urlscan.io logo urlscan.io
SecurityTrails logo

my.refern.app Open in urlscan Pro
2a00:1450:4001:830::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.refern.app/
Effective URL: https://my.refern.app/
Submission: On October 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 29 HTTP transactions. The main IP is 2a00:1450:4001:830::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is my.refern.app.
TLS certificate: Issued by WR3 on September 4th 2024. Valid for: 3 months.
This is the only time my.refern.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
my.refern.app
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
1    18.244.18.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-37.fra56.r.cloudfront.net
js.stripe.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    2a00:1450:4001:80e::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
Apex Domain
Subdomains		 Transfer
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
q.clarity.ms — Cisco Umbrella Rank: 6903
29 KB
5 gstatic.com
fonts.gstatic.com
104 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
128 KB
4 refern.app
my.refern.app
229 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
storage.googleapis.com — Cisco Umbrella Rank: 356
25 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1102
182 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
191 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 47
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
94 KB
29 9
Domain Requested by
5 fonts.gstatic.com fonts.googleapis.com
my.refern.app
4 q.clarity.ms www.clarity.ms
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 my.refern.app my.refern.app
2 js.stripe.com my.refern.app
js.stripe.com
2 fonts.googleapis.com my.refern.app
2 www.clarity.ms my.refern.app
www.clarity.ms
2 pagead2.googlesyndication.com my.refern.app
pagead2.googlesyndication.com
1 storage.googleapis.com
1 lh3.googleusercontent.com my.refern.app
1 www.googletagmanager.com my.refern.app
29 11

This site contains links to these domains. Also see Links.

Domain
www.refern.app
Subject Issuer Validity Valid
my.refern.app
WR3		 2024-09-04 -
2024-12-03		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
storage.googleapis.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://my.refern.app/
Frame ID: 241F546586E0EABC27FC69D898468459
Requests: 27 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-42e8416f8de3339004c73b5ae3a82ad8.html
Frame ID: 6151A83FE225BE71ADDCF1EBDE9354AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

refern. | The all-in-one art reference platform

Page URL History Show full URLs

  1. http://my.refern.app/ HTTP 307
    https://my.refern.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

97 %
HTTPS

75 %
IPv6

9
Domains

11
Subdomains

13
IPs

2
Countries

985 kB
Transfer

3461 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.refern.app/ HTTP 307
    https://my.refern.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.refern.app/
Redirect Chain
  • http://my.refern.app/
  • https://my.refern.app/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.refern.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
8cb64c73f5872a9c29c26a7f87c4f6a4c0a9165264f565f42dcf7d9785859b0f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
797
content-type
text/html; charset=utf-8
date
Mon, 14 Oct 2024 01:28:28 GMT
etag
"f0f4441f22c5272ca5955ef256cd8a3e4d081ee4271c483767af346808156f22-br"
last-modified
Sun, 13 Oct 2024 04:50:13 GMT
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
0
x-cloud-trace-context
73e88f030364b192f87ff9d46db49927;o=1
x-powered-by
Express
x-served-by
cache-chi-kigq8000143-CHI
x-timer
S1728869308.448222,VS0,VE2

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://my.refern.app/
Non-Authoritative-Reason
HSTS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1547030288955263
Requested by
Host: my.refern.app
URL: https://my.refern.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20031f62f1c677e61595c9df4f7c29d2c1559ba031d296a3409c16fba929bed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://my.refern.app
Referer
https://my.refern.app/

Response headers

content-encoding
br
etag
2713792101657489511
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:28:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 14 Oct 2024 01:28:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52558
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		271 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16730696774
Requested by
Host: my.refern.app
URL: https://my.refern.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a006f824f8489a905dcc6176e885723c9c4ddd85db19309bb1043bd4ab6e3fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 01:28:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:28:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 14 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95755
x-xss-protection
0
server
Google Tag Manager
index-a95f49dd.js
my.refern.app/assets/ 		997 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.refern.app/assets/index-a95f49dd.js
Requested by
Host: my.refern.app
URL: https://my.refern.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
79855290a85686b2bcf02a07c11900ee80f8df0006140547ef7d43bc246741e7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://my.refern.app
Referer
https://my.refern.app/

Response headers

content-encoding
br
etag
"1ed258f778185c8b2bd00141fa57eb82590d77cd7bae16e430635388b6c7cd58-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Mon, 14 Oct 2024 01:28:28 GMT
x-cloud-trace-context
382cbc149f69ba31962c09cc7f8bf630
content-type
text/javascript; charset=utf-8
x-cache-hits
0
last-modified
Sun, 13 Oct 2024 04:50:13 GMT
x-served-by
cache-chi-kigq8000107-CHI
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
cache-control
max-age=3600
x-timer
S1728869309.667004,VS0,VE3
accept-ranges
bytes
content-length
223424
x-powered-by
Express
server
Google Frontend
index-02d721cb.css
my.refern.app/assets/ 		39 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.refern.app/assets/index-02d721cb.css
Requested by
Host: my.refern.app
URL: https://my.refern.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
02d721cb2cd049f084a75b1f56e63f38ed8000a339c9aac05782a2f1152e3b04
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

content-encoding
br
etag
"d3369aa939e0c6093d882fa4cb177904b2d15e4730f0be228407cadbf3a9e985-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Mon, 14 Oct 2024 01:28:28 GMT
x-cloud-trace-context
36446bfd05d2738d9835edb521b242fb
content-type
text/css; charset=utf-8
x-cache-hits
0
last-modified
Sun, 13 Oct 2024 04:50:13 GMT
x-served-by
cache-chi-kigq8000049-CHI
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
cache-control
max-age=3600
x-timer
S1728869309.669304,VS0,VE6
accept-ranges
bytes
content-length
6726
x-powered-by
Express
server
Google Frontend
k99ieohmkz
www.clarity.ms/tag/ 		553 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/k99ieohmkz
Requested by
Host: my.refern.app
URL: https://my.refern.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7374cf6e703ea7e11c35f46eb45964e63f7905d449b9b5d7c55c32c666f97ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
553
date
Mon, 14 Oct 2024 01:28:28 GMT
content-type
application/x-javascript
x-azure-ref
20241014T012828Z-176d4fdd79ctlf5jts42kg784000000008yg000000009gtx
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/ 		420 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1547030288955263&plah=my.refern.app
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1547030288955263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b7cc2e2046ede89410c27b1a787ed5079ddebe0d5771af5abc85458b91657fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

content-encoding
br
etag
15667092816307928542
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:28:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 14 Oct 2024 01:28:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
143030
x-xss-protection
0
server
cafe
clarity.js
www.clarity.ms/s/0.7.48/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.48/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/k99ieohmkz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

x-azure-ref
20241014T012828Z-176d4fdd79ctlf5jts42kg784000000008yg000000009gu6
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCE961488285A1"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
c05fb4bd-e01e-003c-02b5-1b071c000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 14 Oct 2024 01:28:28 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 10 Oct 2024 19:25:21 GMT
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700;900&display=swap
Requested by
Host: my.refern.app
URL: https://my.refern.app/assets/index-02d721cb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9215ab17d5bb95365fda0ddf670b851bdf468f5cd802812639f7ec416f702513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:28:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:28:28 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 01:21:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
ca-pub-1547030288955263
fundingchoicesmessages.google.com/i/ 		200 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1547030288955263?href=https%3A%2F%2Fmy.refern.app&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1547030288955263&plah=my.refern.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2130afbdb6bd253c213fe338be14337dcfa450fe7221a766522223ed5e9dbf69
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_vEl6lHdHjvxLdDFrqTr4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:28:28 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XDseb5xB5vAhHn_zzMraSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGFjqGRjFFxgAAF8OSuk"
content-security-policy
script-src 'report-sample' 'nonce-_vEl6lHdHjvxLdDFrqTr4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
q.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://my.refern.app/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://my.refern.app
Date
Mon, 14 Oct 2024 01:28:29 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
AGSKWxW6-E5cuq2bWeaLXDQ_HAhgRTrmcpW7zWY3GMxxbysNd90KIRZDx7ksQTPH0oDG8Ncn1U_t9iRwXxMxdDVqdQJeymMWaM0bMMpBFE8npSq_HBAaTdr3V47cmMNTEoQGKgsHEZzrqQ==
fundingchoicesmessages.google.com/f/ 		399 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW6-E5cuq2bWeaLXDQ_HAhgRTrmcpW7zWY3GMxxbysNd90KIRZDx7ksQTPH0oDG8Ncn1U_t9iRwXxMxdDVqdQJeymMWaM0bMMpBFE8npSq_HBAaTdr3V47cmMNTEoQGKgsHEZzrqQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4ODY5MzA5LDc0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL215LnJlZmVybi5hcHAvIixudWxsLFtbOCwidGFCZ0d2UlFDMjAiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.taBgGvRQC20.es5.O/am=DAY/d=1/rs=AJlcJMwsYgvDpo2d5NnPq27LxeOHWTOcqg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a964bf4e39278cbdd25187607c3e0460f3290401ec9882cc616d06df626c373a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ypzVvnj3qBXo36WEvoWj9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:28:29 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRALcXPsfb5xB5vAhKU9bkoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgYGlnoGRvEFBgDyWEno"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ypzVvnj3qBXo36WEvoWj9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ad07777c-c8d3-4809-8e02-fb2151c5d5aa
https://my.refern.app/ Frame 		0
0
v3
js.stripe.com/ 		665 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: my.refern.app
URL: https://my.refern.app/assets/index-a95f49dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-37.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
850821670b45edbf26c1386459c2ba7d1cd49c7e9f6998c7af02f4306e2b6053
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

content-encoding
gzip
etag
W/"397453099d40da54fcd3319b7aa9f1ee"
age
36
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
BJelwzCoXdDA2ejNXVeC_yIMzO2k3XF1Ua8O_nZz-40VB5-07NeIlg==
date
Mon, 14 Oct 2024 01:27:55 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 21:34:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P11
server
Cloudfront
workbox-window.prod.es5-2c1e765a.js
my.refern.app/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.refern.app/assets/workbox-window.prod.es5-2c1e765a.js
Requested by
Host: my.refern.app
URL: https://my.refern.app/assets/index-a95f49dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
b2881fb7fbed691800f97edb4d21fb6bc6d53ad168795c61c08eaeaa168a07e9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://my.refern.app
Referer
https://my.refern.app/assets/index-a95f49dd.js

Response headers

content-encoding
br
etag
"ebffded0bd67dbf88292e9cca9e43ce303316eee1ceaf13c3cac215604283a8f-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Mon, 14 Oct 2024 01:28:29 GMT
x-cloud-trace-context
9f8e32901a8fd981a0c8ddf8962f3279
content-type
text/javascript; charset=utf-8
x-cache-hits
0
last-modified
Sun, 13 Oct 2024 04:50:13 GMT
x-served-by
cache-chi-kigq8000052-CHI
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
cache-control
max-age=3600
x-timer
S1728869309.307426,VS0,VE2
accept-ranges
bytes
content-length
2128
x-powered-by
Express
server
Google Frontend
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://my.refern.app
Referer
https://fonts.googleapis.com/

Response headers

age
505491
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 05:03:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 05:03:38 GMT
last-modified
Thu, 01 Jun 2023 22:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14188
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ 		111 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.taBgGvRQC20.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxMhK7ou1Bhm7UcXreF0-Je5RpW0w/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3094757268fc8aaffc5ddfdc1020d49cbc7b715c5f1dbc6dae28fa72ff2753ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:28:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:28:29 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 01:28:29 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
Ug03h6XMEPUMihpwYfqB-t6dMcMCwnbCF5tZqyi3AXXyBXHIE6s9Y1I3JskgVF5c416US0bA8v78y06LplijnCVwYwD63mpo7jwQT6XstFo9ouIOmNjH=h60
lh3.googleusercontent.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Ug03h6XMEPUMihpwYfqB-t6dMcMCwnbCF5tZqyi3AXXyBXHIE6s9Y1I3JskgVF5c416US0bA8v78y06LplijnCVwYwD63mpo7jwQT6XstFo9ouIOmNjH=h60
Requested by
Host: my.refern.app
URL: https://my.refern.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
11f7ff56bde839c02c49163cf2630f0b40f5f5cc29d46c63619a37f4a4608d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"v1"
x-content-type-options
nosniff
expires
Tue, 15 Oct 2024 01:28:29 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2071
date
Mon, 14 Oct 2024 01:28:29 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="unnamed.png"
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: my.refern.app
URL: https://my.refern.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://my.refern.app
Referer
https://my.refern.app/

Response headers

age
530946
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxX08zHTaL9kKe8gyv1aj_pG2k2B-xmkmIG_NdbY6p8DLHhjIRF42INqJKy-uAEZQ_EWoNVwJDYP25naRTTrG8d01hqB1gRFK8Tfs-n-WypQQqUZIR2UDuaOPbDcxAi7C0Q97N8QKw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX08zHTaL9kKe8gyv1aj_pG2k2B-xmkmIG_NdbY6p8DLHhjIRF42INqJKy-uAEZQ_EWoNVwJDYP25naRTTrG8d01hqB1gRFK8Tfs-n-WypQQqUZIR2UDuaOPbDcxAi7C0Q97N8QKw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.taBgGvRQC20.es5.O/am=DAY/d=1/rs=AJlcJMwsYgvDpo2d5NnPq27LxeOHWTOcqg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z2sK7ry7yiGQGpwvRy2zWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://my.refern.app/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:28:29 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBicEqfwRoAxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY-_zjTvYBC58mbCEUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYGugZmMUXGAAA94IvwQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z2sK7ry7yiGQGpwvRy2zWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://my.refern.app
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX08zHTaL9kKe8gyv1aj_pG2k2B-xmkmIG_NdbY6p8DLHhjIRF42INqJKy-uAEZQ_EWoNVwJDYP25naRTTrG8d01hqB1gRFK8Tfs-n-WypQQqUZIR2UDuaOPbDcxAi7C0Q97N8QKw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX08zHTaL9kKe8gyv1aj_pG2k2B-xmkmIG_NdbY6p8DLHhjIRF42INqJKy-uAEZQ_EWoNVwJDYP25naRTTrG8d01hqB1gRFK8Tfs-n-WypQQqUZIR2UDuaOPbDcxAi7C0Q97N8QKw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.taBgGvRQC20.es5.O/am=DAY/d=1/rs=AJlcJMwsYgvDpo2d5NnPq27LxeOHWTOcqg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7lTo-N4JkCdg5N_Xf3beNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://my.refern.app/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:28:29 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoAxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY-_zjTvYBB4s2LucUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYGugZmMUXGAAA7k8vpg"
content-security-policy
script-src 'report-sample' 'nonce-7lTo-N4JkCdg5N_Xf3beNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://my.refern.app
content-length
0
x-xss-protection
0
server
ESF
collect
q.clarity.ms/ 		0
277 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://my.refern.app/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://my.refern.app
Date
Mon, 14 Oct 2024 01:28:29 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
controller-with-preconnect-42e8416f8de3339004c73b5ae3a82ad8.html
js.stripe.com/v3/ Frame 6151 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-42e8416f8de3339004c73b5ae3a82ad8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.refern.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
53
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
404
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 14 Oct 2024 01:28:29 GMT
etag
"42e8416f8de3339004c73b5ae3a82ad8"
last-modified
Fri, 11 Oct 2024 20:56:12 GMT
origin-agent-cluster
?1
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-request-id
c770805f-1485-4b7f-a7ed-d3f183ddaef4
x-served-by
cache-fra-etou8220076-FRA
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://my.refern.app
Referer
https://fonts.googleapis.com/

Response headers

age
437197
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 00:01:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 00:01:52 GMT
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14712
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://my.refern.app
Referer
https://fonts.googleapis.com/

Response headers

age
529778
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 22:18:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 22:18:51 GMT
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14824
x-xss-protection
0
server
sffe
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://my.refern.app
Referer
https://fonts.googleapis.com/

Response headers

age
461151
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 17:22:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 17:22:38 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
collect
q.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://my.refern.app/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://my.refern.app
Date
Mon, 14 Oct 2024 01:28:29 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
icon.png
storage.googleapis.com/refern-static-content/ 		17 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/refern-static-content/icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
636b6b51e5dc0e9f76de28853e9d98d3fd356770904e78b8a83cc002529a256e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://my.refern.app/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=G8XxXw==, md5=YFkmeriT470TfJl9wdW5/w==
etag
"6059267ab893e3bd137c997dc1d5b9ff"
x-goog-stored-content-encoding
identity
expires
Mon, 14 Oct 2024 02:28:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
17877
date
Mon, 14 Oct 2024 01:28:29 GMT
last-modified
Thu, 25 Apr 2024 04:59:34 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY0LrE7oKzjkzxyycpAG4rxassjeaSY5PJ6t_ZEyaI5r-5pcKLOLj97Okw3GxYtPKnT2qyqYhWRrGg
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1714021174845960
content-length
17877
server
UploadServer
collect
q.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://my.refern.app/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://my.refern.app
Date
Mon, 14 Oct 2024 01:28:30 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.refern.app
URL
blob:https://my.refern.app/ad07777c-c8d3-4809-8e02-fb2151c5d5aa

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| clarity function| gtag object| dataLayer function| gtag_report_conversion object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NGQ4Mjk2OWVkMzdiNjA2MWxvYWRlcl9qcw== string| NGQ4Mjk2OWVkMzdiNjA2MWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| webpackChunkStripeJSouter function| noop function| Stripe

1 Cookies

Domain/Path Name / Value
.refern.app/ Name: _gcl_au
Value: 1.1.1713491648.1728869309

2 Console Messages

Source Level URL
Text
worker info URL: blob:https://my.refern.app/ad07777c-c8d3-4809-8e02-fb2151c5d5aa
Message:
worker started
network error
Message:
The script has an unsupported MIME type ('text/html').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
js.stripe.com
lh3.googleusercontent.com
my.refern.app
pagead2.googlesyndication.com
q.clarity.ms
storage.googleapis.com
www.clarity.ms
www.googletagmanager.com
my.refern.app
151.101.192.176
18.244.18.37
20.231.53.73
2620:1ec:bdf::64
2a00:1450:4001:801::2001
2a00:1450:4001:80e::201b
2a00:1450:4001:810::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2013
02d721cb2cd049f084a75b1f56e63f38ed8000a339c9aac05782a2f1152e3b04
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
11f7ff56bde839c02c49163cf2630f0b40f5f5cc29d46c63619a37f4a4608d45
20031f62f1c677e61595c9df4f7c29d2c1559ba031d296a3409c16fba929bed6
2130afbdb6bd253c213fe338be14337dcfa450fe7221a766522223ed5e9dbf69
3094757268fc8aaffc5ddfdc1020d49cbc7b715c5f1dbc6dae28fa72ff2753ab
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
636b6b51e5dc0e9f76de28853e9d98d3fd356770904e78b8a83cc002529a256e
79855290a85686b2bcf02a07c11900ee80f8df0006140547ef7d43bc246741e7
7a006f824f8489a905dcc6176e885723c9c4ddd85db19309bb1043bd4ab6e3fc
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
850821670b45edbf26c1386459c2ba7d1cd49c7e9f6998c7af02f4306e2b6053
8cb64c73f5872a9c29c26a7f87c4f6a4c0a9165264f565f42dcf7d9785859b0f
9215ab17d5bb95365fda0ddf670b851bdf468f5cd802812639f7ec416f702513
9b7cc2e2046ede89410c27b1a787ed5079ddebe0d5771af5abc85458b91657fd
a7374cf6e703ea7e11c35f46eb45964e63f7905d449b9b5d7c55c32c666f97ba
a964bf4e39278cbdd25187607c3e0460f3290401ec9882cc616d06df626c373a
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
b2881fb7fbed691800f97edb4d21fb6bc6d53ad168795c61c08eaeaa168a07e9
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855