urlscan.io logo urlscan.io
SecurityTrails logo

referral.mewebdemo.com Open in urlscan Pro
159.138.236.24  Public Scan

Go To Rescan Add Verdict Report
URL: https://referral.mewebdemo.com/
Submission: On April 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 159.138.236.24, located in Chon Buri, Thailand and belongs to HWCLOUDS-AS-AP HUAWEI CLOUDS, HK. The main domain is referral.mewebdemo.com.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.
This is the only time referral.mewebdemo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 159.138.236.24 136907 (HWCLOUDS-...)
3 2a04:4e42::485 54113 (FASTLY)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
5 43.255.105.178 136907 (HWCLOUDS-...)
26 6
16    159.138.236.24 (Chon Buri, Thailand)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-159-138-236-24.compute.hwclouds-dns.com
referral.mewebdemo.com
3    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    43.255.105.178 (Bangkok, Thailand)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-43-255-105-178.compute.hwclouds-dns.com
corecms.mqdc.com
Apex Domain
Subdomains		 Transfer
16 mewebdemo.com
referral.mewebdemo.com
279 KB
5 mqdc.com
corecms.mqdc.com
102 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
55 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 234
28 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1175
23 KB
26 5
Domain Requested by
16 referral.mewebdemo.com referral.mewebdemo.com
5 corecms.mqdc.com referral.mewebdemo.com
corecms.mqdc.com
3 cdn.jsdelivr.net referral.mewebdemo.com
1 cdnjs.cloudflare.com referral.mewebdemo.com
1 use.fontawesome.com referral.mewebdemo.com
26 5

This site contains no links.

Subject Issuer Validity Valid
referral.mewebdemo.com
R3		 2024-03-31 -
2024-06-29		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
corecms.mqdc.com
R3		 2024-03-16 -
2024-06-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://referral.mewebdemo.com/
Frame ID: AD09D9D68D6028318B075B7E0829F139
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Referral Program | Referral

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

26
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

487 kB
Transfer

851 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
referral.mewebdemo.com/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b0045857a927be39e043a5e89717274927e4e63ba361b19d9dc6fb592e909289
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Apr 2024 13:04:41 GMT
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy
strict-origin
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
Origin
https://referral.mewebdemo.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Apr 2024 13:04:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
3333564
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30336
x-served-by
cache-fra-eddf8230122-FRA, cache-mia-kmia1760075-MIA
x-jsd-version-type
version
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
all.css
use.fontawesome.com/releases/v6.4.2/css/ 		100 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.4.2/css/all.css
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:04:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
802122
etag
W/"5222e06b77a1692fa2520a219840e6be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lCJFg%2F9M8jdqDZHrJYEKKGNXL2D9U1WgMcQxc%2Fk9oEXloS4Njf5U2PwtubEmcnYKuoM5Zw4KGzGgGFnWzALuEb62XwQtYiQGuofkhOwkvxwb14bTLYbhgpTCYW3RF7bQAA4IQ78mXw20Cn7tScDhwhiA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
86e106b43ab6259a-MIA
alt-svc
h3=":443"; ma=86400
common.css
referral.mewebdemo.com/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://referral.mewebdemo.com/css/common.css
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2e0a82b09a7954cf0ef9fcfc47e8ddeede397e69a4663b4d7849afa2da44b839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
Content-Encoding
gzip
ETag
W/"6609ee38-2f5d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
X-XSS-Protection
1; mode=block
home.css
referral.mewebdemo.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://referral.mewebdemo.com/css/home.css
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
043031ac4fb73c8028e25c1cbc0864112ef02f627f7fb0059219a93b4989fcde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
Content-Encoding
gzip
ETag
W/"6609ee38-efc"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
X-XSS-Protection
1; mode=block
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
969325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28112
last-modified
Wed, 21 Dec 2022 00:05:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63a24ddb-6dd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vm8o1n3dagc0aC2E2dmqr8s82gKxivSTfqlg0jBMVpU1ksfCGw5CjdRseNzC1ZiS9S3S0Cb0%2Bvtyh3d38TnX49INZcjTSZS71t2fMwHRZX9A06va%2FIV3nCR13nYl%2BfzGGH9mT6o2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86e106b3fc1cda8b-MIA
expires
Sun, 23 Mar 2025 13:04:41 GMT
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/popper.min.js
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
Origin
https://referral.mewebdemo.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Apr 2024 13:04:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
2953179
x-jsd-version
2.11.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7656
x-served-by
cache-fra-eddf8230136-FRA, cache-mia-kmia1760075-MIA
x-jsd-version-type
version
etag
W/"4e7f-YDO5/9GsCmSrp3VxzVXmgduuK5k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
Origin
https://referral.mewebdemo.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Apr 2024 13:04:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
656073
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17319
x-served-by
cache-fra-eddf8230041-FRA, cache-mia-kmia1760075-MIA
x-jsd-version-type
version
etag
W/"ebf4-hH3/iZtbz47kNOOJ4qkQuh26128"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
afbc5c48-735c-457d-9ad8-28c751e28521
corecms.mqdc.com/assets/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corecms.mqdc.com/assets/afbc5c48-735c-457d-9ad8-28c751e28521
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.255.105.178 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-43-255-105-178.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) / Directus
Resource Hash
2555cf537dbf955a82c887c482530e1d451db35e206d5572df95b84a11b92a8b
Security Headers
Name Value
Content-Security-Policy default-src none

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:42 GMT
Content-Security-Policy
default-src none
Last-Modified
Tue, 20 Feb 2024 03:10:53 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Directus
Vary
Origin, Cache-Control
Content-Type
image/webp
Access-Control-Expose-Headers
Content-Range
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Content-Disposition
inline; filename="mqdc.webp"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8300
logo-affuencer-mobile.webp
referral.mewebdemo.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/logo-affuencer-mobile.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
da41530e18506d5b8de60361cb15adf774d1fb985ae4921b5a337c4c92e0fdf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-211c"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8476
X-XSS-Protection
1; mode=block
banner-img.webp
referral.mewebdemo.com/images/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/banner-img.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a2a982320b1b3f8385de857206ab2ad73912e454153501ccc0aef7064ce3879c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-18c2c"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101420
X-XSS-Protection
1; mode=block
logo-affuencer-desktop.webp
referral.mewebdemo.com/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/logo-affuencer-desktop.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d3b3e63a026103816cb1e665889d4ccd18945118f781a14851bb0c4d6784d8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-309a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12442
X-XSS-Protection
1; mode=block
33f45ef7-e792-4bb8-8bf3-e799b15fa0d4&display=swap
corecms.mqdc.com/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://corecms.mqdc.com/assets/33f45ef7-e792-4bb8-8bf3-e799b15fa0d4&display=swap
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/css/common.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.255.105.178 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-43-255-105-178.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) / Directus
Resource Hash
5d5aaac4d356ce820efe4865612ff2bc758d0e3ef6e3c6ab72215570ce2c918d
Security Headers
Name Value
Content-Security-Policy default-src none

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:42 GMT
Content-Security-Policy
default-src none
Content-Encoding
gzip
Last-Modified
Tue, 26 Mar 2024 02:07:55 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Directus
Transfer-Encoding
chunked
Vary
Origin, Cache-Control
Content-Type
text/css
Access-Control-Expose-Headers
Content-Range
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Content-Disposition
inline; filename="DBHelvethaicaX.css"
Connection
keep-alive
sky-bg.webp
referral.mewebdemo.com/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/sky-bg.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/css/common.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
87e72093f1c16b3fff47c4347346ff3c436c1e7cbbc393ce109d9022ca6d0db2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-2cb2"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11442
X-XSS-Protection
1; mode=block
btn-main-bg.webp
referral.mewebdemo.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/btn-main-bg.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/css/common.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
451512a479f7a5bc3c01b09f9e9a0e835e31baec72682f1b91d960b7cfc376f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-4bc"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1212
X-XSS-Protection
1; mode=block
truncated
/ 		488 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4d75767efcea6db06455f7a872db24fa24979b2cb6f1f2ddf264ce6bdda6712

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
8bf67792-4726-4876-a4ec-7324d9bcfefe.woff2
corecms.mqdc.com/assets/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://corecms.mqdc.com/assets/8bf67792-4726-4876-a4ec-7324d9bcfefe.woff2
Requested by
Host: corecms.mqdc.com
URL: https://corecms.mqdc.com/assets/33f45ef7-e792-4bb8-8bf3-e799b15fa0d4&display=swap
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.255.105.178 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-43-255-105-178.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) / Directus
Resource Hash
fd054ff6c204edd22cfa3a4923e50fd22e199159212da68e3e9726e73eb5597d
Security Headers
Name Value
Content-Security-Policy default-src none

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://corecms.mqdc.com/assets/33f45ef7-e792-4bb8-8bf3-e799b15fa0d4&display=swap
Origin
https://referral.mewebdemo.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Content-Security-Policy
default-src none
Last-Modified
Tue, 21 Nov 2023 09:22:25 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Directus
Vary
Origin, Cache-Control
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://referral.mewebdemo.com
Access-Control-Expose-Headers
Content-Range
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Content-Disposition
inline; filename="dbhelvethaicax-webfont.woff2"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31184
7ca18054-b9c4-4dd5-b23d-f8ea2de49453.woff2
corecms.mqdc.com/assets/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://corecms.mqdc.com/assets/7ca18054-b9c4-4dd5-b23d-f8ea2de49453.woff2
Requested by
Host: corecms.mqdc.com
URL: https://corecms.mqdc.com/assets/33f45ef7-e792-4bb8-8bf3-e799b15fa0d4&display=swap
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.255.105.178 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-43-255-105-178.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) / Directus
Resource Hash
caf04e90dce777b57368d5e885ce53b86c828b978693ca264158df72c21deac2
Security Headers
Name Value
Content-Security-Policy default-src none

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://corecms.mqdc.com/assets/33f45ef7-e792-4bb8-8bf3-e799b15fa0d4&display=swap
Origin
https://referral.mewebdemo.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Content-Security-Policy
default-src none
Last-Modified
Tue, 21 Nov 2023 09:22:25 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Directus
Vary
Origin, Cache-Control
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://referral.mewebdemo.com
Access-Control-Expose-Headers
Content-Range
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Content-Disposition
inline; filename="dbhelvethaicaxbd-webfont.woff2"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30008
9be42d9c-d89d-474e-a375-f546eedca231.woff2
corecms.mqdc.com/assets/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://corecms.mqdc.com/assets/9be42d9c-d89d-474e-a375-f546eedca231.woff2
Requested by
Host: corecms.mqdc.com
URL: https://corecms.mqdc.com/assets/33f45ef7-e792-4bb8-8bf3-e799b15fa0d4&display=swap
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.255.105.178 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-43-255-105-178.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) / Directus
Resource Hash
46d362c57f4b19e3ef3383cc974db3176f7ea306737b496f385edb5196e897e9
Security Headers
Name Value
Content-Security-Policy default-src none

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://corecms.mqdc.com/assets/33f45ef7-e792-4bb8-8bf3-e799b15fa0d4&display=swap
Origin
https://referral.mewebdemo.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Content-Security-Policy
default-src none
Last-Modified
Tue, 21 Nov 2023 09:22:25 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Directus
Vary
Origin, Cache-Control
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://referral.mewebdemo.com
Access-Control-Expose-Headers
Content-Range
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Content-Disposition
inline; filename="dbhelvethaicaxmed-webfont.woff2"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30984
img-why-01.webp
referral.mewebdemo.com/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/img-why-01.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cd40968c14f7f421b0c26a07e97dc0868ce3e19ea7c0095e38bff118e3cb34d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-3b30"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15152
X-XSS-Protection
1; mode=block
img-why-02.webp
referral.mewebdemo.com/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/img-why-02.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
20aabc302cce79be50041dc18eebb705dc9aa1e4cbc0261e4a81c45108cc7692
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-4bb6"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19382
X-XSS-Protection
1; mode=block
img-why-03.webp
referral.mewebdemo.com/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/img-why-03.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
83b2770ad62da7c4c9b4f1d5e573ee86075b30a02e3211b5051a871fde4422d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-43b2"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17330
X-XSS-Protection
1; mode=block
img-why-04.webp
referral.mewebdemo.com/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/img-why-04.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6f50e1ada2bf3040d047983b4be3188113ae995e5e7a4b35310e8e2a3204d01e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-5cc4"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23748
X-XSS-Protection
1; mode=block
img-step-01.webp
referral.mewebdemo.com/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/img-step-01.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fee65117ddf6cd04f641dfac022684aade51ce04f88997b9aec60e0e81f12ab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-46e4"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18148
X-XSS-Protection
1; mode=block
img-step-02.webp
referral.mewebdemo.com/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/img-step-02.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
68e2118f2f0d1c7329032f806b2706747f57d5ee536206f2b51689dbe2f05666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-2b28"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11048
X-XSS-Protection
1; mode=block
img-step-03.webp
referral.mewebdemo.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referral.mewebdemo.com/images/img-step-03.webp
Requested by
Host: referral.mewebdemo.com
URL: https://referral.mewebdemo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2b3e831c0070386d654d9e17f707a7efc743d28e410c37b8514794f414181c8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-2992"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10642
X-XSS-Protection
1; mode=block
favicon.ico
referral.mewebdemo.com/favicons/ 		15 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://referral.mewebdemo.com/favicons/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.138.236.24 Chon Buri, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-236-24.compute.hwclouds-dns.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bdc9b3e51935ab980d72e33085c00f60a607339cceb87d0deadcb67879a00052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referral.mewebdemo.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Apr 2024 13:04:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Sun, 31 Mar 2024 23:14:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6609ee38-3c2e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| $ function| jQuery object| Popper number| uidEvent object| bootstrap function| parallaxScroll function| scaleAnimation function| fadeAnimation

3 Cookies

Domain/Path Name / Value
referral.mewebdemo.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlNSNlVndENPMHVZWW12OXVKc2pPNFE9PSIsInZhbHVlIjoid01Kcy91QmZ2U0F4b0FGdEN6V3E5YVlWLzVIdTA4SWZ1d2ZZVHZyR0Z5dHpjamFwOFoyNXBLYVY2eTVlN3hvSWVUK04xTWZwLzdmK1dkQ2VPdzFPYUlLUnpPTTF1dmVYMHpOQUQyTnlDem51OTZ2YWJldDYrUGNGcGM0b0Q2NHYiLCJtYWMiOiIxMmVkZDNlZjZmZTM5NTVmN2MwYmJkOWE4ZjgzOTBjNjQzYjA4ZGM1MGVhODM3ZTg1YWFkYTU4MzFiMGM3NjQ4IiwidGFnIjoiIn0%3D
referral.mewebdemo.com/ Name: referral_session
Value: eyJpdiI6Imt2blFQWWk4c2JRR3hNcWJsaDFQVXc9PSIsInZhbHVlIjoiNWVMVjhmRUdaK0d2V29WUldqMG5QOXg1dlgwcHpHN1Z4c3ZGOXpscmo3dHlvUU1XS0JsMHROeTc1aTl6Mi9qa2cvTlkwQ0VQNWpMa3F1ZnNnWkpQNGROMWh6VEh6WEJkMkhEN3RSdGw0QUt5RnN2ZklzSFhGcmlHUGcyV0FUMDEiLCJtYWMiOiI5MmU1YWQ4NzE2ZmZhZjlmZjE4ZGNmOTk3MGYwYTNjZDc0MTNhOWM2ODZmZWVmMWIzMjRkZWE0NWMxMzIwMjdmIiwidGFnIjoiIn0%3D
referral.mewebdemo.com/ Name: login
Value: eyJpdiI6ImlXMHY2M0s2SHE1MWh2TUdPd01tTFE9PSIsInZhbHVlIjoiMm4xSEJ5RmJBNC9WMHZBbGJjZVJaOURLWFVmYkQ1a3pKSTAwRXJpaWFYZUFVa1JHVG5MUEhCOGlSTis3QndTaiIsIm1hYyI6IjFmYjg3ZWE0NWU3MDRjMjgwZDdkZWMyNmI3MjZjN2YzYzA3MmNkMWEwMWU4YjYyMjM0ZTk5YjJlOGJkMTk1OGIiLCJ0YWciOiIifQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
corecms.mqdc.com
referral.mewebdemo.com
use.fontawesome.com
104.17.25.14
159.138.236.24
2606:4700:e6::ac40:cf26
2a04:4e42::485
43.255.105.178
043031ac4fb73c8028e25c1cbc0864112ef02f627f7fb0059219a93b4989fcde
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
20aabc302cce79be50041dc18eebb705dc9aa1e4cbc0261e4a81c45108cc7692
2555cf537dbf955a82c887c482530e1d451db35e206d5572df95b84a11b92a8b
2b3e831c0070386d654d9e17f707a7efc743d28e410c37b8514794f414181c8d
2e0a82b09a7954cf0ef9fcfc47e8ddeede397e69a4663b4d7849afa2da44b839
451512a479f7a5bc3c01b09f9e9a0e835e31baec72682f1b91d960b7cfc376f0
46d362c57f4b19e3ef3383cc974db3176f7ea306737b496f385edb5196e897e9
5d5aaac4d356ce820efe4865612ff2bc758d0e3ef6e3c6ab72215570ce2c918d
68e2118f2f0d1c7329032f806b2706747f57d5ee536206f2b51689dbe2f05666
6f50e1ada2bf3040d047983b4be3188113ae995e5e7a4b35310e8e2a3204d01e
83b2770ad62da7c4c9b4f1d5e573ee86075b30a02e3211b5051a871fde4422d7
87e72093f1c16b3fff47c4347346ff3c436c1e7cbbc393ce109d9022ca6d0db2
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
a2a982320b1b3f8385de857206ab2ad73912e454153501ccc0aef7064ce3879c
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b0045857a927be39e043a5e89717274927e4e63ba361b19d9dc6fb592e909289
bdc9b3e51935ab980d72e33085c00f60a607339cceb87d0deadcb67879a00052
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c4d75767efcea6db06455f7a872db24fa24979b2cb6f1f2ddf264ce6bdda6712
caf04e90dce777b57368d5e885ce53b86c828b978693ca264158df72c21deac2
cd40968c14f7f421b0c26a07e97dc0868ce3e19ea7c0095e38bff118e3cb34d2
d3b3e63a026103816cb1e665889d4ccd18945118f781a14851bb0c4d6784d8b6
da41530e18506d5b8de60361cb15adf774d1fb985ae4921b5a337c4c92e0fdf8
fd054ff6c204edd22cfa3a4923e50fd22e199159212da68e3e9726e73eb5597d
fee65117ddf6cd04f641dfac022684aade51ce04f88997b9aec60e0e81f12ab7