candyi.xyz Open in urlscan Pro
66.29.132.53  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response candyi.xyz/	26 KB 5 KB	1078ms 148ms	Document text/html	66.29.132.53 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.132.53 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium198-5.web-hosting.com Software LiteSpeed / PHP/8.0.29 Resource Hash bbe27e2d0b12577a7f9f13f63ee42257536881d074525de38aa359d82448e028 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding br content-length 5105 content-type text/html; charset=UTF-8 date Thu, 20 Jul 2023 16:06:22 GMT server LiteSpeed vary Accept-Encoding x-powered-by PHP/8.0.29 x-turbo-charged-by LiteSpeed
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/	152 KB 25 KB	121ms 33ms	Stylesheet text/css	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://candyi.xyz/ Origin https://candyi.xyz accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Jul 2023 16:06:22 GMT x-content-type-options nosniff content-encoding br age 3392424 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 25360 x-served-by cache-fra-eddf8230097-FRA, cache-mia-kmia1760097-MIA x-jsd-version-type version etag W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap-icons.css cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/	87 KB 12 KB	121ms 34ms	Stylesheet text/css	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Jul 2023 16:06:22 GMT x-content-type-options nosniff content-encoding br age 10983997 x-jsd-version 1.9.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 11979 x-served-by cache-fra-eddf8230111-FRA, cache-mia-kmia1760099-MIA x-jsd-version-type version etag W/"15a09-bhLh682YP4SOXCgKt3ZJ7rROdLw" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	js Show response www.googletagmanager.com/gtag/	260 KB 87 KB	328ms 111ms	Script application/javascript	2607:f8b0:4020:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3LC7K054HT Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 01bf054c94dbd0969889e4d0c570972f712ef7a6998d7f8c555c2c7c1e1c6445 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88988 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 20 Jul 2023 16:06:22 GMT
GET H2	200	3334278262-classic.css www.blogger.com/static/v1/v-css/navbar/	871 B 850 B	267ms 77ms	Stylesheet text/css	2607:f8b0:4020:804::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/v-css/navbar/3334278262-classic.css Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6e7616391f5c7649cd033b934318aa33a71e9ce24c341c0e62e438c14bd66c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 06:49:26 GMT content-encoding gzip x-content-type-options nosniff age 119816 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 404 x-xss-protection 0 last-modified Wed, 19 Jul 2023 01:51:23 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Thu, 18 Jul 2024 06:49:26 GMT
GET H2	200	platform.js Show response apis.google.com/js/	57 KB 22 KB	262ms 102ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Thu, 20 Jul 2023 16:06:22 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22286 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "7e9d9dc128ddec90" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Thu, 20 Jul 2023 16:06:22 GMT
GET H2	200	snake_spray_candy_540x.jpg cdn.shopify.com/s/files/1/2456/4139/products/	68 KB 69 KB	171ms 56ms	Image image/webp	23.227.60.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/2456/4139/products/snake_spray_candy_540x.jpg?v=1671650713 Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS cdn.shopify.com Software cloudflare / Resource Hash 377c108f8d15d0524f6c9409d18b837b16a3f705446ae3e88498a605f70a00a1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,gcp-us-central1 age 1217834 source-type image/jpeg server-timing imagery;dur=161.250, imageryFetch;dur=37.006, imageryProcess;dur=122.150;desc="image", cfRequestDuration;dur=13.000011 source-length 234123 content-length 69556 x-xss-protection 1; mode=block x-request-id b07cf3e7-b15f-4ac8-b897-b0ad637067b9 alt-svc h3=":443"; ma=86400 last-modified Fri, 09 Jun 2023 04:13:04 GMT server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLr1itnaTxUQj4V0R3IBJ13Fu7PKSSGci8HUWkYr3xcmJuqV4Gjqu8Xe354RCAbgPOp4v5OkvDQDk4QhXNJUJMg8bEhId37mnPsRtRr%2BqhLf4aBrZDIplmKP9HpFfVY6JQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/2456/4139/products/snake_spray_candy_540x.jpg>; rel="canonical" cf-ray 7e9c73763b2b334c-MIA
GET H2	200	il_794xN.4500372613_dm8u.jpg i.etsystatic.com/37919294/r/il/58942f/4500372613/	109 KB 110 KB	343ms 94ms	Image image/avif	104.74.65.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.etsystatic.com/37919294/r/il/58942f/4500372613/il_794xN.4500372613_dm8u.jpg Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.74.65.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-74-65-42.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash ef89a39196b58abcf9dbce93d85353732eaf8ca7b407b1c4b369f0c5cd2774ae Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT akamai-cache-status Miss from child, Hit from parent strict-transport-security max-age=86400 x-check-cacheable YES akamai-grn , , , , , , , 0.26414a68.1689869182.3c7cc65 server-timing clientrtt; dur=61, clienttt; dur=23, origin; dur=0 , cdntime; dur=23, cache_status; desc=HIT, cdn; desc=Akamai content-length 111887 last-modified Wed, 21 Dec 2022 23:38:13 GMT x-serial 1453 server Akamai Image Manager etag "3569613e39c31078a4f484a71862f237" content-type image/avif cache-control private, no-transform, max-age=510582 akamai-request-bc [a=104.74.65.38,b=63425637,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NY_NEWYORK,o=20940] timing-allow-origin * expires Wed, 26 Jul 2023 13:56:04 GMT
GET H2	200	il_794xN.4550864898_cpct.jpg i.etsystatic.com/21812055/r/il/1dff21/4550864898/	133 KB 133 KB	493ms 244ms	Image image/avif	104.74.65.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.etsystatic.com/21812055/r/il/1dff21/4550864898/il_794xN.4550864898_cpct.jpg Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.74.65.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-74-65-42.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 7ef659821ea73d2965ef4b648b8ad930b9a4d9f12f273eccde839933e3d2b923 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT akamai-cache-status Miss from child, Hit from parent strict-transport-security max-age=86400 x-check-cacheable YES akamai-grn , , , , , , , , 0.26414a68.1689869182.3c7cc69 server-timing clientrtt; dur=61, clienttt; dur=25, origin; dur=0 , cdntime; dur=25, cache_status; desc=HIT, cdn; desc=Akamai content-length 135873 last-modified Mon, 23 Jan 2023 05:03:21 GMT x-serial 2031 server Akamai Image Manager etag "b4aaedc798c04067b084a539f35d8582" content-type image/avif cache-control private, no-transform, max-age=881531 akamai-request-bc [a=104.74.65.38,b=63425641,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NY_NEWYORK,o=20940] timing-allow-origin * expires Sun, 30 Jul 2023 20:58:33 GMT
GET H2	200	img_4141.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5VBK5IxXkucEbOmj-uIetQXpDb3hE1hnyVjpVPIsgCk8bOnvPF6dOKCvx_cae7nH05d28V9J-CbWlKb1xigJ9Z-mFhg8gC6AaRaTVLZq2__lX6UdZZR6mMteH78qy9f65GXLGqqj0SpXx6nRM...	207 KB 208 KB	824ms 602ms	Image image/jpeg	2607:f8b0:4020:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5VBK5IxXkucEbOmj-uIetQXpDb3hE1hnyVjpVPIsgCk8bOnvPF6dOKCvx_cae7nH05d28V9J-CbWlKb1xigJ9Z-mFhg8gC6AaRaTVLZq2__lX6UdZZR6mMteH78qy9f65GXLGqqj0SpXx6nRMEtqE2jz9bewP3URA9vTvkoe4xX3SZpg-gSUko4Y/s16000/img_4141.jpg Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 4a9f8e788810a19cd22f6ce1359aa2369c178389c80c43938f00f07da1d66e6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT x-content-type-options nosniff server fife etag "vac" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="img_4141.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 212332 x-xss-protection 0 expires Fri, 21 Jul 2023 16:06:22 GMT
GET H2	200	IMG_4607.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj154QxTqbPVRttI17cwanqgG2-3pUgmHmkUelmXlhuVv8ay6SgTIaUVmMExCRDmtwooxZ-3LZxNqKA3pU8Hh4Jg11b9qovrR9ZvdJCIbJJ47jTRhPX2ugMynSzg_vi1Y4adaUwvQ0WGwI-jJxB...	209 KB 210 KB	622ms 401ms	Image image/jpeg	2607:f8b0:4020:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj154QxTqbPVRttI17cwanqgG2-3pUgmHmkUelmXlhuVv8ay6SgTIaUVmMExCRDmtwooxZ-3LZxNqKA3pU8Hh4Jg11b9qovrR9ZvdJCIbJJ47jTRhPX2ugMynSzg_vi1Y4adaUwvQ0WGwI-jJxB0-j7yQjKOhxrIKvrSZgOwwbdySCHuiXLwuueV4k/s16000/IMG_4607.jpg Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9bb25f2e52f76275397be9350cdd6beaa63d363e008fbdc9f1900dfc1c1d81ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT x-content-type-options nosniff server fife etag "vad" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="IMG_4607.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 214236 x-xss-protection 0 expires Fri, 21 Jul 2023 16:06:22 GMT
GET H2	200	IMG_4157.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSmWt5WD8qYhVr5gpGKDOe23pLkC3wUZxHNBC0HT04HrAj2Kgr98wSwXCC-eO8fK4s0X2jPwEZDnD47XLJMCAR-jbeSk8LfaJ8zGZ1LELy4mns0qQ6Mod-8hLYfPNj6CdXSlxnG6xS-DQMMAOg...	198 KB 198 KB	727ms 505ms	Image image/jpeg	2607:f8b0:4020:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSmWt5WD8qYhVr5gpGKDOe23pLkC3wUZxHNBC0HT04HrAj2Kgr98wSwXCC-eO8fK4s0X2jPwEZDnD47XLJMCAR-jbeSk8LfaJ8zGZ1LELy4mns0qQ6Mod-8hLYfPNj6CdXSlxnG6xS-DQMMAOg2KGtZy2QHoStdWhOmFa7sic0JzcrVi6QYwSSYco/s16000/IMG_4157.jpg Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 53107629172b5ae0221f599d4118e9b066e2a2a37271de41d45e742614ccf6fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT x-content-type-options nosniff server fife etag "vad" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="IMG_4157.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 202506 x-xss-protection 0 expires Fri, 21 Jul 2023 16:06:22 GMT
GET H2	200	il_794xN.4647264579_137k.jpg i.etsystatic.com/37550783/r/il/59cbdc/4647264579/	102 KB 103 KB	445ms 198ms	Image image/avif	104.74.65.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.etsystatic.com/37550783/r/il/59cbdc/4647264579/il_794xN.4647264579_137k.jpg Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.74.65.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-74-65-42.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 0ed669b197b8ff228f123eb9d47c879c176f03d21bf91971f48af6fb1a049265 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT akamai-cache-status Miss from child, Hit from parent strict-transport-security max-age=86400 x-check-cacheable YES akamai-grn , 0.26414a68.1689869182.3c7cc6a server-timing clientrtt; dur=61, clienttt; dur=20, origin; dur=0 , cdntime; dur=20, cache_status; desc=HIT, cdn; desc=Akamai content-length 104845 last-modified Mon, 06 Feb 2023 11:38:44 GMT x-serial 1405 server Akamai Image Manager etag "aec9479e516a4c4b1e941d967491e780" content-type image/avif cache-control private, no-transform, max-age=2355906 akamai-request-bc [a=104.74.65.38,b=63425642,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NY_NEWYORK,o=20940] timing-allow-origin * expires Wed, 16 Aug 2023 22:31:28 GMT
GET H2	200	il_794xN.3945891168_st11.jpg i.etsystatic.com/13415113/r/il/8b397c/3945891168/	240 KB 241 KB	444ms 198ms	Image image/avif	104.74.65.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.etsystatic.com/13415113/r/il/8b397c/3945891168/il_794xN.3945891168_st11.jpg Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.74.65.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-74-65-42.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 5fb6f81658b8255b1d432f137bd13dc72a8058b82cb1773c15072f8c5cae051d Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT akamai-cache-status Miss from child, Hit from parent strict-transport-security max-age=86400 last-modified Fri, 11 Nov 2022 19:47:08 GMT server Akamai Image Manager akamai-grn , , , , , 0.26414a68.1689869182.3c7cc6b etag "c3ba25c0186298284c8d42e43f4d3171" content-type image/avif cache-control private, no-transform, max-age=1818388 server-timing clientrtt; dur=61, clienttt; dur=23, origin; dur=0 , cdntime; dur=23, cache_status; desc=HIT, cdn; desc=Akamai akamai-request-bc [a=104.74.65.38,b=63425643,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NY_NEWYORK,o=20940] timing-allow-origin * content-length 245997 expires Thu, 10 Aug 2023 17:12:50 GMT
GET H2	200	image_f34c55d1-208e-4db1-9b64-d91502d3a321_732x732.png cdn.shopify.com/s/files/1/0532/7090/5020/products/	65 KB 66 KB	53ms 52ms	Image image/webp	23.227.60.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/0532/7090/5020/products/image_f34c55d1-208e-4db1-9b64-d91502d3a321_732x732.png Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS cdn.shopify.com Software cloudflare / Resource Hash f7d3bdfe891e53374c001824b13107164ce56d10b6d91f1b899185a42ab2d568 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-central1,gcp-us-central1 age 1217834 source-type image/png server-timing imagery;dur=421.155, imageryFetch;dur=85.627, imageryProcess;dur=334.112;desc="image", cfRequestDuration;dur=9.999990 source-length 2747316 content-length 66508 x-xss-protection 1; mode=block x-request-id 819b3818-94c0-4398-a61d-38282a5a0956 alt-svc h3=":443"; ma=86400 last-modified Fri, 09 Jun 2023 14:22:02 GMT server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbyC%2Fl3KObSA5amybM7ULLkrMa4D82r7cShTz%2B0BnFHk8Ci7ZmCSbNcmZkFA%2FVkfeaYDonzqdi%2B%2BPMieeCUPhUoIn9oC2DryZ0Qdax3HnJae0fg71aqpbRV%2BvPyek5yhyA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0532/7090/5020/products/image_f34c55d1-208e-4db1-9b64-d91502d3a321_732x732.png>; rel="canonical" cf-ray 7e9c7376dc1b334c-MIA
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/	77 KB 24 KB	34ms 33ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://candyi.xyz/ Origin https://candyi.xyz accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Jul 2023 16:06:22 GMT x-content-type-options nosniff content-encoding br age 5018376 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 23943 x-served-by cache-fra-eddf8230080-FRA, cache-mia-kmia1760097-MIA x-jsd-version-type version etag W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	8dd09cf.js Show response d1xv7hxes9rviq.cloudfront.net/	24 KB 7 KB	398ms 196ms	Script application/javascript	2600:9000:25f3:c200:18:1ea4:5480:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xv7hxes9rviq.cloudfront.net/8dd09cf.js Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25f3:c200:18:1ea4:5480:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:03:56 GMT content-encoding gzip via 1.1 47214a5a56c101a011a23591db3cc7d8.cloudfront.net (CloudFront) last-modified Tue, 27 Jun 2023 13:23:05 GMT server AmazonS3 x-amz-cf-pop CMH68-P3 age 337 etag W/"07ace30cbd77eb9d6e74843abfd10980" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id U2h5X6ipcNikizqDKPwyZDAiF6N1Y_ud7Numpr-gueh3636xVW8E3Q==
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/	182 KB 61 KB	85ms 65ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/platform.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d029e05d60ef02eef92dcc10dff14ebe2470d06783e07ea41dc2e2dcd6649f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Mon, 17 Jul 2023 22:57:19 GMT content-encoding gzip x-content-type-options nosniff age 234543 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61943 x-xss-protection 0 last-modified Tue, 04 Jul 2023 15:24:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 16 Jul 2024 22:57:19 GMT
GET H2	200	platform.js Show response apis.google.com/js/	57 KB 22 KB	164ms 144ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Thu, 20 Jul 2023 16:06:22 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22286 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "7e9d9dc128ddec90" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Thu, 20 Jul 2023 16:06:22 GMT
GET		navbar.g www.blogger.com/ Frame 78D7	0 0
GET		navbar.g www.blogger.com/ Frame BF43	0 0
GET H2	200	navbar.g Show response www.blogger.com/ Frame 14D1	7 KB 3 KB	193ms 190ms	Document text/html	2607:f8b0:4020:804::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/navbar.g?targetBlogID=101429144834140649&blogName=candy+love&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://candy-love-sugar.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://candy-love-sugar.blogspot.com/&vt=7760829253693090960&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__ Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_0?le=scs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f6a422521d67e87ca9a334298bf9ddc178fe18441595d0d35f32726da6400834 Security Headers Name Value Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://candyi.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 2565 content-security-policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport content-type text/html; charset=UTF-8 date Thu, 20 Jul 2023 16:06:22 GMT expires Mon, 01 Jan 1990 00:00:00 GMT p3p CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." pragma no-cache server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H/1.1	403 Forbidden	invoke.js www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/	0 0	891ms 69ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash Request headers Referer https://candyi.xyz/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 20 Jul 2023 16:06:23 GMT Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET DATA	200 OK	truncated /	199 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	273 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	avastars-amboy-black.otf cdn.shopify.com/s/files/1/2800/8456/t/7/assets/	23 KB 12 KB	133ms 51ms	Font font/otf	23.227.60.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/2800/8456/t/7/assets/avastars-amboy-black.otf?v=1655404631 Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS cdn.shopify.com Software cloudflare / Resource Hash d4102a0df8c5cf8ad1430864814e9bb17a6fad3939d7b6e58712916b4f578b77 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://candyi.xyz/ Origin https://candyi.xyz accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:22 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,gcp-us-east1 age 47833 content-encoding br server-timing imagery;dur=92.087, imageryFetch;dur=90.534, cfRequestDuration;dur=13.999939 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id ddf6faf0-e190-4519-b03c-441e4cdeb50c last-modified Mon, 17 Jul 2023 16:02:18 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3Ynkk8wLTLEpirjC77rGo9tC6My07kbFCMTEfYZNPpeffQFh10D%2FhoeHZlWU8AjULBLx8DCXtktWcs4FEIjUZ51FRUUhrzHabZHALzN4xZJ6CK0C3u4ccjQygYzJgTYnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/otf access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 timing-allow-origin * link <https://cdn.shopify.com/s/files/1/2800/8456/t/7/assets/avastars-amboy-black.otf>; rel="canonical" cf-ray 7e9c73792ad8b3c5-MIA
POST H2	204	collect www.google-analytics.com/g/	0 251 B	261ms 91ms	Ping text/plain	2607:f8b0:4020:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-3LC7K054HT&gtm=45je37h0&_p=1755969454&cid=2031114215.1689869183&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689869182&sct=1&seg=0&dl=https%3A%2F%2Fcandyi.xyz%2F&dt=Candy&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3LC7K054HT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Thu, 20 Jul 2023 16:06:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://candyi.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	platform:gapi.iframes.style.common.js Show response apis.google.com/js/ Frame 14D1	57 KB 22 KB	85ms 85ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform:gapi.iframes.style.common.js Requested by Host: www.blogger.com URL: https://www.blogger.com/navbar.g?targetBlogID=101429144834140649&blogName=candy+love&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://candy-love-sugar.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://candy-love-sugar.blogspot.com/&vt=7760829253693090960&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d7578a30d8ef9a1e60d9956f7bc6f58f5d8e78e81c36af35ea78f3954d959d Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.blogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Thu, 20 Jul 2023 16:06:23 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22296 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "e0c1fee472d80375" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Thu, 20 Jul 2023 16:06:23 GMT
GET H2	200	icons_orange.png resources.blogblog.com/img/navbar/ Frame 14D1	915 B 1 KB	217ms 65ms	Image image/png	2607:f8b0:4006:823::2009 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://resources.blogblog.com/img/navbar/icons_orange.png Requested by Host: www.blogger.com URL: https://www.blogger.com/navbar.g?targetBlogID=101429144834140649&blogName=candy+love&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://candy-love-sugar.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://candy-love-sugar.blogspot.com/&vt=7760829253693090960&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2009 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.blogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:42:38 GMT x-content-type-options nosniff last-modified Mon, 17 Jul 2023 23:51:35 GMT server sffe age 167025 report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type image/png cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 915 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Tue, 25 Jul 2023 17:42:38 GMT
GET H2	200	arrows-blue.png resources.blogblog.com/img/navbar/ Frame 14D1	104 B 216 B	216ms 66ms	Image image/png	2607:f8b0:4006:823::2009 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://resources.blogblog.com/img/navbar/arrows-blue.png Requested by Host: www.blogger.com URL: https://www.blogger.com/navbar.g?targetBlogID=101429144834140649&blogName=candy+love&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://candy-love-sugar.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://candy-love-sugar.blogspot.com/&vt=7760829253693090960&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2009 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.blogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 08:14:13 GMT x-content-type-options nosniff last-modified Tue, 18 Jul 2023 00:51:29 GMT server sffe age 201130 report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type image/png cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Tue, 25 Jul 2023 08:14:13 GMT
GET H3	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/ Frame 14D1	136 KB 45 KB	72ms 70ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 106983bf500835084c1de15153d8b8f33d9bed093688506a698735c4b848c7bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.blogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Mon, 17 Jul 2023 13:43:32 GMT content-encoding gzip x-content-type-options nosniff age 267771 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46548 x-xss-protection 0 last-modified Tue, 04 Jul 2023 15:24:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 16 Jul 2024 13:43:32 GMT
GET H/1.1	403 Forbidden	invoke.js www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/	0 0	76ms 75ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash Request headers Referer https://candyi.xyz/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 20 Jul 2023 16:06:23 GMT Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H/1.1	403 Forbidden	invoke.js www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/	0 0	85ms 85ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js Requested by Host: candyi.xyz URL: https://candyi.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash Request headers Referer https://candyi.xyz/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 20 Jul 2023 16:06:23 GMT Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H2	200	html.4042730.8f69c.0.js Show response d2tk42wfs4q183.cloudfront.net/public/external/v2/	9 KB 10 KB	698ms 239ms	Script application/javascript	2600:9000:2512:ac00:2:bbbb:2cc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2tk42wfs4q183.cloudfront.net/public/external/v2/html.4042730.8f69c.0.js Requested by Host: d1xv7hxes9rviq.cloudfront.net URL: https://d1xv7hxes9rviq.cloudfront.net/8dd09cf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:ac00:2:bbbb:2cc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e1d9eedd034f3b7755116b29531d29c4134ae2258c0d99a2fb27cc0a0279032b Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:24 GMT via 1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id XcuA0U_dKwg9M4rp_cQRL6yLj5Pg3_40P-jjI6wLqhNTW0YyWcNL8Q==
GET H2	200	css_front.css d2tk42wfs4q183.cloudfront.net/public/external/	6 KB 7 KB	619ms 161ms	Stylesheet text/css	2600:9000:2512:ac00:2:bbbb:2cc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2tk42wfs4q183.cloudfront.net/public/external/css_front.css Requested by Host: d1xv7hxes9rviq.cloudfront.net URL: https://d1xv7hxes9rviq.cloudfront.net/8dd09cf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:ac00:2:bbbb:2cc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:24 GMT via 1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P7 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id wu47YMA1Fjg8l6U7NZHMrj0_ZEC4KnduAwJiycHvE2PYZP7IrcJsUQ==
GET H2	200	css.css d2tk42wfs4q183.cloudfront.net/public/clockers/CustomButton/	1010 B 1 KB	3306ms 3305ms	Stylesheet text/css	2600:9000:2512:ac00:2:bbbb:2cc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2tk42wfs4q183.cloudfront.net/public/clockers/CustomButton/css.css Requested by Host: d1xv7hxes9rviq.cloudfront.net URL: https://d1xv7hxes9rviq.cloudfront.net/8dd09cf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:ac00:2:bbbb:2cc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:24 GMT via 1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P7 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id 6QSULYoyQIjr87pZQA8jnIjA8UDm8XXQ9D_Vi4c0jqWK8X5p89F7lA==
GET H2	200	guid Show response d2tk42wfs4q183.cloudfront.net/public/	0 276 B	3180ms 3180ms	Script text/html	2600:9000:2512:ac00:2:bbbb:2cc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2tk42wfs4q183.cloudfront.net/public/guid?cpguid=4w8iotu27&e=ll&t=1689869184862 Requested by Host: d1xv7hxes9rviq.cloudfront.net URL: https://d1xv7hxes9rviq.cloudfront.net/8dd09cf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:ac00:2:bbbb:2cc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:27 GMT via 1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id phvs8F0ot45a5ZAwCT7okjSCHJFPsfTKHxoXAj1liaB5WX8m7js2DA==
GET H2	200	check.php Show response d2tk42wfs4q183.cloudfront.net/public/external/	78 B 373 B	1466ms 1465ms	Script application/javascript	2600:9000:2512:ac00:2:bbbb:2cc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2tk42wfs4q183.cloudfront.net/public/external/check.php?it=4042730&time=1689869186572 Requested by Host: d1xv7hxes9rviq.cloudfront.net URL: https://d1xv7hxes9rviq.cloudfront.net/8dd09cf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:ac00:2:bbbb:2cc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language en-US,en;q=0.9 Referer https://candyi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 16:06:27 GMT via 1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront) server Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id feSml4EYNK-dVTEsFqmIyCte1ViL8GZd3YPgrHAF6EABWCEoXSAYjw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.blogger.com

URL

https://www.blogger.com/navbar.g?targetBlogID=6137141052217021966&blogName=Candy&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://candy-box4u.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://candy-box4u.blogspot.com/&vt=-5472332831659770370&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__

Domain

www.blogger.com

URL

https://www.blogger.com/navbar.g?targetBlogID=1256085780455876648&blogName=Candycharmed&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://candy-sugarbox.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://candy-sugarbox.blogspot.com/&vt=-7226758143101930601&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.S9zOXUg9rrA.O%2Fd%3D1%2Frs%3DAHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ%2Fm%3D__features__

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| gtag object| dataLayer function| setAttributeOnload object| gapi object| ___jsl object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| atOptions object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal number| uidEvent object| bootstrap object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker number| countDownDate number| x

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.candyi.xyz/	1970-01-20 23:00:29	Name: _ga_3LC7K054HT Value: GS1.1.1689869182.1.0.1689869182.0.0.0
			.candyi.xyz/	1970-01-20 23:00:29	Name: _ga Value: GA1.1.2031114215.1689869183
			candyi.xyz/	1970-01-20 13:38:53	Name: _cpguid Value: 4w8iotu27

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://candyi.xyz/(Line 550) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://candyi.xyz/(Line 550) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://candyi.xyz/(Line 560) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://candyi.xyz/(Line 560) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://candyi.xyz/(Line 570) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://candyi.xyz/(Line 570) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.profitabledisplaynetwork.com/339d6d4ee392be55776ba1ac13bf9ed6/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)