app.refapp.com Open in urlscan Pro
3.70.124.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.refapp.com/l/amSMeCEWrnE4nBD?s=&book=
Submission: On August 26 via manual (August 26th 2024, 11:24:48 pm UTC) from CO — Scanned from IT

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 3.70.124.16, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is app.refapp.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 19th 2024. Valid for: a year.

This is the only time app.refapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	3.70.124.16 3.70.124.16	16509 (AMAZON-02) (AMAZON-02)
2	52.219.75.201 52.219.75.201	16509 (AMAZON-02) (AMAZON-02)
1	34.149.169.145 34.149.169.145	15169 (GOOGLE) (GOOGLE)
19	4

15 3.70.124.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

app.refapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.75.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-central-1.amazonaws.com

refapp-images-production.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.169.145 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 145.169.149.34.bc.googleusercontent.com

rum.browser-intake-datadoghq.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	refapp.com app.refapp.com	3 MB
2	amazonaws.com refapp-images-production.s3.amazonaws.com	199 KB
1	browser-intake-datadoghq.eu rum.browser-intake-datadoghq.eu — Cisco Umbrella Rank: 21657	340 B
19	3

	Domain	Requested by
15	app.refapp.com	app.refapp.com
2	refapp-images-production.s3.amazonaws.com
1	rum.browser-intake-datadoghq.eu	app.refapp.com
19	3

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.manpowergroup.com.mx

Subject Issuer	Validity	Valid
*.refapp.com Amazon RSA 2048 M02	`2024-01-19` - `2025-02-16`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.browser-intake-datadoghq.eu DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-08-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.refapp.com/l/amSMeCEWrnE4nBD?s=&book=
Frame ID: A422F4A7FC55912B4045FC3E986F7F3E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Refapp

Detected technologies

Meteor (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+__meteor-css__

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

3639 kB
Transfer

13653 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/in/yislani-c%C3%B3rdoba-3502389b/

Search URL Search Domain Scan URL

URL: https://www.manpowergroup.com.mx/politica-de-privacidad
Title: clicking here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request amSMeCEWrnE4nBD Show response
app.refapp.com/l/ 2 KB
3 KB 187ms
45ms Document
text/html 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/l/amSMeCEWrnE4nBD?s=&book=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

a27c13f1411bdc8e13d8d0c83a036779fc70facad50e27eb08ccd02e006e37c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-fXRhBu7MNQv9cH5' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-fXRhBu7MNQv9cH5' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
content-type: text/html; charset=utf-8
date: Mon, 26 Aug 2024 23:24:40 GMT
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 0552f18fbdf959f472dd0a06717cd56893ed6713.css
app.refapp.com/ 132 KB
23 KB 59ms
58ms Stylesheet
text/css 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/0552f18fbdf959f472dd0a06717cd56893ed6713.css?meteor_css_resource=true

Requested by

Host: app.refapp.com
URL: https://app.refapp.com/l/amSMeCEWrnE4nBD?s=&book=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

861042d72868486aeb6b32de555dc8f0b1b571b7354e73907e1d5386fb5fe048

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-XGggdYFawTihikb' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:40 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-XGggdYFawTihikb' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000
etag: "0552f18fbdf959f472dd0a06717cd56893ed6713"
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H2 200 meteor_runtime_config.js Show response
app.refapp.com/ 1 KB
3 KB 55ms
54ms Script
application/javascript 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/meteor_runtime_config.js?hash=0b1bf74c02f8bc8fc20039dbfd3b5295c81885df

Requested by

Host: app.refapp.com
URL: https://app.refapp.com/l/amSMeCEWrnE4nBD?s=&book=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8d80e9a2bc08a731a8ac25ac269a37f01a1ba593395b7429f6dfbc29e136db2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-f47xRFTnLznAtHf' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:40 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-f47xRFTnLznAtHf' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()

GET
H2 200 b498a8ea7d1074ba99b85ccf1cff9d8954810629.js Show response
app.refapp.com/ 12 MB
3 MB 59ms
58ms Script
application/javascript 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/b498a8ea7d1074ba99b85ccf1cff9d8954810629.js?meteor_js_resource=true

Requested by

Host: app.refapp.com
URL: https://app.refapp.com/l/amSMeCEWrnE4nBD?s=&book=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

23fadf2550db9285c9a75ad61a81d6bb40c25f7326ceebbc181628af3d26443b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-EepwXFAp5Wb4peu' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:40 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-EepwXFAp5Wb4peu' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000
etag: "b498a8ea7d1074ba99b85ccf1cff9d8954810629"
vary: User-Agent, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H2 200 info Show response
app.refapp.com/sockjs/ 79 B
569 B 56ms
56ms XHR
application/json 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.refapp.com/sockjs/info?t=1724714683816
Requested by: Host: app.refapp.com
URL: https://app.refapp.com/b498a8ea7d1074ba99b85ccf1cff9d8954810629.js?meteor_js_resource=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-124-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c74d37ed23e88a14f588673accf9002cd4c7024a596282930ce76d29418cb5de

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Aug 2024 23:24:43 GMT
cache-control: no-store, no-cache, no-transform, must-revalidate, max-age=0
vary: Origin
content-type: application/json; charset=UTF-8

GET 71b4cf4c-4aff-4bd5-a0e0-f9e59c5ef0de
https://app.refapp.com/ 0
0

GET
H2 200 getFormData Show response
app.refapp.com/referee/ 5 KB
6 KB 602ms
602ms Fetch
application/json 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.refapp.com/referee/getFormData?referenceId=amSMeCEWrnE4nBD&source=sms
Requested by: Host: app.refapp.com
URL: https://app.refapp.com/b498a8ea7d1074ba99b85ccf1cff9d8954810629.js?meteor_js_resource=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-124-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6bd02d73bcfe729c01a1987946768a1d05654e18ba6d1feb0596abd0bf4ecb8d

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:44 GMT
content-length: 5454
content-type: application/json

GET
H2 200 favicon-32x32.png
app.refapp.com/favicon/ 681 B
3 KB 53ms
53ms Other
image/png 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/favicon/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f18568e091456a802f50c16928ee41616d2a89e40e0242adb648b3d4ca97d0c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-sDy2XLvHr9FtWwn' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:43 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-sDy2XLvHr9FtWwn' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
etag: "0db495658376cb8790ff7d4652adad54baabdfa6"
content-type: image/png
cache-control: public, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 681

GET
H2 200 Ubuntu-Regular.ttf
app.refapp.com/fonts/Ubuntu/ 293 KB
145 KB 71ms
69ms Font
font/ttf 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/fonts/Ubuntu/Ubuntu-Regular.ttf

Requested by

Host: app.refapp.com
URL: https://app.refapp.com/0552f18fbdf959f472dd0a06717cd56893ed6713.css?meteor_css_resource=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

66fea9c00091f25eb8a526548023b6154785876a900af2d8f472922689698163

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-GscuSJTbJPTfjiy' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://app.refapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:44 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-GscuSJTbJPTfjiy' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000
etag: "121bf3e8b155f31169f0baccc43b6dc0bb943697"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H2 200 Ubuntu-Light.ttf
app.refapp.com/fonts/Ubuntu/ 354 KB
170 KB 108ms
107ms Font
font/ttf 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/fonts/Ubuntu/Ubuntu-Light.ttf

Requested by

Host: app.refapp.com
URL: https://app.refapp.com/0552f18fbdf959f472dd0a06717cd56893ed6713.css?meteor_css_resource=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3e72639577a39aaeb68d977e310814d5b021163825b23e067b37334a4bf142a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-bkqAMSa6dEPrAaD' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://app.refapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:44 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-bkqAMSa6dEPrAaD' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000
etag: "c7a6bc49fb1fd647a4bfceb375971af6b309a8f0"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H2 200 Ubuntu-Bold.ttf
app.refapp.com/fonts/Ubuntu/ 264 KB
128 KB 100ms
99ms Font
font/ttf 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/fonts/Ubuntu/Ubuntu-Bold.ttf

Requested by

Host: app.refapp.com
URL: https://app.refapp.com/0552f18fbdf959f472dd0a06717cd56893ed6713.css?meteor_css_resource=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6dbcce3fdd846f3aebc7e1890b5ccca234806cbd84763785f7ced043a99e8268

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-GcL6hwdpSYDz2wh' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://app.refapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:44 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-GcL6hwdpSYDz2wh' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000
etag: "2324c66fda0790795f9da72ccda3f7a485c3f49c"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H2 200 Ubuntu-Medium.ttf
app.refapp.com/fonts/Ubuntu/ 278 KB
135 KB 128ms
127ms Font
font/ttf 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/fonts/Ubuntu/Ubuntu-Medium.ttf

Requested by

Host: app.refapp.com
URL: https://app.refapp.com/0552f18fbdf959f472dd0a06717cd56893ed6713.css?meteor_css_resource=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0d685f51c3bc394f02c8c218565ba423972cfb35c2542871e0a4ac0c3a0c16a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-nCYkbhPtQiGfSvy' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://app.refapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:44 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-nCYkbhPtQiGfSvy' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000
etag: "d0dda175bc5da26b586ec7ca5e28fc925864fa1f"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H2 200 Roboto-Light.ttf
app.refapp.com/fonts/Roboto/ 137 KB
74 KB 90ms
89ms Font
font/ttf 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.refapp.com/fonts/Roboto/Roboto-Light.ttf

Requested by

Host: app.refapp.com
URL: https://app.refapp.com/0552f18fbdf959f472dd0a06717cd56893ed6713.css?meteor_css_resource=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

b17667ce7e13581db105777f986e141168231e88a8ef16d13e581c7c1525f14b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-a24EG85a8fKcPyD' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://app.refapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:44 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-a24EG85a8fKcPyD' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000
etag: "53c8443c9da3059036e97e0e6e3c52264b2686c8"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H/1.1 200
OK gNHyZNmdRj3XXPiiYoGL-1132x514
refapp-images-production.s3.amazonaws.com/company-avatars/2022-09-14/ 195 KB
196 KB 198ms
50ms Image
image/png 52.219.75.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refapp-images-production.s3.amazonaws.com/company-avatars/2022-09-14/gNHyZNmdRj3XXPiiYoGL-1132x514
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.219.75.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e43179a11fee5bf7a510f78ca6e02f91623e44aaa05ce8c82ad50a157c24af39

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 26 Aug 2024 23:24:45 GMT
x-amz-version-id: 3QIPOwu5.UPpzf_6BcKXDapExtHicEbn
Last-Modified: Wed, 14 Sep 2022 10:55:59 GMT
Server: AmazonS3
x-amz-request-id: N63Q8JBWSYYWHFCJ
ETag: "3900b62e5063f6f15a71c4b65a34bea0"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 200006
x-amz-id-2: 1DXPLhIC0ZHBEx1I5DItg68g58bZHyAf5tPSTql360hJtnsIq2TipSpaXd5KI1Fc3pPboF1/B10=

GET
H/1.1 200
OK KZBAO-5m9apdAuSLh9CfrYdj27-100x100
refapp-images-production.s3.amazonaws.com/2024-06-26/ 3 KB
3 KB 258ms
67ms Image
image/jpeg 52.219.75.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refapp-images-production.s3.amazonaws.com/2024-06-26/KZBAO-5m9apdAuSLh9CfrYdj27-100x100
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.219.75.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1848eab54c3960a52324d8bbb60e43f3b71b19f4e7f5af6a7069e9bcedf8acbb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 26 Aug 2024 23:24:45 GMT
x-amz-version-id: LMUvLlpLb7girm7P2gWFnoahih4iuT1d
Last-Modified: Wed, 26 Jun 2024 14:05:49 GMT
Server: AmazonS3
x-amz-request-id: N63X1526F2PPWXNB
ETag: "422cdfa630e53f70040d5835dc899f0a"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 2988
x-amz-id-2: VOBKTWznnwwXZje2IzQx/8sQubYaJBGUNuSm4NU2n1RdWhoEOLeueafTLycbI/QEHGIOH52L2Yk=

GET
H2 200 LinkedIn-Blue-14@1x.png
app.refapp.com/icons/linkedin/ 2 KB
4 KB 55ms
54ms Image
image/png 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.refapp.com/icons/linkedin/LinkedIn-Blue-14@1x.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e27e586542e782023bbaf65c2a6dde1dab9b82383a71f8ab7aa7c57aa829a9d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-R8FZqR2EPN9E7Gm' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:44 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-R8FZqR2EPN9E7Gm' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
etag: "1c66b05c0ef8d56034da12ebf35cd32191f42d7f"
content-type: image/png
cache-control: public, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 2228

GET
H2 200 In-White-14.png
app.refapp.com/icons/linkedin/ 157 B
2 KB 61ms
60ms Image
image/png 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.refapp.com/icons/linkedin/In-White-14.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f3dcb75ae2ee9e5b5956429ad701875d129c40803c0bbf0810f2c9ef5649131c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-Gb4gDag2T4BPy5p' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:44 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-Gb4gDag2T4BPy5p' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
etag: "dee6223501e9fe30ef527b1b003a550e2f651d36"
content-type: image/png
cache-control: public, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 157

GET
H2 200 f_logo_RGB-White_58.png
app.refapp.com/icons/facebook/ 2 KB
4 KB 60ms
59ms Image
image/png 3.70.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.refapp.com/icons/facebook/f_logo_RGB-White_58.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.124.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-124-16.eu-central-1.compute.amazonaws.com

Software

Resource Hash

067ade00c3ce9ca6cff444f9152104b744e0edb4b4ea4c46ecff822bd5d97ca3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-cAjKp9nrhuvpAt2' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 23:24:44 GMT
content-security-policy: default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-cAjKp9nrhuvpAt2' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
etag: "be5b385ee46e77c02379f725d941d84032502684"
content-type: image/png
cache-control: public, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 1847

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.eu/api/v2/ 53 B
340 B 936ms
106ms Fetch
application/json 34.149.169.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.28.1%2Capi%3Afetch%2Cenv%3Aproduction&dd-api-key=pubf7612cf1147ef6361e996509a924cd7a&dd-evp-origin-version=4.28.1&dd-evp-origin=browser&dd-request-id=1c236cfd-6d71-4f94-b573-928f1c014f76&batch_time=1724714684889

Requested by

Host: app.refapp.com
URL: https://app.refapp.com/b498a8ea7d1074ba99b85ccf1cff9d8954810629.js?meteor_js_resource=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.169.145 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

145.169.149.34.bc.googleusercontent.com

Software

Resource Hash

0ab2550cfc6b990e12ebd606de1a0d9cff696ed40b7c71f8b7772ff9b5a23b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Aug 2024 23:24:45 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
via: 1.1 google
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
dd-request-id: 1c236cfd-6d71-4f94-b573-928f1c014f76

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.refapp.com
URL: blob:https://app.refapp.com/71b4cf4c-4aff-4bd5-a0e0-f9e59c5ef0de

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.refapp.com/	1970-01-20 23:15:19	Name: AWSALB Value: 5Dyyk9/TFSg4VUr+JQrh8mfPNH9mtCglsXt2FXIh64M4Gf7QuXCdhkoji7jMp1Ml6gY3xf33zCbhDgwy6SXO9kUMlG2ovSA6jwnxtukaS8C0C5pMQ1rCisjM2vlP
app.refapp.com/	1970-01-20 23:15:19	Name: AWSALBCORS Value: 5Dyyk9/TFSg4VUr+JQrh8mfPNH9mtCglsXt2FXIh64M4Gf7QuXCdhkoji7jMp1Ml6gY3xf33zCbhDgwy6SXO9kUMlG2ovSA6jwnxtukaS8C0C5pMQ1rCisjM2vlP
app.refapp.com/	1970-01-20 23:05:15	Name: _dd_s Value: logs=1&id=2909bcc3-2420-4020-ad97-41accef2c287&created=1724714683591&expire=1724715583593&rum=1

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'legacy-image-formats'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vr'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'legacy-image-formats'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' data: wss://app.refapp.com https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://.fbsbx.com https://.licdn.com https://.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-fXRhBu7MNQv9cH5' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://.bullhornstaffing.com https://.talentadore.com https://.jobadder.com; base-uri https://app.refapp.com; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.refapp.com
refapp-images-production.s3.amazonaws.com
rum.browser-intake-datadoghq.eu
app.refapp.com
3.70.124.16
34.149.169.145
52.219.75.201
067ade00c3ce9ca6cff444f9152104b744e0edb4b4ea4c46ecff822bd5d97ca3
0ab2550cfc6b990e12ebd606de1a0d9cff696ed40b7c71f8b7772ff9b5a23b2e
0d685f51c3bc394f02c8c218565ba423972cfb35c2542871e0a4ac0c3a0c16a6
1848eab54c3960a52324d8bbb60e43f3b71b19f4e7f5af6a7069e9bcedf8acbb
23fadf2550db9285c9a75ad61a81d6bb40c25f7326ceebbc181628af3d26443b
66fea9c00091f25eb8a526548023b6154785876a900af2d8f472922689698163
6bd02d73bcfe729c01a1987946768a1d05654e18ba6d1feb0596abd0bf4ecb8d
6dbcce3fdd846f3aebc7e1890b5ccca234806cbd84763785f7ced043a99e8268
861042d72868486aeb6b32de555dc8f0b1b571b7354e73907e1d5386fb5fe048
8d80e9a2bc08a731a8ac25ac269a37f01a1ba593395b7429f6dfbc29e136db2d
a27c13f1411bdc8e13d8d0c83a036779fc70facad50e27eb08ccd02e006e37c5
b17667ce7e13581db105777f986e141168231e88a8ef16d13e581c7c1525f14b
c74d37ed23e88a14f588673accf9002cd4c7024a596282930ce76d29418cb5de
e27e586542e782023bbaf65c2a6dde1dab9b82383a71f8ab7aa7c57aa829a9d1
e3e72639577a39aaeb68d977e310814d5b021163825b23e067b37334a4bf142a
e43179a11fee5bf7a510f78ca6e02f91623e44aaa05ce8c82ad50a157c24af39
f18568e091456a802f50c16928ee41616d2a89e40e0242adb648b3d4ca97d0c8
f3dcb75ae2ee9e5b5956429ad701875d129c40803c0bbf0810f2c9ef5649131c

app.refapp.com Open in urlscan Pro 3.70.124.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

3639 kBTransfer

13653 kBSize

3 Cookies

2 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

3 Cookies

21 Console Messages

Security Headers

Indicators

app.refapp.com Open in urlscan Pro
3.70.124.16 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

3639 kB
Transfer

13653 kB
Size

3
Cookies

19 HTTP transactions
0 data transactions