mywit.referralcandy.com Open in urlscan Pro
54.169.46.49  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request 7KH4X3D Show response mywit.referralcandy.com/	3 KB 2 KB	680ms 266ms	Document text/html	54.169.46.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mywit.referralcandy.com/7KH4X3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.169.46.49 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-169-46-49.ap-southeast-1.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash 0e51107afe5ed5d250a0e394d380d822ba2ea979b69a4b68cc510d8a1b0953c4 Request headers :method GET :authority mywit.referralcandy.com :scheme https :path /7KH4X3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 26 Oct 2021 02:29:15 GMT content-type text/html; charset=utf-8 server nginx/1.10.3 (Ubuntu) x-ua-compatible IE=Edge,chrome=1 cache-control no-cache set-cookie _referral_corner_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyNWIzYWJiNWRkNTU3NzAwZmY0YmU5YjQzYWI3ODA3BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTkxLzdJWk1zdEhiRkRPZWxlNG1zeFdoNGVSd2c1V2hPOUliNlhHQVFLUkE9BjsARg%3D%3D--bceeebe8073fc8fa67f1af39e2138a38779d1b53; path=/; HttpOnly; Secure; SameSite=None x-request-id 65ea20adaa23e645b7a7243a8c0cfa13 x-runtime 0.065732 x-rack-cache miss vary Origin content-encoding gzip
GET H2	200	bootstrap-combined.min.css netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/css/	117 KB 20 KB	47ms 20ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/css/bootstrap-combined.min.css Requested by Host: mywit.referralcandy.com URL: https://mywit.referralcandy.com/7KH4X3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13431ebc8279cd6b43d9b4e94a137e59a2f848555cfa8293da2071d9b98149d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mywit.referralcandy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 02:29:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723, 718, 718 age 5444237 cdn-cachedat 2021-07-30 18:00:24 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:05:00 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid d7217af770ae976c936b424adeb67121 cf-ray 6a4041861e4f0eb7-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	screen-cb2d1b1085381117ab1cb0eb03ad6f97.css mywit.referralcandy.com/assets/	7 KB 7 KB	197ms 196ms	Stylesheet text/css	54.169.46.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mywit.referralcandy.com/assets/screen-cb2d1b1085381117ab1cb0eb03ad6f97.css Requested by Host: mywit.referralcandy.com URL: https://mywit.referralcandy.com/7KH4X3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.169.46.49 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-169-46-49.ap-southeast-1.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash 95c860dc446f9fb3dd674f2315531c472d527c72d058b193d1191683d2ece7c6 Request headers :path /assets/screen-cb2d1b1085381117ab1cb0eb03ad6f97.css pragma no-cache cookie _referral_corner_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyNWIzYWJiNWRkNTU3NzAwZmY0YmU5YjQzYWI3ODA3BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTkxLzdJWk1zdEhiRkRPZWxlNG1zeFdoNGVSd2c1V2hPOUliNlhHQVFLUkE9BjsARg%3D%3D--bceeebe8073fc8fa67f1af39e2138a38779d1b53 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority mywit.referralcandy.com referer https://mywit.referralcandy.com/7KH4X3D :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://mywit.referralcandy.com/7KH4X3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 02:29:15 GMT last-modified Thu, 07 Oct 2021 09:30:37 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "615ebe3d-1ad6" content-length 6870 content-type text/css
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: mywit.referralcandy.com URL: https://mywit.referralcandy.com/7KH4X3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mywit.referralcandy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 Oct 2021 16:47:48 GMT server Golfe2 age 1722 date Tue, 26 Oct 2021 02:00:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 19887 expires Tue, 26 Oct 2021 04:00:34 GMT
GET H2	200	application-d0a28a2567be387f1b51141f2a95ed2a.js Show response mywit.referralcandy.com/assets/	107 KB 108 KB	385ms 385ms	Script application/javascript	54.169.46.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mywit.referralcandy.com/assets/application-d0a28a2567be387f1b51141f2a95ed2a.js Requested by Host: mywit.referralcandy.com URL: https://mywit.referralcandy.com/7KH4X3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.169.46.49 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-169-46-49.ap-southeast-1.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash d7fa2252fffb48c0e31980bbfa30d0baef0ed99086f3b0f444789f5a01df6b93 Request headers :path /assets/application-d0a28a2567be387f1b51141f2a95ed2a.js pragma no-cache cookie _referral_corner_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyNWIzYWJiNWRkNTU3NzAwZmY0YmU5YjQzYWI3ODA3BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTkxLzdJWk1zdEhiRkRPZWxlNG1zeFdoNGVSd2c1V2hPOUliNlhHQVFLUkE9BjsARg%3D%3D--bceeebe8073fc8fa67f1af39e2138a38779d1b53 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority mywit.referralcandy.com referer https://mywit.referralcandy.com/7KH4X3D :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://mywit.referralcandy.com/7KH4X3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 02:29:15 GMT last-modified Thu, 07 Oct 2021 09:30:37 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "615ebe3d-1adfb" content-length 110075 content-type application/javascript
GET H2	200	bootstrap.min.js Show response netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/js/	31 KB 9 KB	41ms 15ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/twitter-bootstrap/2.2.2/js/bootstrap.min.js Requested by Host: mywit.referralcandy.com URL: https://mywit.referralcandy.com/7KH4X3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34c5b7b058640503224a11acd9e5edd7a3d11d6dd1a1d05e9cb971855e798849 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mywit.referralcandy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 02:29:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 632, 617, 617 age 16057830 cdn-cachedat 2021-04-20 20:03:14 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:05:00 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 5039b78910cfb56eea2f15ee42e0e223 cf-ray 6a4041861e500eb7-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H/1.1	200 OK	baby.jpg d1p6b1fqdxr5o.cloudfront.net/images/error/	15 KB 16 KB	54ms 14ms	Image image/jpeg	18.66.97.21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1p6b1fqdxr5o.cloudfront.net/images/error/baby.jpg Requested by Host: mywit.referralcandy.com URL: https://mywit.referralcandy.com/7KH4X3D Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.97.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0f99f0fb01e2239b3d8c3c9b04da677bbe1d4a3cd207fbd6075077e023cdbef2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mywit.referralcandy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id null Via 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront) Last-Modified Wed, 21 Dec 2011 06:58:44 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-P2 ETag "a92628d006ad7e0402ef0213784b6727" X-Cache Hit from cloudfront Content-Type image/jpeg Date Tue, 26 Oct 2021 02:29:16 GMT Connection keep-alive Accept-Ranges bytes Content-Length 15524 X-Amz-Cf-Id E8eRiSIP99kf7oFWRQUK4QHSpwRZIVV3OjWrHw3-59D5pUJ05W4-0g==
GET H/1.1	200 OK	refer-a-friend-program-powered-by-referralcandy.png d1p6b1fqdxr5o.cloudfront.net/images/	3 KB 3 KB	10ms 9ms	Image image/png	18.66.97.21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1p6b1fqdxr5o.cloudfront.net/images/refer-a-friend-program-powered-by-referralcandy.png Requested by Host: mywit.referralcandy.com URL: https://mywit.referralcandy.com/7KH4X3D Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.97.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6bf356b1ac5d7badc1ba9ef6ac2f6f6708e170f3602ee88da24e8717b098df9f Request headers Accept-Language de-DE,de;q=0.9 Referer https://mywit.referralcandy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id null Via 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront) Last-Modified Thu, 31 Oct 2013 08:08:49 GMT Server AmazonS3 Age 74332 ETag "419c65a555c10567bea2864798d0f415" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Date Mon, 25 Oct 2021 05:50:25 GMT X-Amz-Cf-Pop FRA56-P2 Accept-Ranges bytes Content-Length 3071 X-Amz-Cf-Id f39uZdIUjLHRYQLzPgDS7V0H1yvEYYtpYbT-8-KLCL0BEKCSgt4pEg==

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| google_tag_data function| ga object| gaplugins object| RCORNER object| FlashDetect object| Kicksend object| ZeroClipboard function| $ function| jQuery object| jQuery1706821898716683854

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mywit.referralcandy.com/	1969-12-31 23:59:59	Name: _referral_corner_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyNWIzYWJiNWRkNTU3NzAwZmY0YmU5YjQzYWI3ODA3BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTkxLzdJWk1zdEhiRkRPZWxlNG1zeFdoNGVSd2c1V2hPOUliNlhHQVFLUkE9BjsARg%3D%3D--bceeebe8073fc8fa67f1af39e2138a38779d1b53

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mywit.referralcandy.com/7KH4X3D Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1p6b1fqdxr5o.cloudfront.net
mywit.referralcandy.com
netdna.bootstrapcdn.com
www.google-analytics.com
18.66.97.21
2606:4700::6812:bcf
2a00:1450:4001:801::200e
54.169.46.49
0e51107afe5ed5d250a0e394d380d822ba2ea979b69a4b68cc510d8a1b0953c4
0f99f0fb01e2239b3d8c3c9b04da677bbe1d4a3cd207fbd6075077e023cdbef2
13431ebc8279cd6b43d9b4e94a137e59a2f848555cfa8293da2071d9b98149d8
34c5b7b058640503224a11acd9e5edd7a3d11d6dd1a1d05e9cb971855e798849
6bf356b1ac5d7badc1ba9ef6ac2f6f6708e170f3602ee88da24e8717b098df9f
95c860dc446f9fb3dd674f2315531c472d527c72d058b193d1191683d2ece7c6
d7fa2252fffb48c0e31980bbfa30d0baef0ed99086f3b0f444789f5a01df6b93
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3