urlscan.io logo urlscan.io
SecurityTrails logo

referral-factory.referral-factory.com Open in urlscan Pro
104.21.41.149  Public Scan

Go To Rescan Add Verdict Report
URL: https://referral-factory.referral-factory.com/GdoktO
Submission: On June 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 104.21.41.149, located in and belongs to CLOUDFLARENET, US. The main domain is referral-factory.referral-factory.com.
TLS certificate: Issued by E1 on May 26th 2024. Valid for: 3 months.
This is the only time referral-factory.referral-factory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 104.21.41.149 13335 (CLOUDFLAR...)
4 142.250.185.202 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 104.18.186.31 13335 (CLOUDFLAR...)
1 142.250.186.110 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
20 6
10    104.21.41.149 (None, )

ASN13335 (CLOUDFLARENET, US)
referral-factory.referral-factory.com
4    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
www.youtube.com
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 referral-factory.com
referral-factory.referral-factory.com
209 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
5 KB
2 gstatic.com
fonts.gstatic.com
24 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
24 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
19 KB
20 6
Domain Requested by
10 referral-factory.referral-factory.com referral-factory.referral-factory.com
4 fonts.googleapis.com referral-factory.referral-factory.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.jsdelivr.net referral-factory.referral-factory.com
1 www.youtube.com referral-factory.referral-factory.com
1 cdnjs.cloudflare.com referral-factory.referral-factory.com
20 6

This site contains links to these domains. Also see Links.

Domain
referral-factory.com
Subject Issuer Validity Valid
referral-factory.com
E1		 2024-05-26 -
2024-08-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://referral-factory.referral-factory.com/GdoktO
Frame ID: 680A6FE46165F15B86CA818FB21C9C55
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mH64Fe-U7nM?autoplay=1&controls=0
Frame ID: 4D610736F059B24813453689A3E7C2B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GrowthZone Referral Program - $250

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

281 kB
Transfer

809 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request GdoktO
referral-factory.referral-factory.com/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0372e7d0a25c9946158e370158b8a796a1a1201dbd74007c22d6289aceff66

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
896cbfbe2bf68c4c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Jun 2024 15:21:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDmEPyyiXbGjQM7mHliT78mrULh4gRDL58FA4O%2BZdXgeAUeCEi39GS94ZOymDxHi89suPP6odZpPoHYLvLjNhixFaOwT8o8Vy0FXRPqUm2ZwYoKbm6FYmT%2BIZrxK9GXq1jcgCIPoewr2SZMPplEk4aIcQ0K5wNTW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		57 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
f322afdaf7184e4ddd7fca589f89cdd7e2e2721dffbf8abed7cb1eca88b0915f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jun 2024 14:56:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jun 2024 15:21:30 GMT
css2
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
c503e30d6b6ad4530b5962b7098b4fa82c5a4f65809f85c19a375b8bff1f6145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jun 2024 15:00:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jun 2024 15:21:30 GMT
css2
fonts.googleapis.com/ 		8 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
f55844e7af55df44a079478ef08327d622cdd33932b88a15eecd5b3289308801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jun 2024 13:48:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jun 2024 15:21:30 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
588481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18861
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-49ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVLcb1BQiQWTHkye7FXcGtB7%2FeYA9I%2BeLmjeVqFBuR981xXyHazLrfdKPtMHtlHoaMuBkQSUC7%2BtIlu5IUJ2n284vnBPOGHb%2BpDrl4HURVO8hgiELAaFPHpmvHXEvdMa1nP%2FN%2BUN"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
896cbfbf4eedbb53-FRA
expires
Tue, 10 Jun 2025 15:21:30 GMT
sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/sweetalert2.min.css
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ebd4dbb08c8772238698cc68724fab2e7e9591eeaac6777eaa58cdfb473b2b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
10.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4590
x-served-by
cache-fra-eddf8230050-FRA, cache-lga21981-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"5f70-g4xi1yOHeCNTAMOrcje0mC5yWwc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BT5IAWhZNLtrmdFDyptOEca51eLHHY4Nuh1pvKjRYGrXs8QfIOWQh3Wx0jOfQlScCt%2B0RQTTEnItLTBKwWBE7p%2BsdlbR4%2FcrfAMMKbpb768SJdhnvLTn3Qgi%2BkhuW06e4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
896cbfbf5f2f2c1c-FRA
magnific-popup.css
referral-factory.referral-factory.com/assets/web/dependencies/magnific-popup/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://referral-factory.referral-factory.com/assets/web/dependencies/magnific-popup/css/magnific-popup.css
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/GdoktO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 29 Apr 2024 12:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"662f9976-1b27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBttqnwY3dBwuAgcoq512%2FPizfpIZYo6ItnRdvqAu24glBkujID7YeNip8PWe2wktTjXMwvmf9Us2exVLjy63wkwVQSkGVtNAjRKzFu83YxBi2qrp1%2F31PUTdbeXtOyagzIOVKLUMLdw47qHPNBCTCCW97ZvfLuW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
896cbfbf0d588c4c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Jun 2024 15:21:30 GMT
css
fonts.googleapis.com/ 		3 KB
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto|Roboto|Poppins|Roboto|Roboto
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
d20bc2fce629c7f6a14cf2f509041382202969c4f9b7533bdf4c4253617216ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jun 2024 15:21:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jun 2024 15:21:30 GMT
bootstrap.min.css
referral-factory.referral-factory.com/assets/web/dependencies/bootstrap/css/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://referral-factory.referral-factory.com/assets/web/dependencies/bootstrap/css/bootstrap.min.css
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/GdoktO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 29 Apr 2024 12:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"662f9976-2722e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nRbueV6eVXrUURIO3UKwn9D%2BxS7rSCWykA85t2nVURuAfhvkTOmERVWnn%2F4ryAxtQzjKT3Wz5KguU2knRfoWP1LxUSsHX4Ppv95eLctGxQ%2B8sGt5OlmPxb4kHy8o6zx8%2BAmm2p032qT%2BJSJDfExcmnN%2Frnvv5ogb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
896cbfbf0d5a8c4c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Jun 2024 15:21:30 GMT
campaignApplication.css
referral-factory.referral-factory.com/assets/web/css/campaigns/ 		51 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://referral-factory.referral-factory.com/assets/web/css/campaigns/campaignApplication.css?id=cdc23053b005ef4a49c3
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ffade4b5b43554532cfbbe51509d5026d423d249106127d1555da6af63dc24e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/GdoktO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 29 Apr 2024 12:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"662f9976-cc78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=re4pDJsRXR6OrtqVcDl49Z7xNranRXUXUGBqsWr2LiXSX8rfVZ1xDe5St6YuB7gh0Xv6ud3I2hX%2FCMozM%2BronCAJLtCkRDcdFhCxuxODu%2BCF0dXQPke3SgHXJuPeOWD8atqU%2FGx6rHX5zmnTGR01XmH3wFcK9Elq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
896cbfbf0d5c8c4c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Jun 2024 15:21:30 GMT
Ffc9O96JHsuCUbcv.png
referral-factory.referral-factory.com/storage/logo/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral-factory.referral-factory.com/storage/logo/Ffc9O96JHsuCUbcv.png
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df884cdef4b4cc9635e3eba2a3c2802579e2717134a7725a0bf064ccc04ceb0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/GdoktO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 12:25:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"660bf924-4cdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YOYMjOspEouQ7bbgZ1YvmBGxyjYaP%2FKWfq%2BX9I2M4e7yk54miWyHw9InGRIMfBluosKdogRs3jJx74HIx8MYJ%2FwmlMLmuuFhXsYbuJYtKGk51o8cLtxhZEI1pdP6mltMepQRzW%2BA4254XI2aLWff1cnxbl4VyOFw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
896cbfbf0d768c4c-FRA
alt-svc
h3=":443"; ma=86400
content-length
19676
expires
Thu, 27 Jun 2024 15:21:30 GMT
g14rru5qW7HmIEUl.png
referral-factory.referral-factory.com/storage/images/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral-factory.referral-factory.com/storage/images/g14rru5qW7HmIEUl.png
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b074ad3911bdfc16319a32d803c56b2d02d4648eaed1215eae3bf343c8c70f62

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/GdoktO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Apr 2024 15:15:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6610157e-14f97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lMgVLWL8zwqHmyrZdXeejtEmuA4kXYMPKPUS9OvSoeGlmW7GyMlFEZajw38knv4q229rNxcE5OPs3tsj516daTjCYU8ryVNZRayPvn%2F08urGuYTJ4W8Ghlva5r7srwg7tKIK0uk05xf4cP258elIIvzXpBOyQXtn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
896cbfbf0d5d8c4c-FRA
alt-svc
h3=":443"; ma=86400
content-length
85911
expires
Thu, 27 Jun 2024 15:21:30 GMT
small-logo.png
referral-factory.referral-factory.com/assets/web/img/png/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral-factory.referral-factory.com/assets/web/img/png/small-logo.png
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89b438306620d488fcb2fdc2c65c2691f5f85812c050043b19b87b679e37810

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/GdoktO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
cf-cache-status
MISS
last-modified
Mon, 29 Apr 2024 12:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"662f9976-2679"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VutayawI9qKVjbL%2BAS41D6sPmp7y0bimJYR%2Fk9%2FEBywQwZ9aD9%2FM5cyVsyb%2FrVttHn%2FEIDhJuylKA8jxHTGowUCWhFQ84os4QcGhiEpYJw%2FcJHHo83iS5Uzm%2FIHW4Snx7klSXgjcIN7EOO2GX2pH4V8benEtLIy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
896cbfbf0d5e8c4c-FRA
alt-svc
h3=":443"; ma=86400
content-length
9849
expires
Thu, 27 Jun 2024 15:21:30 GMT
jquery.min.js
referral-factory.referral-factory.com/assets/web/dependencies/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://referral-factory.referral-factory.com/assets/web/dependencies/jquery/jquery.min.js
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/GdoktO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 29 Apr 2024 12:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"662f9976-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oB5EVFylnczWrfepNMnM%2B9obgpVk0WBE3iQv7aCU60E1u06CFhBf%2BQ0xgLk2k21B3xunDSgWEWugvQ0ohrUaRy4qKTu5%2BbeMtZt0VLmPzaYlaDBe%2Beno%2B2eplaXcisHRrdkKbjdUlvt0wtnwvlXstMcl7vqsyJGR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
cf-ray
896cbfbf0d728c4c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Jun 2024 15:21:30 GMT
bootstrap.bundle.min.js
referral-factory.referral-factory.com/assets/web/dependencies/bootstrap/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://referral-factory.referral-factory.com/assets/web/dependencies/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/GdoktO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Apr 2024 12:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
138267
etag
W/"662f9976-13c1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SM86Xl2qnCAnkF29YeW2lf2XPQQlGcZO32dqY84U0HIbNnhakpbpE%2B1jJoAHTupwJYRYUCV1aihkNxIfuxSlk6zVgjxtPpzJUSsC3gOj8AcY0D7DJGQT0gyl9yddzLaOUCdkTsuIb982Uah3Ekgw4wBeGRLg6YUP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
cf-ray
896cbfbf0d748c4c-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 26 Jun 2024 00:57:03 GMT
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/sweetalert2.all.min.js
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28cbc62defd6b0e423b7cb16098a18861300be5117f487445671c70f7f1d81b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
676929
x-jsd-version
10.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18759
x-served-by
cache-fra-etou8220130-FRA, cache-lga21927-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1082d-6F9SFnLnoodi62kt2SBwb5LFivM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQd1zDjWDrecSTjHBceFxmZYR%2BYpGBB5ovdXuMEkx3HuqNZS6Ds9F5F7Do16r2H5f32BBkRqx8FYBw9dNTppMxl%2FXCqmjobKyDereuAl4DCuxizupGjGQheuDY16Pc1iyhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
896cbfbf5f322c1c-FRA
mH64Fe-U7nM
www.youtube.com/embed/ Frame 4D61 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/mH64Fe-U7nM?autoplay=1&controls=0
Requested by
Host: referral-factory.referral-factory.com
URL: https://referral-factory.referral-factory.com/GdoktO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://referral-factory.referral-factory.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 15:21:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto|Poppins|Roboto|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://referral-factory.referral-factory.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:48:09 GMT
x-content-type-options
nosniff
age
174802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:48:09 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://referral-factory.referral-factory.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:11:45 GMT
x-content-type-options
nosniff
age
173386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:11:45 GMT
W4WsZNZIXT4qSOn3.png
referral-factory.referral-factory.com/storage/favicon/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://referral-factory.referral-factory.com/storage/favicon/W4WsZNZIXT4qSOn3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850bab1513a4e810d93d484ec1384d20608dca9e7335f6ff9a864173757a5975

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://referral-factory.referral-factory.com/GdoktO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:32 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Apr 2024 13:00:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"660ea45b-55b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66sGpQ8S%2B2kMHnjlEIBlZEhFulIrSPIRkIeS6sW3X8n8tLlg5jmDxworzwo02OJKSwavW5n1XjY%2BZRA%2F%2B1g2XXYfR0CHrAIVrvoyBkzwbrpu0gSJKXiRFodo9O3gGTlQf880B9R91hpYW39AB%2BL4ub72D5Kl26Jv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
896cbfc6e89f8c4c-FRA
alt-svc
h3=":443"; ma=86400
content-length
1371
expires
Thu, 27 Jun 2024 15:21:32 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| bootstrap function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal

7 Cookies

Domain/Path Name / Value
referral-factory.referral-factory.com/ Name: visited_GdoktO
Value: eyJpdiI6Ik1JM1JFaXpOWHB4ZnhmMXkyUDRIQUE9PSIsInZhbHVlIjoieForeWdXWFNhdVhteHYwejZhdHI5Rzhhbnkza2h3S0IranNnMDFzVTBMWGY0d0xWTnBDQ3ZaWDBlYWVVZXZaLyIsIm1hYyI6IjllNTRlZjY1Zjg1OTMzYjgwYmU2NDI0YWRmOWE1NmIwNjE1YWQ4MjI0OTAyMzVjMjFhOTc3Y2UzMWEyNDhmZTcifQ%3D%3D
referral-factory.referral-factory.com/ Name: visited_time_GdoktO
Value: eyJpdiI6InhBd3Z6SlFiVEExaStMaHNSREVlYmc9PSIsInZhbHVlIjoiOVZsNlgwKzJYQ2ZpSFVocE84UmZsS2dZU1RuMldKL21QUTZuckdYOW5Dd3VrZUxuNDc1TVJtYkRnR3NrYkwxNlIxbjdzRm8rSWNteHg5RUV4RW90dVE9PSIsIm1hYyI6IjJmZTZkOTA5NjI1ZjkyM2Y3YjhhYjc4MjMzNDk4MDc3M2U5MTVjNDRmNWM1OGMyMWI2ZjY3Njc4ZGRmOGEwYzQifQ%3D%3D
referral-factory.referral-factory.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkIycjNoRUlXcldUdExrSmVET2hWOEE9PSIsInZhbHVlIjoiekk2M1F2RnhJZ1h1bWtHSXdoYzJLY1B4bG5ia2g3UVB3SnN2My94clk1am8yUGprNncxSEtxQU5zSWtsL3JBb3NuS1hMdEVZOHhBalFLS3NkZG0rVzlTVHlXMFhDa0hyY216WnZWNmRwUVE1NHVxQmNmbVdoSzlOM3VRNi9QQzIiLCJtYWMiOiJmYzRkMTc4ZWUxYTZiNjUyNTcyNjViODNlOTM4ZDNjZjY2NGIxYTMxM2I3MDJkZjAyOGRlMDA2YjFkNTVlMTZjIn0%3D
referral-factory.referral-factory.com/ Name: referral_factory_session
Value: eyJpdiI6IjFocUk4bGhYMUxyVEdKK3pnYTFpc3c9PSIsInZhbHVlIjoiNzhMdllFV0FXWXdta2pNc1dxVi9ONWw0endXc1JXNG9DcCsySnpJVW5mTFJtQURYRk05cG5PbUhvcGhzd3FCN3pYb1pnbk0yNjFGSnFmZ25wTDlrcVo1eGkzQzlUdGVKNFVleGxSYlVvSVhnajN5S3RDYnRUWTN6RlE2VnBpOTMiLCJtYWMiOiJhODE2ZmU5ODhkMGE5M2IwNjc0NjFlZjU5YjU3MTIwNjZlNmM5ZGFiN2E4MGU0ODkyNDhmYjQyZmY0ZmIxNDQzIn0%3D
.youtube.com/ Name: YSC
Value: m1hSusG9AbE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: iNfFyKzli8M
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgSA%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
referral-factory.referral-factory.com
www.youtube.com
104.17.24.14
104.18.186.31
104.21.41.149
142.250.185.195
142.250.185.202
142.250.186.110
28cbc62defd6b0e423b7cb16098a18861300be5117f487445671c70f7f1d81b8
2ebd4dbb08c8772238698cc68724fab2e7e9591eeaac6777eaa58cdfb473b2b4
3ffade4b5b43554532cfbbe51509d5026d423d249106127d1555da6af63dc24e
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
6df884cdef4b4cc9635e3eba2a3c2802579e2717134a7725a0bf064ccc04ceb0
7a0372e7d0a25c9946158e370158b8a796a1a1201dbd74007c22d6289aceff66
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
850bab1513a4e810d93d484ec1384d20608dca9e7335f6ff9a864173757a5975
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a89b438306620d488fcb2fdc2c65c2691f5f85812c050043b19b87b679e37810
b074ad3911bdfc16319a32d803c56b2d02d4648eaed1215eae3bf343c8c70f62
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c503e30d6b6ad4530b5962b7098b4fa82c5a4f65809f85c19a375b8bff1f6145
d20bc2fce629c7f6a14cf2f509041382202969c4f9b7533bdf4c4253617216ad
f322afdaf7184e4ddd7fca589f89cdd7e2e2721dffbf8abed7cb1eca88b0915f
f55844e7af55df44a079478ef08327d622cdd33932b88a15eecd5b3289308801
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f