Amz-Cf-Pop: CPH50-C1
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3071
X-Amz-Cf-Id: jIUwc7hxjhU4XPmdyJVQVanZzIC1D-AJhLWNb8TLS1JJwz-4UKnUhA==

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1p6b1fqdxr5o.cloudfront.net
mywit.referralcandy.com
netdna.bootstrapcdn.com
www.google-analytics.com
143.204.237.64
2001:4de0:ac19::1:b:2a
2a00:1450:4001:81b::200e
52.74.5.11
0f99f0fb01e2239b3d8c3c9b04da677bbe1d4a3cd207fbd6075077e023cdbef2
13431ebc8279cd6b43d9b4e94a137e59a2f848555cfa8293da2071d9b98149d8
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
34c5b7b058640503224a11acd9e5edd7a3d11d6dd1a1d05e9cb971855e798849
39cb0edcf837c5b59cf8c7cd01fd44c5d0c2e8ec78d3f8bf6fdb86c1b53c0f6c
6bf356b1ac5d7badc1ba9ef6ac2f6f6708e170f3602ee88da24e8717b098df9f
8597c7a064523e57f41e905f9aaa18585b97e0dea4d6a49d3312ccddae50652e
f962d89c8a31a5484050e484d5ce6087d008d5931a3f2efc4801a0c7d2f0728f

mywit.referralcandy.com Open in urlscan Pro 52.74.5.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

4 Countries

183 kBTransfer

330 kBSize

0 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

Indicators

mywit.referralcandy.com Open in urlscan Pro
52.74.5.11 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

183 kB
Transfer

330 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions