freshcity.referralcandy.com Open in urlscan Pro
13.251.177.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freshcity.refr.cc/
Effective URL:
https://freshcity.referralcandy.com/
Submission: On February 11 via manual (February 11th 2019, 7:20:04 pm UTC) from CA

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 11 HTTP transactions. The main IP is 13.251.177.61, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is freshcity.referralcandy.com.
TLS certificate: Issued by Amazon on April 1st 2018. Valid for: a year.

This is the only time freshcity.referralcandy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.77.136.194 52.77.136.194	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	13.251.177.61 13.251.177.61	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	143.204.101.12 143.204.101.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	143.204.101.88 143.204.101.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
11	6

1 52.77.136.194 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-77-136-194.ap-southeast-1.compute.amazonaws.com

freshcity.refr.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.177.61 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-251-177-61.ap-southeast-1.compute.amazonaws.com

freshcity.refr.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freshcity.referralcandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.12 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-12.fra50.r.cloudfront.net

cdn.referralcandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.101.88 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-88.fra50.r.cloudfront.net

d1p6b1fqdxr5o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2008 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
3	cloudfront.net d1p6b1fqdxr5o.cloudfront.net	24 KB
3	referralcandy.com freshcity.referralcandy.com cdn.referralcandy.com	119 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com	28 KB
2	refr.cc 2 redirects freshcity.refr.cc	428 B
1	google.de www.google.de	383 B
1	google.com 1 redirects www.google.com	377 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	351 B
11	8

	Domain	Requested by
3	ssl.google-analytics.com	1 redirects freshcity.referralcandy.com
3	d1p6b1fqdxr5o.cloudfront.net	freshcity.referralcandy.com
2	cdn.referralcandy.com	freshcity.referralcandy.com
2	netdna.bootstrapcdn.com	freshcity.referralcandy.com
2	freshcity.refr.cc	2 redirects
1	www.google.de	freshcity.referralcandy.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	freshcity.referralcandy.com
11	9

This site contains links to these domains. Also see Links.

Domain
www.freshcityfarms.com
www.referralcandy.com

Subject Issuer	Validity	Valid
referralcandy.com Amazon	`2018-04-01` - `2019-05-01`	a year	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://freshcity.referralcandy.com/
Frame ID: FC2433A49570EF777D032BFFBAF544B4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://freshcity.refr.cc/ HTTP 302
https://freshcity.refr.cc/ HTTP 302
https://freshcity.referralcandy.com/ Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /authenticity_token/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /authenticity_token/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

11
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

189 kB
Transfer

338 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.freshcityfarms.com/store/bags
Title:

Search URL Search Domain Scan URL

URL: http://www.referralcandy.com/?ref=ap10_ap11
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freshcity.refr.cc/ HTTP 302
https://freshcity.refr.cc/ HTTP 302
https://freshcity.referralcandy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=541794025&utmhn=freshcity.referralcandy.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Fresh%20City%20ReferralCandy%20Portal&utmhid=78766684&utmr=-&utmp=%2F&utmht=1549912789441&utmac=UA-15701008-7&utmcc=__utma%3D38775200.1037045977.1549912789.1549912789.1549912789.1%3B%2B__utmz%3D38775200.1549912789.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1631214307&utmredir=1&utmmt=1&utmu=qhAgAAAAAAAAAAAAAAAAAAgE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15701008-7&cid=1037045977.1549912789&jid=1631214307&_v=5.7.2&z=541794025 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15701008-7&cid=1037045977.1549912789&jid=1631214307&_v=5.7.2&z=541794025 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15701008-7&cid=1037045977.1549912789&jid=1631214307&_v=5.7.2&z=541794025&slf_rd=1&random=165580636

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freshcity.referralcandy.com/
Redirect Chain

http://freshcity.refr.cc/
https://freshcity.refr.cc/
https://freshcity.referralcandy.com/

6 KB
3 KB

633ms
519ms

Document
text/html

13.251.177.61
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://freshcity.referralcandy.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.177.61 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-13-251-177-61.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e8d51c32f5feeb34e036fc4dd048bce997244b1d63143d66cc17d781b41a12df

Request headers

:method: GET
:authority: freshcity.referralcandy.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 11 Feb 2019 19:19:49 GMT
content-type: text/html; charset=utf-8
server: nginx/1.10.3 (Ubuntu)
x-ua-compatible: IE=Edge,chrome=1
etag: W/"93ec9b7b66a0623229b2adbcf8568d90"
cache-control: max-age=0, private, must-revalidate
set-cookie: _referral_corner_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWY1ZmQ1OTZjNTc5NTJhMWM4ZjdjNmM3NmRiZGU1NjA1BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTV0VmxGMXJ1QWV1b01zcUVqamlKQ3FSdURXdjhsWFJiNWxjYjJmTnpOYlU9BjsARg%3D%3D--0d6a88c1524d98ffb842f370a2b64e3b397eb051; path=/; HttpOnly
x-request-id: 5347a93f32bf6fc8250445bbbea567e1
x-runtime: 0.053266
x-rack-cache: miss
vary: Origin
content-encoding: gzip

Redirect headers

status: 302 302 Found
date: Mon, 11 Feb 2019 19:19:48 GMT
content-type: text/html; charset=utf-8
location: https://freshcity.referralcandy.com
server: nginx/1.10.3 (Ubuntu)
x-ua-compatible: IE=Edge,chrome=1
cache-control: no-cache
x-request-id: c3c08ad07bf419e96b949f6093c75ebb
x-runtime: 0.008516
x-rack-cache: miss

GET
H2 200 bootstrap-combined.min.css
netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/css/ 117 KB
20 KB 114ms
50ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/css/bootstrap-combined.min.css
Requested by: Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 13431ebc8279cd6b43d9b4e94a137e59a2f848555cfa8293da2071d9b98149d8

Request headers

Referer: https://freshcity.referralcandy.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 11 Feb 2019 19:19:49 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:21 GMT
access-control-allow-origin: *
etag: "1544639721"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 20320

GET
H/1.1 200
OK screen.css
cdn.referralcandy.com/refcorner/scripts/ 8 KB
8 KB 63ms
17ms Stylesheet
text/css 143.204.101.12
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.referralcandy.com/refcorner/scripts/screen.css
Requested by: Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.12 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-12.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85c8ee908a840a7b8e5b700416a00b34b69ee608ca16671a7d1ff3efad6d38a8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: cdn.referralcandy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://freshcity.referralcandy.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://freshcity.referralcandy.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 16:19:08 GMT
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Last-Modified: Wed, 16 Dec 2015 03:42:27 GMT
Server: AmazonS3
Age: 10841
ETag: "56ea03ea2dbd0a8fd8a14e86136161a4"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 8067
X-Amz-Cf-Id: Tr_QFxmUeG7AZf3xqHWIBY_02On7ZkCZyrvP3xo4y9kXJJ483XdClA==

GET
H/1.1 200
OK application.js Show response
cdn.referralcandy.com/refcorner/scripts/ 108 KB
108 KB 61ms
16ms Script
application/x-javascript 143.204.101.12
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.referralcandy.com/refcorner/scripts/application.js
Requested by: Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.12 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-12.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55a82a96926b0abe2e1965e1c77250893764521150b95f161c1c270f1187b2fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: cdn.referralcandy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://freshcity.referralcandy.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://freshcity.referralcandy.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 16:19:09 GMT
Via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
Last-Modified: Wed, 16 Dec 2015 03:42:27 GMT
Server: AmazonS3
Age: 10841
ETag: "9aea0cc38cd9ca77b2fd437dcd88fccd"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 110284
X-Amz-Cf-Id: USjKj8z7R_PA3c44oH4hoUvOjSmT3_j-ZKB1ctQW3j5oAOAUYIclGw==

GET
H2 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/js/ 31 KB
8 KB 94ms
30ms Script
text/javascript 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/js/bootstrap.min.js
Requested by: Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 34c5b7b058640503224a11acd9e5edd7a3d11d6dd1a1d05e9cb971855e798849

Request headers

Referer: https://freshcity.referralcandy.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 11 Feb 2019 19:19:49 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:55 GMT
access-control-allow-origin: *
etag: "1544639635"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7839

GET
H/1.1 200
OK d54567266accb1750acbe1ac878fa11b.png
d1p6b1fqdxr5o.cloudfront.net/images/clients/logos/000/010/475/ 20 KB
20 KB 163ms
24ms Image
image/png 143.204.101.88
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1p6b1fqdxr5o.cloudfront.net/images/clients/logos/000/010/475/d54567266accb1750acbe1ac878fa11b.png?1443541606
Requested by: Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.88 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-88.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e0119159df74fa7ea828ab3e43a40570a39c212ba86581655c3c2219bcbd7a2

Request headers

Referer: https://freshcity.referralcandy.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 18:50:29 GMT
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Last-Modified: Tue, 29 Sep 2015 15:46:47 GMT
Server: AmazonS3
Age: 1761
ETag: "3eb2cb32fa5a7471065b9a27a879d8ca"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20488
X-Amz-Cf-Id: oQ6SfuyM6qau0UUgZxVYr8uc2OXGTz4Qtlu1Rd2-mtaozmQm4_Jnlw==

GET
H/1.1 200
OK refer-a-friend-program-powered-by-referralcandy.png
d1p6b1fqdxr5o.cloudfront.net/images/ 3 KB
3 KB 147ms
10ms Image
image/png 143.204.101.88
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1p6b1fqdxr5o.cloudfront.net/images/refer-a-friend-program-powered-by-referralcandy.png
Requested by: Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.88 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-88.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bf356b1ac5d7badc1ba9ef6ac2f6f6708e170f3602ee88da24e8717b098df9f

Request headers

Referer: https://freshcity.referralcandy.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 10 Feb 2019 18:00:28 GMT
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Last-Modified: Thu, 31 Oct 2013 08:08:49 GMT
Server: AmazonS3
Age: 1761
ETag: "419c65a555c10567bea2864798d0f415"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3071
X-Amz-Cf-Id: exVrrmtLD3LxeNW0FyE7kZ4EULimMPqaHLyGG7mb6cIwPzRjzNtA0A==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freshcity.referralcandy.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 3560
date: Mon, 11 Feb 2019 18:20:29 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17168
expires: Mon, 11 Feb 2019 20:20:29 GMT

GET
H/1.1 200
OK stripe-ECE8FC-2-1.png
d1p6b1fqdxr5o.cloudfront.net/refcorner/icons/ 109 B
571 B 11ms
11ms Image
image/png 143.204.101.88
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1p6b1fqdxr5o.cloudfront.net/refcorner/icons/stripe-ECE8FC-2-1.png
Requested by: Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.88 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-88.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa1352ab5972095abf39fd5f15938f1fda5913d02e089b1fdb33ab4b02a662ff

Request headers

Referer: https://cdn.referralcandy.com/refcorner/scripts/screen.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 11 Feb 2019 16:19:10 GMT
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Apr 2012 01:55:11 GMT
Server: AmazonS3
Age: 10840
ETag: "f2a330a85318d95a9928258601373270"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 109
X-Amz-Cf-Id: mayX97OM6X-Ia81KBsF5IXanx75zYhhNm06cprgKAD2Bz9gGZV15Jw==

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
112 B 16ms
15ms Image
image/gif 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=646580274&utmhn=freshcity.referralcandy.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Fresh%20City%20ReferralCandy%20Portal&utmhid=78766684&utmr=-&utmp=%2F&utmht=1549912789430&utmac=UA-15701008-4&utmcc=__utma%3D154395503.1513775027.1549912789.1549912789.1549912789.1%3B%2B__utmz%3D154395503.1549912789.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=986549458&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freshcity.referralcandy.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Feb 2019 19:19:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=541794025&utmhn=freshcity.referralcandy.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15701008-7&cid=1037045977.1549912789&jid=1631214307&_v=5.7.2&z=541794025
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15701008-7&cid=1037045977.1549912789&jid=1631214307&_v=5.7.2&z=541794025
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15701008-7&cid=1037045977.1549912789&jid=1631214307&_v=5.7.2&z=541794025&slf_rd=1&random=165580636

42 B
383 B

51ms
24ms

Image
image/gif

2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15701008-7&cid=1037045977.1549912789&jid=1631214307&_v=5.7.2&z=541794025&slf_rd=1&random=165580636

Requested by

Host: freshcity.referralcandy.com
URL: https://freshcity.referralcandy.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freshcity.referralcandy.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Feb 2019 19:19:49 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Feb 2019 19:19:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15701008-7&cid=1037045977.1549912789&jid=1631214307&_v=5.7.2&z=541794025&slf_rd=1&random=165580636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.referralcandy.com/	1970-01-18 22:31:54	Name: __utmb Value: 38775200.1.10.1549912789
.referralcandy.com/	1970-01-18 22:31:53	Name: __utmt_b Value: 1
.freshcity.referralcandy.com/	1970-01-19 02:54:40	Name: __utmz Value: 154395503.1549912789.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.referralcandy.com/	1970-01-19 16:03:04	Name: __utma Value: 38775200.1037045977.1549912789.1549912789.1549912789.1
.freshcity.referralcandy.com/	1970-01-18 22:31:54	Name: __utmb Value: 154395503.1.10.1549912789
.freshcity.referralcandy.com/	1969-12-31 23:59:59	Name: __utmc Value: 154395503
.referralcandy.com/	1970-01-19 02:54:40	Name: __utmz Value: 38775200.1549912789.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
freshcity.referralcandy.com/	1969-12-31 23:59:59	Name: _referral_corner_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWY1ZmQ1OTZjNTc5NTJhMWM4ZjdjNmM3NmRiZGU1NjA1BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTV0VmxGMXJ1QWV1b01zcUVqamlKQ3FSdURXdjhsWFJiNWxjYjJmTnpOYlU9BjsARg%3D%3D--0d6a88c1524d98ffb842f370a2b64e3b397eb051
.freshcity.referralcandy.com/	1970-01-18 22:31:53	Name: __utmt Value: 1
.referralcandy.com/	1969-12-31 23:59:59	Name: __utmc Value: 38775200
.freshcity.referralcandy.com/	1970-01-19 16:03:04	Name: __utma Value: 154395503.1513775027.1549912789.1549912789.1549912789.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.referralcandy.com
d1p6b1fqdxr5o.cloudfront.net
freshcity.referralcandy.com
freshcity.refr.cc
netdna.bootstrapcdn.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google.com
www.google.de
13.251.177.61
143.204.101.12
143.204.101.88
209.197.3.15
2a00:1450:4001:808::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81f::2004
2a00:1450:400c:c08::9a
52.77.136.194
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13431ebc8279cd6b43d9b4e94a137e59a2f848555cfa8293da2071d9b98149d8
1e0119159df74fa7ea828ab3e43a40570a39c212ba86581655c3c2219bcbd7a2
34c5b7b058640503224a11acd9e5edd7a3d11d6dd1a1d05e9cb971855e798849
55a82a96926b0abe2e1965e1c77250893764521150b95f161c1c270f1187b2fc
6bf356b1ac5d7badc1ba9ef6ac2f6f6708e170f3602ee88da24e8717b098df9f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c8ee908a840a7b8e5b700416a00b34b69ee608ca16671a7d1ff3efad6d38a8
aa1352ab5972095abf39fd5f15938f1fda5913d02e089b1fdb33ab4b02a662ff
e8d51c32f5feeb34e036fc4dd048bce997244b1d63143d66cc17d781b41a12df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

freshcity.referralcandy.com Open in urlscan Pro 13.251.177.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

44 %IPv6

8 Domains

9 Subdomains

6 IPs

3 Countries

189 kBTransfer

338 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

11 Cookies

Indicators

freshcity.referralcandy.com Open in urlscan Pro
13.251.177.61 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

189 kB
Transfer

338 kB
Size

11
Cookies

11 HTTP transactions
0 data transactions