urlscan.io logo urlscan.io
SecurityTrails logo

payments.candid.ly Open in urlscan Pro
52.35.24.201  Public Scan

Go To Rescan Add Verdict Report
URL: https://payments.candid.ly/
Submission: On February 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 47 HTTP transactions. The main IP is 52.35.24.201, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is payments.candid.ly.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 9th 2023. Valid for: 5 months.
This is the only time payments.candid.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 52.35.24.201 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.16 16509 (AMAZON-02)
1 13.32.121.38 16509 (AMAZON-02)
1 52.84.106.55 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 13.32.27.15 16509 (AMAZON-02)
1 52.12.237.62 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.21 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 13.32.99.52 16509 (AMAZON-02)
2 52.218.236.217 16509 (AMAZON-02)
1 34.120.195.249 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.118 16509 (AMAZON-02)
1 63.32.143.51 16509 (AMAZON-02)
1 18.66.112.79 16509 (AMAZON-02)
2 18.66.137.154 16509 (AMAZON-02)
1 2600:1f18:24e... 14618 (AMAZON-AES)
4 13.32.110.41 16509 (AMAZON-02)
4 35.81.104.174 16509 (AMAZON-02)
47 24
4    52.35.24.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-24-201.us-west-2.compute.amazonaws.com
payments.candid.ly
api.payments.getcandidly.com
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.32.99.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-16.fra60.r.cloudfront.net
js.iterable.com
1    13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net
cdn.plaid.com
1    52.84.106.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-55.bud50.r.cloudfront.net
payitoff-cdn.io
1    2600:9000:21f3:7200:18:a6fe:c940:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.getcandidly.com
1    13.32.27.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-15.fra56.r.cloudfront.net
static.hotjar.com
1    52.12.237.62 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-237-62.us-west-2.compute.amazonaws.com
futurefuel-dev.us1app.churnzero.net
2    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
2    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    13.32.99.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-52.fra60.r.cloudfront.net
beacon-v2.helpscout.net
2    52.218.236.217 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
ff-cookie-test.s3-us-west-2.amazonaws.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4504157511942144.ingest.sentry.io
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net
vars.hotjar.com
1    63.32.143.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-143-51.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
vc.hotjar.io
2    18.66.137.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-154.fra60.r.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
1    2600:1f18:24e6:b901:1dde:f210:70d7:f875 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
4    13.32.110.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-41.vie50.r.cloudfront.net
bihu9n79vl.execute-api.us-west-2.amazonaws.com
4    35.81.104.174 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-104-174.us-west-2.compute.amazonaws.com
api2.amplitude.com
Apex Domain
Subdomains		 Transfer
6 amazonaws.com
ff-cookie-test.s3-us-west-2.amazonaws.com
bihu9n79vl.execute-api.us-west-2.amazonaws.com
2 KB
4 amplitude.com
api2.amplitude.com — Cisco Umbrella Rank: 1427
573 B
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 366
190 KB
4 helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 9880
135 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 617
script.hotjar.com — Cisco Umbrella Rank: 787
vars.hotjar.com — Cisco Umbrella Rank: 835
in.hotjar.com — Cisco Umbrella Rank: 1680
73 KB
3 getcandidly.com
static.getcandidly.com
api.payments.getcandidly.com
60 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
143 KB
2 cloudfront.net
d3hb14vkzrxvla.cloudfront.net
8 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6211
563 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
563 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
2 KB
2 candid.ly
payments.candid.ly
437 KB
1 browser-intake-datadoghq.com
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2446
286 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2177
257 B
1 sentry.io
o4504157511942144.ingest.sentry.io
319 B
1 churnzero.net
futurefuel-dev.us1app.churnzero.net
140 KB
1 payitoff-cdn.io
payitoff-cdn.io
8 KB
1 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 14998
41 KB
1 iterable.com
js.iterable.com — Cisco Umbrella Rank: 46807
3 KB
47 19
Domain Requested by
4 api2.amplitude.com payments.candid.ly
4 bihu9n79vl.execute-api.us-west-2.amazonaws.com payments.candid.ly
4 maps.googleapis.com payments.candid.ly
maps.googleapis.com
4 beacon-v2.helpscout.net payments.candid.ly
beacon-v2.helpscout.net
3 www.googletagmanager.com payments.candid.ly
www.googletagmanager.com
2 d3hb14vkzrxvla.cloudfront.net payments.candid.ly
2 api.payments.getcandidly.com payments.candid.ly
2 ff-cookie-test.s3-us-west-2.amazonaws.com payments.candid.ly
ff-cookie-test.s3-us-west-2.amazonaws.com
2 www.google.de payments.candid.ly
2 www.google.com payments.candid.ly
2 googleads.g.doubleclick.net www.googletagmanager.com
2 payments.candid.ly payments.candid.ly
1 rum.browser-intake-datadoghq.com payments.candid.ly
1 vc.hotjar.io payments.candid.ly
1 in.hotjar.com payments.candid.ly
1 vars.hotjar.com static.hotjar.com
1 o4504157511942144.ingest.sentry.io payments.candid.ly
1 script.hotjar.com static.hotjar.com
1 futurefuel-dev.us1app.churnzero.net payments.candid.ly
1 static.hotjar.com payments.candid.ly
1 static.getcandidly.com payments.candid.ly
1 payitoff-cdn.io payments.candid.ly
1 cdn.plaid.com payments.candid.ly
1 js.iterable.com payments.candid.ly
47 24

This site contains no links.

Subject Issuer Validity Valid
payments.candid.ly
Amazon RSA 2048 M02		 2023-02-09 -
2023-07-02		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
iterable.com
Amazon		 2022-05-23 -
2023-06-21		 a year crt.sh
secure.plaid.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-08 -
2023-04-08		 a year crt.sh
payitoff-cdn.io
Amazon		 2022-08-23 -
2023-09-20		 a year crt.sh
static.getcandidly.com
Amazon RSA 2048 M02		 2022-10-14 -
2023-11-12		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.churnzero.net
Amazon RSA 2048 M01		 2023-02-07 -
2023-07-15		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.helpscout.net
Amazon		 2022-04-18 -
2023-05-16		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2022-09-21 -
2023-08-24		 a year crt.sh
*.dev.futurefuel.io
Amazon		 2022-08-16 -
2023-09-13		 a year crt.sh
*.ingest.sentry.io
R3		 2022-12-18 -
2023-03-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-07-22		 a year crt.sh
*.execute-api.us-west-2.amazonaws.com
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh

This page contains 3 frames:

Primary Page: https://payments.candid.ly/
Frame ID: 36C209D506BB232AA97D8047C9201322
Requests: 37 HTTP requests in this frame

Frame: https://ff-cookie-test.s3-us-west-2.amazonaws.com/read-cookie.html
Frame ID: 08CAE59DC55803EA7D0CF4D83F87CBEF
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 6793C8C4EC92A6781F4AD1A994389B97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Candidly

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

47
Requests

91 %
HTTPS

30 %
IPv6

19
Domains

24
Subdomains

24
IPs

3
Countries

1243 kB
Transfer

4036 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payments.candid.ly/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.candid.ly/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.24.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-24-201.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
bd226c46bbc9fa0cdcaaa36495471f192eccfab694fcbca9d84901734cb680fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 09 Feb 2023 20:07:37 GMT
etag
W/"63e5409c-1178"
last-modified
Thu, 09 Feb 2023 18:51:08 GMT
server
nginx
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-125630340-1
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6067b83fe45cd22f02fd10efc20f956065cd4b40a692ca4af34721fde1fa1180
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44093
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Feb 2023 20:07:37 GMT
analytics.js
js.iterable.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.iterable.com/analytics.js
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b07ff9cb3ee66f1f0e4c708320ea5d9d6487d1b15e022416d914e214df163aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Thu, 09 Feb 2023 04:07:04 GMT
Via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
Last-Modified
Fri, 18 Dec 2015 02:22:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
Age
57634
ETag
"92ec746618875057f06112a34d2770a9"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2281
X-Amz-Cf-Id
A4tbd7dh9YLgRhlPAPsPzOmYw-nm7qE2TlpiFBOCMKhrqPK0ucZqug==
179.72a6ca1985282f298d3f.js
payments.candid.ly/ 		1 MB
435 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.24.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-24-201.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
141aa6f531d456259ae46d8315f588b4e7eba03e231263ac9d83c3077b219865

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:37 GMT
content-encoding
gzip
last-modified
Thu, 09 Feb 2023 18:51:08 GMT
server
nginx
etag
W/"63e5409c-17f171"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
link-initialize.js
cdn.plaid.com/link/v2/stable/ 		132 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe8b554de962a57ea429bfcbe23027d41786d2b2dd076ff03c6ae9bf5bd3c4e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
9RRrljPPsVI6R4.W0c2DLd4ASVcSEd2p
content-encoding
gzip
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
date
Thu, 09 Feb 2023 19:27:57 GMT
x-amz-request-id
NEW66MS400SDTNDY
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
age
2393
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-id-2
wURMYIxbhYfZUEZ/ppnGzAG3WWWzUYM6BFelEOjGuefrVGeN+4LtOhkfJ0/5vyJexnTV3zMpN0I=
last-modified
Wed, 08 Feb 2023 19:08:58 GMT
server
AmazonS3
etag
W/"b0437db93677c2ea10ee5d3126b9ccfa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-id
aOfv6r4y1aJ8uFWdkkEgtmTtfrbL_lQbeBmvNgDL7tisjCPJM55VQA==
v1
payitoff-cdn.io/sandbox/nexus/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payitoff-cdn.io/sandbox/nexus/js/v1
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-55.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c2361287c8dc0bfc6e91e1ce00c6e51e06a99051f82b7bec6bd479dbff5c44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:39 GMT
via
1.1 4bcdb4b620ec4693e662abfb6a510094.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 18:50:13 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
"ddeac252e096172412c58ef95b6e36bd"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, must-revalidate
accept-ranges
bytes
content-length
8014
x-amz-cf-id
oQZTVGpQYkeVqBXgOMQxOnv0EMFge06Nfbu-MgDqMIt4pSv7LuF4ZA==
key-widget.payments.js
static.getcandidly.com/ 		198 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getcandidly.com/key-widget.payments.js
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7200:18:a6fe:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bbba731e0e19db17b72f9d05770b135e5d063e84d57e9883824bcdfea3556f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:38 GMT
x-amz-version-id
ngwpU3V4dGAFJtmnTBL5yfpyCTib4vzH
content-encoding
br
last-modified
Thu, 09 Feb 2023 18:48:01 GMT
server
AmazonS3
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"2bf799866cbb8c69fde1edcbb26fe970"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
y88NEF466_UZu0nILKTST7idjBHGRAPniQR7Mz9BhEWOZ2pm-L2CsA==
js
www.googletagmanager.com/gtag/ 		129 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-925700628&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125630340-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54bf96e2a24b18793ad97b24fee4f7bdc8d0e2c0490a7022530a16e3b7e5ebbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50881
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Feb 2023 20:07:37 GMT
js
www.googletagmanager.com/gtag/ 		129 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-475656849&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125630340-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5890f330750784199af368205f0658f3a709aab17e7c4477a89ac11e69b03dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50755
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Feb 2023 20:07:37 GMT
hotjar-1438401.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1438401.js?sv=6
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-15.fra56.r.cloudfront.net
Software
/
Resource Hash
80cd52fd95d8bfff73f723ee489253c5a34608986ede0e142c1c9455136ec988
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
etag
W/7020363dbe250d9b09babb08e74b5852
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
8yFACn8Ix1uw5wX4-ccMNdUxUa_hrW3VhV5sIfR4SO9CavLAGxMkfw==
churnzero.js
futurefuel-dev.us1app.churnzero.net/ 		492 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://futurefuel-dev.us1app.churnzero.net/churnzero.js
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.12.237.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-237-62.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
876381e7f6fe735609208006216874b98aad1cc4fb1786488746a7b8234cd7ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:37 GMT
content-encoding
br
last-modified
Thu, 09 Feb 2023 17:57:24 GMT
etag
"1d93caff6b575d0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
x-cz-server-id
147225 (3)
x-cz-request-id
d50c2243afdc4865a0acde6899a1e766
accept-ranges
bytes
expires
Thu, 09 Feb 2023 20:22:37 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/925700628/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925700628/?random=1675973257502&cv=11&fst=1675973257502&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpayments.candid.ly%2F&tiba=Candidly&auid=1696321605.1675973258&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-925700628&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85947324903a1a81aad9a435f25666a4bd934a0880285a7493356a2eedfac4f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 20:07:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
867
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/475656849/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475656849/?random=1675973257520&cv=11&fst=1675973257520&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpayments.candid.ly%2F&tiba=Candidly&auid=1696321605.1675973258&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-475656849&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b87f3d3acbe8dff8e0990333dcaf0a6114802184f503035359b0761cab079a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 20:07:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
868
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.0492ab42ba50009f675e.js
script.hotjar.com/ 		261 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0492ab42ba50009f675e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1438401.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
e8619b30c1c5c6d28901b387407880c9719e9f699abae0429e1b8ec048ab297d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 10:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
35371
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68088
last-modified
Thu, 09 Feb 2023 10:18:03 GMT
etag
"1325e2dfb930ba5ab688f4703113cfab"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
DEi_LtJbJA5SQhErCxcrJ1FAHR_tqWANMLgtjMwLt5uny1JCbSDiXg==
/
www.google.com/pagead/1p-user-list/925700628/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/925700628/?random=1675973257502&cv=11&fst=1675972800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fpayments.candid.ly%2F&tiba=Candidly&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1900681293&rmt_tld=0&ipr=y
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 20:07:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/925700628/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/925700628/?random=1675973257502&cv=11&fst=1675972800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fpayments.candid.ly%2F&tiba=Candidly&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1900681293&rmt_tld=1&ipr=y
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 20:07:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/475656849/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/475656849/?random=1675973257520&cv=11&fst=1675972800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fpayments.candid.ly%2F&tiba=Candidly&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4229954597&rmt_tld=0&ipr=y
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 20:07:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/475656849/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/475656849/?random=1675973257520&cv=11&fst=1675972800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fpayments.candid.ly%2F&tiba=Candidly&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4229954597&rmt_tld=1&ipr=y
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 20:07:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
beacon-v2.helpscout.net/ 		458 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5f2e5bcefe1dbde7b2849210cc8c5a42e73f8f605b71e5d9a2893914048a8c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:06:53 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 06 Feb 2023 12:10:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
46
etag
"2daa9b8f974a64dadfb899d6b88c866b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120, s-maxage=120, public
accept-ranges
bytes
content-length
327
x-amz-cf-id
CohtExd4UWEVjoh2m4FZ4wnVNJCFm3SzQ16b-e0M_I_MXC_rttjiRw==
index.html
ff-cookie-test.s3-us-west-2.amazonaws.com/ Frame 08CA 		228 B
622 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ff-cookie-test.s3-us-west-2.amazonaws.com/index.html
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.236.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c4a3c56f2f22c43979a18d1dd5e65bbfd03386032f065da061f64b960623e2f3

Request headers

Referer
https://payments.candid.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
228
Content-Type
text/html
Date
Thu, 09 Feb 2023 20:07:40 GMT
ETag
"ef96867e019f01c714861cf7a45f2e7b"
Last-Modified
Tue, 09 Nov 2021 16:53:57 GMT
Server
AmazonS3
x-amz-id-2
eKEFmSw9tpYjUcxRFQPU2UY7DYQzKV1oY4OGqCvO72Qu1majbXvmX1UfvaqdJBq40OvvSeijhrQ=
x-amz-request-id
T07CVD5TJ2WHQGGX
x-amz-server-side-encryption
AES256
resolve-url
api.payments.getcandidly.com/api/1/auth/config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.payments.getcandidly.com/api/1/auth/config/resolve-url?url=https://payments.candid.ly
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.24.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-24-201.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://payments.candid.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-length
11
content-type
text/plain; charset=utf-8
date
Thu, 09 Feb 2023 20:07:39 GMT
server
awselb/2.0
states
api.payments.getcandidly.com/api/1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.payments.getcandidly.com/api/1/auth/states
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.24.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-24-201.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://payments.candid.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-length
11
content-type
text/plain; charset=utf-8
date
Thu, 09 Feb 2023 20:07:39 GMT
server
awselb/2.0
resolve-url
api.payments.getcandidly.com/api/1/auth/config/ 		0
0
states
api.payments.getcandidly.com/api/1/auth/ 		0
0
/
o4504157511942144.ingest.sentry.io/api/4504157513973766/envelope/ 		41 B
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4504157511942144.ingest.sentry.io/api/4504157513973766/envelope/?sentry_key=dba5690ff2354d3fb0063fd6d16cee59&sentry_version=7&sentry_client=sentry.javascript.react%2F7.19.0
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ebfc8d0f4803498fe6cd09e3342bd1f3257f33aa721c40946d07b229196cbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payments.candid.ly/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 09 Feb 2023 20:07:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://payments.candid.ly
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
js
maps.googleapis.com/maps/api/ 		168 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyB_KldQgq4PROFNftQPKbcEQVuLzBqiey0&libraries=places&callback=__jp0
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
ca19bb30a66ae10d17d75b14a56af59e989d2768a01831007f9517522f0ce76f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:38 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=34
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56079
x-xss-protection
0
expires
Thu, 09 Feb 2023 20:37:38 GMT
box-e031119f9e9e307a08fa610f85dbfb52.html
vars.hotjar.com/ Frame 6793 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1438401.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-118.fra53.r.cloudfront.net
Software
/
Resource Hash
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://payments.candid.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
543452
cache-control
max-age=31536000
content-encoding
br
content-length
1034
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:10:06 GMT
etag
"112fdf47cdb80b9ce3d033ed09717460"
last-modified
Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id
ovh5Rfkd9s6k7YtwpI1RBvy0smm4jQ_3jjgcJazyAgFGaWEwJHrfpQ==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
vendor.df61c9e9.js
beacon-v2.helpscout.net/static/js/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.df61c9e9.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd66cf170ac133889da9bf1aeb0f815ed76e2dfd128e4ced3359dbdedb660a80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 18:50:53 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 06 Feb 2023 12:10:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4606
etag
"ec4b5e43c72431b1288a8bad8d16351d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
content-length
22208
x-amz-cf-id
CCwM0Zu8O281Ao88sM5rIaSQPduvlPFwe7gFFhfgvhZnOM6zhKElIw==
main.9e1578ca.js
beacon-v2.helpscout.net/static/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.9e1578ca.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46d429e2fdf7f4fbc84c495aa71b810b359166911dc0a8f388ca0dc3be68e3dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 18:50:54 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 06 Feb 2023 12:10:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4605
etag
"daa31355fccebc09900e261285ea8bc2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
content-length
9550
x-amz-cf-id
1COOW2N4ZzMOhfmmF2oxw0ac92UhCsGjLQronD2KkIr9BRXuMEKOLw==
full-beacon-init.2cadc269.chunk.js
beacon-v2.helpscout.net/static/js/ 		332 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/full-beacon-init.2cadc269.chunk.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/main.9e1578ca.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
917fb4d6961f8d3428440bc71eb2dc5591edd64bec5c773aa9a52a232f3fca67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 19:44:23 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 06 Feb 2023 12:10:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1396
etag
"de7f75c901490c152e5daec6127186b9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
content-length
103919
x-amz-cf-id
ioQec2F_OUMmBHoz-vyaxlXK7IxzH-InOm78GwD2DtdVQcOPBlkNmw==
visit-data
in.hotjar.com/api/v2/client/sites/1438401/ 		147 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1438401/visit-data?sv=6
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.143.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-143-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7622f903aea5ca12c0cedd665448ad8496c4c9b954f42768c55f1a011897797b

Request headers

Referer
https://payments.candid.ly/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 09 Feb 2023 20:07:39 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
1438401
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1438401?s=0.25&r=0.013260904058596035
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:38 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
1_vF-f0MiamZhD4Y08wZQM34h6EtfRsNlJ3qB0CnQtnsbOo51ekHbA==
074ec096-ea05-419b-9307-540064f01ab6
d3hb14vkzrxvla.cloudfront.net/v1/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/074ec096-ea05-419b-9307-540064f01ab6
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-154.fra60.r.cloudfront.net
Software
/
Resource Hash
8fdaf1cc259d855a5469423ed7edbd3e3a68466f1a1d5accba7abcdba8198b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

correlationId
ab51a8ab-2ffa-4d86-af21-714cd01e6bb9
Helpscout-Release
2.2.71
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Accept
application/json, text/plain, */*
Beacon-Device-ID
aeac14be-cd1d-423c-b25f-661be5fb2ff6
Referer
https://payments.candid.ly/
Helpscout-Origin
Beacon-Embed

Response headers

date
Thu, 09 Feb 2023 20:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-ratelimit-remaining-identify-hour
25
x-ratelimit-limit-general-minute
60
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-limit-attachments-hour
10
x-ratelimit-limit-conversations-hour
10
vary
Origin,Access-Control-Request-Method
x-ratelimit-remaining-attachments-hour
10
access-control-allow-origin
https://payments.candid.ly
x-ratelimit-remaining-general-minute
60
access-control-expose-headers
Resource-ID
cache-control
max-age=300
access-control-allow-credentials
true
content-type
application/json
x-amz-cf-id
on-0lKYb-sF-a_7mQtqMfm8-rUnEXlSH8QHlsk6g3jQZ-fTbkTp1fg==
x-ratelimit-limit-chat-tokens-hour
25
074ec096-ea05-419b-9307-540064f01ab6
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/074ec096-ea05-419b-9307-540064f01ab6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-154.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
beacon-device-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method
GET
Origin
https://payments.candid.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods
GET
access-control-allow-origin
https://payments.candid.ly
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 09 Feb 2023 20:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
x-amz-cf-id
IrT3Ei4MayRwRBQJyYjoOrqiTi3Uk80N6QzFxXjxUtpHfhVAV2XA9A==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-ratelimit-limit-attachments-hour
10
x-ratelimit-limit-chat-tokens-hour
25
x-ratelimit-limit-conversations-hour
10
x-ratelimit-limit-general-minute
60
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-attachments-hour
10
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-remaining-general-minute
60
x-ratelimit-remaining-identify-hour
25
rum
rum.browser-intake-datadoghq.com/api/v2/ 		53 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.29.0%2Capi%3Afetch%2Cenv%3Apayments%2Cservice%3Afrontend-platform&dd-api-key=pubba3e205cc62a7e9daa539a7349ef92d0&dd-evp-origin-version=4.29.0&dd-evp-origin=browser&dd-request-id=28ed3974-bd7a-4927-bfeb-8b37d4bab566&batch_time=1675973258915
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:1dde:f210:70d7:f875 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
effec0f55e253ca3e6b5ab981e2029b361c13c9adbcb605ce017501d953a683b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.candid.ly/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 09 Feb 2023 20:07:39 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 20:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://payments.candid.ly
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
sandbox
bihu9n79vl.execute-api.us-west-2.amazonaws.com/ 		0
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bihu9n79vl.execute-api.us-west-2.amazonaws.com/sandbox
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-41.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://payments.candid.ly/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-api-key
pyzDDTeUUq5PkT4JK304C3Ndl8kCS1hYvoU8G2E2
Content-Type
application/json

Response headers

date
Thu, 09 Feb 2023 20:07:40 GMT
via
1.1 412b915bb2572a86aaa8bdf21eb381fc.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amzn-trace-id
Root=1-63e5528c-474446427715b24d16d24fa4;Sampled=0
x-amzn-requestid
af50ee5e-a659-4f97-9541-36ee7910f098
x-cache
Miss from cloudfront
access-control-allow-origin
*
access-control-allow-headers
*
x-amz-apigw-id
AFnV-FnhvHcFVsQ=
x-amz-cf-id
Gw1e1B9akYu4MifxbYWIsLqoXld_WYwgXEIqRGRoCimwTCJ717KJlQ==
sandbox
bihu9n79vl.execute-api.us-west-2.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bihu9n79vl.execute-api.us-west-2.amazonaws.com/sandbox
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-41.vie50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://payments.candid.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 09 Feb 2023 20:07:39 GMT
via
1.1 412b915bb2572a86aaa8bdf21eb381fc.cloudfront.net (CloudFront)
x-amz-apigw-id
AFnV5EgMvHcFraw=
x-amz-cf-id
GubtAuFfhPTfNarOONfH1mWgOsqMerwQITHPtt9HCFVivo6K0AYuSg==
x-amz-cf-pop
VIE50-C2
x-amzn-requestid
6a3079e1-3238-428e-9a0a-3cfd5fdfbeb9
x-cache
Miss from cloudfront
read-cookie.html
ff-cookie-test.s3-us-west-2.amazonaws.com/ Frame 08CA 		306 B
700 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ff-cookie-test.s3-us-west-2.amazonaws.com/read-cookie.html
Requested by
Host: ff-cookie-test.s3-us-west-2.amazonaws.com
URL: https://ff-cookie-test.s3-us-west-2.amazonaws.com/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.236.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c4ab94381a68d2eb9962003194fbbb5aa2736068a400dc3419caa76ae5e39e58

Request headers

Referer
https://ff-cookie-test.s3-us-west-2.amazonaws.com/index.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
306
Content-Type
text/html
Date
Thu, 09 Feb 2023 20:07:40 GMT
ETag
"d40a7ad3122f45d9f050ad1540d0f5ac"
Last-Modified
Tue, 09 Nov 2021 16:53:58 GMT
Server
AmazonS3
x-amz-id-2
2WzwcHTWvdPBNpKWuwX9jZIuEGeHAj9JG7JD4BINK9j+sOX1XD1KgEA3NiSGT/gu7G2jTRUs2tA=
x-amz-request-id
T0730FQCV4QE4G92
x-amz-server-side-encryption
AES256
sandbox
bihu9n79vl.execute-api.us-west-2.amazonaws.com/ 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bihu9n79vl.execute-api.us-west-2.amazonaws.com/sandbox
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-41.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://payments.candid.ly/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-api-key
pyzDDTeUUq5PkT4JK304C3Ndl8kCS1hYvoU8G2E2
Content-Type
application/json

Response headers

date
Thu, 09 Feb 2023 20:07:40 GMT
via
1.1 412b915bb2572a86aaa8bdf21eb381fc.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amzn-trace-id
Root=1-63e5528c-352bfbcd7d688ab06292be9a;Sampled=0
x-amzn-requestid
072ac9e1-fed0-42e9-a317-4193f4cbc48c
x-cache
Miss from cloudfront
access-control-allow-origin
*
access-control-allow-headers
*
x-amz-apigw-id
AFnV_Gl3PHcFUog=
x-amz-cf-id
x7_CTTF2v6HzXI9LCL49So3ggVLUWqEKC7_71AM91pnIA6L3KshR6Q==
sandbox
bihu9n79vl.execute-api.us-west-2.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bihu9n79vl.execute-api.us-west-2.amazonaws.com/sandbox
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-41.vie50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://payments.candid.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 09 Feb 2023 20:07:39 GMT
via
1.1 412b915bb2572a86aaa8bdf21eb381fc.cloudfront.net (CloudFront)
x-amz-apigw-id
AFnV6GUuvHcFoUg=
x-amz-cf-id
00GznoP1ll8QIpJRchiwX4Un7DEX0wwOiyWtxPIosK-7KYGOmu-MbA==
x-amz-cf-pop
VIE50-C2
x-amzn-requestid
db3ebf40-2dd7-4fac-930a-94e4050a2668
x-cache
Miss from cloudfront
httpapi
api2.amplitude.com/2/ 		94 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.104.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-104-174.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1d91dce0736d2af9f0884c47a83020f49efa7f821cfdbfbd215e67f8eb84739b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://payments.candid.ly/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 09 Feb 2023 20:07:40 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-63e5528c-794aeeca6dbb95242708e548
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.104.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-104-174.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://payments.candid.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Thu, 09 Feb 2023 20:07:40 GMT
strict-transport-security
max-age=15768000
httpapi
api2.amplitude.com/2/ 		94 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: payments.candid.ly
URL: https://payments.candid.ly/179.72a6ca1985282f298d3f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.104.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-104-174.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
92a546e99ea72eaef2a2e4b532f814a1a8344de1f10e4b6da5e22df481487cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://payments.candid.ly/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 09 Feb 2023 20:07:40 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-63e5528c-283a93fc607cfebe2d5c571f
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.104.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-104-174.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://payments.candid.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Thu, 09 Feb 2023 20:07:40 GMT
strict-transport-security
max-age=15768000
common.js
maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/ 		271 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB_KldQgq4PROFNftQPKbcEQVuLzBqiey0&libraries=places&callback=__jp0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89f4bfb243c64700034205f9f502828188a1d79af038797e4ea5eb8a58501883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77338
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 18:44:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 11:58:52 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/ 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB_KldQgq4PROFNftQPKbcEQVuLzBqiey0&libraries=places&callback=__jp0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4075b8fb3933f638735fc6d574639bc1aa950fe9dee5f9c5e35e6d085086026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.candid.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59703
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 18:44:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 18:41:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.payments.getcandidly.com
URL
https://api.payments.getcandidly.com/api/1/auth/config/resolve-url?url=https://payments.candid.ly
Domain
api.payments.getcandidly.com
URL
https://api.payments.getcandidly.com/api/1/auth/states

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| oncontentvisibilityautostatechange function| createSubject object| ffOnScriptError$ object| ffNexusReady$ object| ffIterableReady$ object| ffKeyWidgetReady$ function| gtag object| dataLayer object| google_tag_manager object| iterableAnalytics object| _iaq function| hj object| _hjSettings object| ChurnZero object| Plaid object| webpackJsonpPlaid object| __core-js_shared__ object| google_tag_data object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| Nexus object| FutureFuel object| analyticsConnectorInstances function| Beacon object| webpackChunkfuturefuel_frontend object| regeneratorRuntime object| DD_RUM object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| __sentry_instrumentation_handlers__ object| __tracerCZ function| __jp0 object| beaconJsonp function| __onBeaconDestroy object| beaconStore object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView

12 Cookies

Domain/Path Name / Value
.candid.ly/ Name: _gcl_au
Value: 1.1.1696321605.1675973258
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.candid.ly/ Name: _hjSessionUser_1438401
Value: eyJpZCI6ImI5ZTE3YWJjLTZiMmItNTI4Ni04YTYzLTFlZjcwM2QxYWE5ZSIsImNyZWF0ZWQiOjE2NzU5NzMyNTc2MjEsImV4aXN0aW5nIjpmYWxzZX0=
.candid.ly/ Name: _hjFirstSeen
Value: 1
payments.candid.ly/ Name: _hjIncludedInSessionSample
Value: 1
.candid.ly/ Name: _hjSession_1438401
Value: eyJpZCI6IjQ3ZjQwNjlmLWYzNGYtNDI2Zi05OGY1LTBlYmY5YzU4NWQyYyIsImNyZWF0ZWQiOjE2NzU5NzMyNTg4NjQsImluU2FtcGxlIjp0cnVlfQ==
payments.candid.ly/ Name: _hjIncludedInPageviewSample
Value: 1
.candid.ly/ Name: _hjAbsoluteSessionInProgress
Value: 1
ff-cookie-test.s3-us-west-2.amazonaws.com/ Name: s
Value: 1
.candid.ly/ Name: AMP_d42d82fde0
Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmJmN2RhNjg1LTQyNmQtNDgzMy05NjcxLWM3OTRkYWEyYzc5NCUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjc1OTczMjU5NTc0JTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY3NTk3MzI1ODgwNiU3RA==
.candid.ly/ Name: AMP_MKTG_d42d82fde0
Value: JTdCJTdE
payments.candid.ly/ Name: _dd_s
Value: rum=2&id=307a70be-111f-4be5-9a41-f6f382d15932&created=1675973258736&expire=1675974158736

4 Console Messages

Source Level URL
Text
javascript error URL: https://payments.candid.ly/
Message:
Access to XMLHttpRequest at 'https://api.payments.getcandidly.com/api/1/auth/config/resolve-url?url=https://payments.candid.ly' from origin 'https://payments.candid.ly' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.payments.getcandidly.com/api/1/auth/config/resolve-url?url=https://payments.candid.ly
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://payments.candid.ly/
Message:
Access to XMLHttpRequest at 'https://api.payments.getcandidly.com/api/1/auth/states' from origin 'https://payments.candid.ly' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.payments.getcandidly.com/api/1/auth/states
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.payments.getcandidly.com
api2.amplitude.com
beacon-v2.helpscout.net
bihu9n79vl.execute-api.us-west-2.amazonaws.com
cdn.plaid.com
d3hb14vkzrxvla.cloudfront.net
ff-cookie-test.s3-us-west-2.amazonaws.com
futurefuel-dev.us1app.churnzero.net
googleads.g.doubleclick.net
in.hotjar.com
js.iterable.com
maps.googleapis.com
o4504157511942144.ingest.sentry.io
payitoff-cdn.io
payments.candid.ly
rum.browser-intake-datadoghq.com
script.hotjar.com
static.getcandidly.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
www.google.com
www.google.de
www.googletagmanager.com
api.payments.getcandidly.com
13.32.110.41
13.32.121.38
13.32.27.15
13.32.27.21
13.32.99.16
13.32.99.52
143.204.215.118
18.66.112.79
18.66.137.154
2600:1f18:24e6:b901:1dde:f210:70d7:f875
2600:9000:21f3:7200:18:a6fe:c940:93a1
2a00:1450:4001:80b::2004
2a00:1450:4001:811::2008
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a00:1450:400d:802::2002
34.120.195.249
35.81.104.174
52.12.237.62
52.218.236.217
52.35.24.201
52.84.106.55
63.32.143.51
141aa6f531d456259ae46d8315f588b4e7eba03e231263ac9d83c3077b219865
1b07ff9cb3ee66f1f0e4c708320ea5d9d6487d1b15e022416d914e214df163aa
1d91dce0736d2af9f0884c47a83020f49efa7f821cfdbfbd215e67f8eb84739b
46d429e2fdf7f4fbc84c495aa71b810b359166911dc0a8f388ca0dc3be68e3dd
48ebfc8d0f4803498fe6cd09e3342bd1f3257f33aa721c40946d07b229196cbb
4bbba731e0e19db17b72f9d05770b135e5d063e84d57e9883824bcdfea3556f4
54bf96e2a24b18793ad97b24fee4f7bdc8d0e2c0490a7022530a16e3b7e5ebbf
5890f330750784199af368205f0658f3a709aab17e7c4477a89ac11e69b03dc4
6067b83fe45cd22f02fd10efc20f956065cd4b40a692ca4af34721fde1fa1180
7622f903aea5ca12c0cedd665448ad8496c4c9b954f42768c55f1a011897797b
80cd52fd95d8bfff73f723ee489253c5a34608986ede0e142c1c9455136ec988
85947324903a1a81aad9a435f25666a4bd934a0880285a7493356a2eedfac4f6
876381e7f6fe735609208006216874b98aad1cc4fb1786488746a7b8234cd7ad
89f4bfb243c64700034205f9f502828188a1d79af038797e4ea5eb8a58501883
8c2361287c8dc0bfc6e91e1ce00c6e51e06a99051f82b7bec6bd479dbff5c44a
8fdaf1cc259d855a5469423ed7edbd3e3a68466f1a1d5accba7abcdba8198b92
917fb4d6961f8d3428440bc71eb2dc5591edd64bec5c773aa9a52a232f3fca67
92a546e99ea72eaef2a2e4b532f814a1a8344de1f10e4b6da5e22df481487cb7
b87f3d3acbe8dff8e0990333dcaf0a6114802184f503035359b0761cab079a23
bd226c46bbc9fa0cdcaaa36495471f192eccfab694fcbca9d84901734cb680fb
bd66cf170ac133889da9bf1aeb0f815ed76e2dfd128e4ced3359dbdedb660a80
c4075b8fb3933f638735fc6d574639bc1aa950fe9dee5f9c5e35e6d085086026
c4a3c56f2f22c43979a18d1dd5e65bbfd03386032f065da061f64b960623e2f3
c4ab94381a68d2eb9962003194fbbb5aa2736068a400dc3419caa76ae5e39e58
ca19bb30a66ae10d17d75b14a56af59e989d2768a01831007f9517522f0ce76f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d5f2e5bcefe1dbde7b2849210cc8c5a42e73f8f605b71e5d9a2893914048a8c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8619b30c1c5c6d28901b387407880c9719e9f699abae0429e1b8ec048ab297d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effec0f55e253ca3e6b5ab981e2029b361c13c9adbcb605ce017501d953a683b
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
fe8b554de962a57ea429bfcbe23027d41786d2b2dd076ff03c6ae9bf5bd3c4e3