urlscan.io logo urlscan.io
SecurityTrails logo

ref.ly Open in urlscan Pro
20.14.26.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ref.ly/
Effective URL: https://ref.ly/
Submission: On May 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 20.14.26.213, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ref.ly.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 2nd 2024. Valid for: 6 months.
This is the only time ref.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 20.14.26.213 8075 (MICROSOFT...)
8 151.101.129.91 54113 (FASTLY)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 20.125.87.46 8075 (MICROSOFT...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 216.58.212.132 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
18 6
5    20.14.26.213 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ref.ly
8    151.101.129.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
files.logoscdn.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    20.125.87.46 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api.reftagger.com
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f4.1e100.net
www.google.com
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
www.google.de
Apex Domain
Subdomains		 Transfer
8 logoscdn.com
files.logoscdn.com — Cisco Umbrella Rank: 195086
13 KB
5 ref.ly
ref.ly
14 KB
2 reftagger.com
api.reftagger.com — Cisco Umbrella Rank: 73123
18 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 654
17 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
21 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
379 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
27 KB
18 8
Domain Requested by
8 files.logoscdn.com ref.ly
5 ref.ly ref.ly
2 api.reftagger.com ref.ly
2 ssl.google-analytics.com 1 redirects ref.ly
1 www.google.de ref.ly
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 cdnjs.cloudflare.com ref.ly
18 8

This site contains links to these domains. Also see Links.

Domain
www.twitter.com
biblia.com
www.logos.com
app.logos.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
ref.ly
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-05-02 -
2024-11-02		 6 months crt.sh
*.logoscdn.com
R3		 2024-04-08 -
2024-07-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
api.reftagger.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ref.ly/
Frame ID: 62B85E190A4B616B2EB9365E09C0A4E8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ref.ly | Transform Bible verses into short links

Page URL History Show full URLs

  1. http://ref.ly/ HTTP 307
    https://ref.ly/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

6
IPs

4
Countries

89 kB
Transfer

232 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ref.ly/ HTTP 307
    https://ref.ly/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=471266716&utmhn=ref.ly&utme=8(Site%20Version*Authentication%20Status)9(Standard*%3C%25%3D%20HttpContext.Current.User.Identity.IsAuthenticated%20%3F%20%22Authenticated%22%20%3A%20%22Unauthenticated%22%20%25%3E)11(2*2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=ref.ly%20%7C%20Transform%20Bible%20verses%20into%20short%20links&utmhid=93354091&utmr=-&utmp=%2F&utmht=1716316037580&utmac=UA-5334144-12&utmcc=__utma%3D256948232.1990070320.1716316038.1716316038.1716316038.1%3B%2B__utmz%3D256948232.1716316038.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1469736526&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5334144-12&cid=1990070320.1716316038&jid=1469736526&_v=5.7.2&z=471266716 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5334144-12&cid=1990070320.1716316038&jid=1469736526&_v=5.7.2&z=471266716 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5334144-12&cid=1990070320.1716316038&jid=1469736526&_v=5.7.2&z=471266716&slf_rd=1&random=267411326

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ref.ly/
Redirect Chain
  • http://ref.ly/
  • https://ref.ly/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.14.26.213 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
eef860a6610b5e10f691a3525d26a40348b7aa38eba16e576baa6116bc60000b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 21 May 2024 18:27:16 GMT
request-context
appId=cid-v1:52882304-e0c3-4c02-9440-ad5303a4a918
server
Kestrel
vary
Accept-Encoding

Redirect headers

Location
https://ref.ly/
Non-Authoritative-Reason
HttpsUpgrades
site.css
ref.ly/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ref.ly/css/site.css
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.14.26.213 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e084e3c256e5e182ae43737490463489753488200d93720eb8dbeec2b7a74556

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:16 GMT
content-encoding
br
last-modified
Tue, 14 May 2024 23:41:34 GMT
server
Kestrel
etag
"1daa6584113d9b2"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
request-context
appId=cid-v1:52882304-e0c3-4c02-9440-ad5303a4a918
optimized
files.logoscdn.com/v1/assets/10435209/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.logoscdn.com/v1/assets/10435209/optimized
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
51351fb2a21449b6baa8042eb2610cdefa3ba41d7b7d7247b2fdc7a1f8ca1377

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
via
1.1 varnish, 1.1 varnish
age
1163221
x-cache
HIT, HIT
content-disposition
inline; filename="logo.webp"; filename*=UTF-8''logo.webp
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2016
x-served-by
cache-bfi-kbfi7400049-BFI, cache-fra-etou8220146-FRA
request-context
appId=cid-v1:cf81abda-4403-4052-9969-d37f319a0d72
accept-ch
Width
x-timer
S1716316037.385373,VS0,VE1
etag
"yzeuXpY5QZ26x8HhYCZcZg=="
vary
Accept, Width, Origin
accept-ch-lifetime
2592000
content-type
image/webp
access-control-allow-origin
*
x-miniprofiler-ids
["4edc8368-f820-4bb8-8fe4-b504e34ed05e"]
accept-ranges
bytes
x-cache-hits
36, 0
optimized
files.logoscdn.com/v1/assets/10435207/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.logoscdn.com/v1/assets/10435207/optimized
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7c7bcd2cd28b4147ffaac68576228b35226a6074c3f54c13dc1415ac288aee6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
via
1.1 varnish, 1.1 varnish
age
2368796
x-cache
HIT, HIT
content-disposition
inline; filename="to_the_point.webp"; filename*=UTF-8''to_the_point.webp
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1312
x-served-by
cache-bfi-kbfi7400055-BFI, cache-fra-etou8220146-FRA
request-context
appId=cid-v1:cf81abda-4403-4052-9969-d37f319a0d72
accept-ch
Width
x-timer
S1716316037.385398,VS0,VE2
etag
"qOP2PRrWO8d10OKAq0Njeg=="
vary
Accept, Width
accept-ch-lifetime
2592000
content-type
image/webp
access-control-allow-origin
*
x-miniprofiler-ids
["9408a611-7dd9-4f3c-b186-ea709836674a"]
accept-ranges
bytes
x-cache-hits
10, 0
optimized
files.logoscdn.com/v1/assets/10435208/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.logoscdn.com/v1/assets/10435208/optimized
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
acdb2152735b1634468668812aead1454dc718fab8bc1c209028a0f6f02c37de

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
via
1.1 varnish, 1.1 varnish
age
2315879
x-cache
HIT, HIT
content-disposition
inline; filename="transform.webp"; filename*=UTF-8''transform.webp
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1332
x-served-by
cache-bfi-kbfi7400033-BFI, cache-fra-etou8220146-FRA
request-context
appId=cid-v1:cf81abda-4403-4052-9969-d37f319a0d72
accept-ch
Width
x-timer
S1716316037.385163,VS0,VE1
etag
"hUXQ0MIWG5FOeEVs7i4V+A=="
vary
Accept, Width
accept-ch-lifetime
2592000
content-type
image/webp
access-control-allow-origin
*
x-miniprofiler-ids
["765efb3b-2428-44d0-ba3c-feb5d99eb269"]
accept-ranges
bytes
x-cache-hits
97, 0
optimized
files.logoscdn.com/v1/assets/10435212/ 		838 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.logoscdn.com/v1/assets/10435212/optimized
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36426677632b1bfded1a8ca23bdaaa33263b51a98bc4c4a8f2fb114162488f51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
via
1.1 varnish, 1.1 varnish
age
1651322
x-cache
HIT, HIT
content-disposition
inline; filename="tweet.webp"; filename*=UTF-8''tweet.webp
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
838
x-served-by
cache-bfi-kbfi7400076-BFI, cache-fra-etou8220146-FRA
request-context
appId=cid-v1:cf81abda-4403-4052-9969-d37f319a0d72
accept-ch
Width
x-timer
S1716316037.385519,VS0,VE2
etag
"AIrYn0dxSG40VvE+q9bMlQ=="
vary
Accept, Width
accept-ch-lifetime
2592000
content-type
image/webp
access-control-allow-origin
*
x-miniprofiler-ids
["1d340eeb-ce68-464e-991d-e8df013f06bb"]
accept-ranges
bytes
x-cache-hits
83, 0
optimized
files.logoscdn.com/v1/assets/450609/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.logoscdn.com/v1/assets/450609/optimized
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ee24212a350d38b9b417901b4ff8ae8cf34805558aed836740cc943c70d4d35

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
via
1.1 varnish, 1.1 varnish
age
2315879
x-cache
HIT, HIT
content-disposition
inline; filename="facebook share_56x20.webp"; filename*=UTF-8''facebook%20share_56x20.webp
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4512
x-served-by
cache-bfi-kbfi7400035-BFI, cache-fra-etou8220146-FRA
request-context
appId=cid-v1:cf81abda-4403-4052-9969-d37f319a0d72
accept-ch
Width
x-timer
S1716316037.385121,VS0,VE2
etag
"jUrhqToSPlnKO8GfNmDCZg=="
vary
Accept, Width, Origin
accept-ch-lifetime
2592000
content-type
image/webp
access-control-allow-origin
*
x-miniprofiler-ids
["4b221790-e517-4e53-9f24-d49f7fee5f1b"]
accept-ranges
bytes
x-cache-hits
17, 0
optimized
files.logoscdn.com/v1/assets/10435213/ 		190 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.logoscdn.com/v1/assets/10435213/optimized
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f634d8f3bc18dd898b5d2a6b220e62f0b6b7823c84ef3cb0a900162da3f7d383

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
via
1.1 varnish, 1.1 varnish
age
2456142
x-cache
HIT, HIT
content-disposition
inline; filename="twitter.webp"; filename*=UTF-8''twitter.webp
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
190
x-served-by
cache-bfi-kbfi7400031-BFI, cache-fra-etou8220146-FRA
request-context
appId=cid-v1:cf81abda-4403-4052-9969-d37f319a0d72
accept-ch
Width
x-timer
S1716316037.385631,VS0,VE1
etag
"bLn6pNmhOXh+bsgz9sVp/A=="
vary
Accept, Width
accept-ch-lifetime
2592000
content-type
image/webp
access-control-allow-origin
*
x-miniprofiler-ids
["b720be0b-ca00-4525-8547-3965d5b6035f"]
accept-ranges
bytes
x-cache-hits
54, 0
optimized
files.logoscdn.com/v1/assets/10435214/ 		258 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.logoscdn.com/v1/assets/10435214/optimized
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8f1f5fffb96c83500bee0046bceab4c929fe667086b8b61d6e75c21cf349a9fb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
via
1.1 varnish, 1.1 varnish
age
2962658
x-cache
HIT, HIT
content-disposition
inline; filename="email_link.webp"; filename*=UTF-8''email_link.webp
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
258
x-served-by
cache-bfi-krnt7300110-BFI, cache-fra-etou8220146-FRA
request-context
appId=cid-v1:cf81abda-4403-4052-9969-d37f319a0d72
accept-ch
Width
x-timer
S1716316037.426289,VS0,VE1
etag
"8cXje45ZOlVulg8HtbdTZQ=="
vary
Accept, Width, Origin
accept-ch-lifetime
2592000
content-type
image/webp
access-control-allow-origin
*
x-miniprofiler-ids
["335396c5-f46e-422c-b220-8f2059aac0e8"]
accept-ranges
bytes
x-cache-hits
106, 0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://ref.ly
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
484539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27446
last-modified
Tue, 29 Aug 2023 04:36:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64ed75bb-6b36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E70%2BVbq7l6T37aT54avjFlPmOSQHz9FoLO0ju3%2FPihDXO1M5X6uC4jDYP7tZgbhuwkUMiAU427lkD6K%2BinvvtikK3n2JAs9DJXwunKqc5BDcPNj4dRArpVrrlhC4HhvEEpv2ZxZz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88769ea14a516983-FRA
expires
Sun, 11 May 2025 18:27:17 GMT
Reference.js
ref.ly/js/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ref.ly/js/Reference.js?v=nsXzAbZgoup8QP7O9EgwOGz38D4bQZ65K09wujUWtRM
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.14.26.213 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9ec5f301b660a2ea7c40fecef44830386cf7f03e1b419eb92b4f70ba3516b513

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
content-encoding
br
last-modified
Tue, 14 May 2024 23:41:34 GMT
server
Kestrel
etag
"1daa6584113b895"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
request-context
appId=cid-v1:52882304-e0c3-4c02-9440-ad5303a4a918
Refly.js
ref.ly/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ref.ly/js/Refly.js?v=qiHOTckaQVNqeBTio2PYQpEhi_8U6kY5w-tkXHRdies
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.14.26.213 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
aa21ce4dc91a41536a7814e2a363d84291218bff14ea4639c3eb645c745d89eb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:16 GMT
content-encoding
br
last-modified
Tue, 14 May 2024 23:41:34 GMT
server
Kestrel
etag
"1daa6584113c325"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
request-context
appId=cid-v1:52882304-e0c3-4c02-9440-ad5303a4a918
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 21 May 2024 18:15:32 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
705
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 21 May 2024 20:15:32 GMT
optimized
files.logoscdn.com/v1/assets/10435211/ 		92 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.logoscdn.com/v1/assets/10435211/optimized
Requested by
Host: ref.ly
URL: https://ref.ly/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
18ee69033c15ccff0ee8d06865ac0761b53f58fa3b62eb861f2de61a1622cc23

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
via
1.1 varnish, 1.1 varnish
age
2359512
x-cache
HIT, HIT
content-disposition
inline; filename="header_bg.webp"; filename*=UTF-8''header_bg.webp
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
92
x-served-by
cache-bfi-kbfi7400071-BFI, cache-fra-etou8220146-FRA
request-context
appId=cid-v1:cf81abda-4403-4052-9969-d37f319a0d72
accept-ch
Width
x-timer
S1716316037.459589,VS0,VE4
etag
"jJYUqnxZeMbUT9v8/ZfUrw=="
vary
Accept, Width, Origin
accept-ch-lifetime
2592000
content-type
image/webp
access-control-allow-origin
*
x-miniprofiler-ids
["2fc15d07-a22c-4804-9d91-d0274e0e4142"]
accept-ranges
bytes
x-cache-hits
161, 0
RefTagger.js
api.reftagger.com/v2/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.reftagger.com/v2/RefTagger.js
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.87.46 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
119c5e10f62c08539b7b3622c1f4b1d0c17266934a6dda583e5c24733d123c43

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:17 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2024 16:37:31 GMT
server
Microsoft-IIS/10.0
etag
"809763566a1da1:0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
content-length
17524
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=471266716&utmhn=ref.ly&utme=8(Site%20Version*Authentication%20Status)9(Standard*%3C%25%3D%20HttpContext.Current.User.Identity.Is...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5334144-12&cid=1990070320.1716316038&jid=1469736526&_v=5.7.2&z=471266716
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5334144-12&cid=1990070320.1716316038&jid=1469736526&_v=5.7.2&z=471266716
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5334144-12&cid=1990070320.1716316038&jid=1469736526&_v=5.7.2&z=471266716&slf_rd=1&random=267411326
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5334144-12&cid=1990070320.1716316038&jid=1469736526&_v=5.7.2&z=471266716&slf_rd=1&random=267411326
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H3
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ref.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 May 2024 18:27:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 May 2024 18:27:17 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5334144-12&cid=1990070320.1716316038&jid=1469736526&_v=5.7.2&z=471266716&slf_rd=1&random=267411326
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
api.reftagger.com/util/v2/ 		35 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.reftagger.com/util/v2/log?documentUrl=https%3A%2F%2Fref.ly%2F&referenceCount=0&microreferenceCount=8&bibleVersion=ESV&usesLibronixLinks=false&usesTooltips=true&applicationVersion=2&rand=27239171
Requested by
Host: ref.ly
URL: https://ref.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.125.87.46 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
pragma
no-cache
date
Tue, 21 May 2024 18:27:18 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/gif
access-control-expose-headers
Request-Context
cache-control
no-cache
content-length
35
request-context
appId=cid-v1:2c9addf6-a19f-4c36-8c35-74ce06ccbbff
favicon.ico
ref.ly/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ref.ly/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.14.26.213 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
df13f4582d689a8be328413543497a62270e5896e6998c06a57600bcaaa6c15a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ref.ly/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:27:18 GMT
last-modified
Tue, 14 May 2024 23:41:34 GMT
server
Kestrel
etag
"1daa6584113ce7e"
content-type
image/x-icon
accept-ranges
bytes
content-length
1406
request-context
appId=cid-v1:52882304-e0c3-4c02-9440-ad5303a4a918

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _gaq function| trackPageView function| fbs_click function| $ function| jQuery object| Logos object| refTagger object| _gat object| gaGlobal function| refTaggerCallback

5 Cookies

Domain/Path Name / Value
.ref.ly/ Name: __utma
Value: 256948232.1990070320.1716316038.1716316038.1716316038.1
.ref.ly/ Name: __utmc
Value: 256948232
.ref.ly/ Name: __utmz
Value: 256948232.1716316038.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.ref.ly/ Name: __utmt
Value: 1
.ref.ly/ Name: __utmb
Value: 256948232.1.10.1716316038

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.reftagger.com
cdnjs.cloudflare.com
files.logoscdn.com
ref.ly
ssl.google-analytics.com
stats.g.doubleclick.net
www.google.com
www.google.de
104.17.25.14
151.101.129.91
172.217.16.195
20.125.87.46
20.14.26.213
216.58.212.132
2a00:1450:4001:831::2008
2a00:1450:400c:c09::9d
119c5e10f62c08539b7b3622c1f4b1d0c17266934a6dda583e5c24733d123c43
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18ee69033c15ccff0ee8d06865ac0761b53f58fa3b62eb861f2de61a1622cc23
36426677632b1bfded1a8ca23bdaaa33263b51a98bc4c4a8f2fb114162488f51
3ee24212a350d38b9b417901b4ff8ae8cf34805558aed836740cc943c70d4d35
51351fb2a21449b6baa8042eb2610cdefa3ba41d7b7d7247b2fdc7a1f8ca1377
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8f1f5fffb96c83500bee0046bceab4c929fe667086b8b61d6e75c21cf349a9fb
9ec5f301b660a2ea7c40fecef44830386cf7f03e1b419eb92b4f70ba3516b513
aa21ce4dc91a41536a7814e2a363d84291218bff14ea4639c3eb645c745d89eb
acdb2152735b1634468668812aead1454dc718fab8bc1c209028a0f6f02c37de
b7c7bcd2cd28b4147ffaac68576228b35226a6074c3f54c13dc1415ac288aee6
df13f4582d689a8be328413543497a62270e5896e6998c06a57600bcaaa6c15a
e084e3c256e5e182ae43737490463489753488200d93720eb8dbeec2b7a74556
eef860a6610b5e10f691a3525d26a40348b7aa38eba16e576baa6116bc60000b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f634d8f3bc18dd898b5d2a6b220e62f0b6b7823c84ef3cb0a900162da3f7d383
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a