candimax.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2d15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://candimax.pages.dev/
Submission: On November 09 via api (November 9th 2024, 12:17:35 pm UTC) from US — Scanned from CA

Summary HTTP 25 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2606:4700:310c::ac42:2d15, located in United States and belongs to CLOUDFLARENET, US. The main domain is candimax.pages.dev.
TLS certificate: Issued by WE1 on November 8th 2024. Valid for: 3 months.

This is the only time candimax.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:310... 2606:4700:310c::ac42:2d15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
8	104.18.25.122 104.18.25.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.66.45.21 172.66.45.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.40.227 142.251.40.227	15169 (GOOGLE) (GOOGLE)
3	142.250.72.97 142.250.72.97	15169 (GOOGLE) (GOOGLE)
25	7

3 2606:4700:310c::ac42:2d15 (United States)

ASN13335 (CLOUDFLARENET, US)

candimax.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.25.122 (None, )

ASN13335 (CLOUDFLARENET, US)

img.viva88athenae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.66.45.21 (United States)

ASN13335 (CLOUDFLARENET, US)

candimax.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.227 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.72.97 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	viva88athenae.com img.viva88athenae.com — Cisco Umbrella Rank: 29616	16 KB
8	pages.dev candimax.pages.dev	2 MB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 517	121 KB
2	gstatic.com fonts.gstatic.com	28 KB
25	4

	Domain	Requested by
8	img.viva88athenae.com	candimax.pages.dev
8	candimax.pages.dev	candimax.pages.dev
6	cdn.ampproject.org	candimax.pages.dev cdn.ampproject.org
2	fonts.gstatic.com	candimax.pages.dev
25	4

This site contains links to these domains. Also see Links.

Domain
candisana.xyz
direct.lc.chat

Subject Issuer	Validity	Valid
candimax.pages.dev WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
img.viva88athenae.com E6	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://candimax.pages.dev/
Frame ID: D455BB6BFF034BFA3CAC7F917D275A77
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Candi88 # Penyedia Slot Gacor Hari Ini Ternama Dan Terpercaya Di Indonesia

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

25
Requests

96 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

7
IPs

2
Countries

2710 kB
Transfer

3081 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://candisana.xyz/
Title: Masuk

Search URL Search Domain Scan URL

URL: https://candisana.xyz/?content=register&ref=reff1122
Title: Daftar Sekarang

Search URL Search Domain Scan URL

URL: https://direct.lc.chat/18097947/
Title: Livechat

Search URL Search Domain Scan URL

URL: https://candisana.xyz/m/downloads/candi88.apk

Search URL Search Domain Scan URL

URL: https://direct.lc.chat/15377859/
Title: LIVECHAT

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
candimax.pages.dev/ 39 KB
8 KB 181ms
126ms Document
text/html 2606:4700:310c::ac42:2d15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://candimax.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2d15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

751326919e01aba3dfabd54cbd9557ad6f4dbf872efd17e89f4c054ac76628e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8dfdbd72fde97157-YUL
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 09 Nov 2024 12:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOyGbEtuYEbH9XWaitZR5dfJtVvmzALJnTCpkk4F4hoH8LzktpAX2Etp4RRsMYSQjbMA5mIjrftbBbu6l0%2BEu56T9OdKo3Dzn5kzOvEKr47CdXZAPLiC9wVvkm8%2BiB9hsYdHlwYRlEcEcjJw%2Fhs9mgw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=15665&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3970&recv_bytes=2290&delivery_rate=245025&cwnd=253&unsent_bytes=0&cid=5f1569a8260c7328&ts=134&x=0"
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 272ms
39ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b984655a7cc7e9d1918b12fec7d438b196419fe7f0b45810483725e73c127b03

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

content-encoding: br
etag: "1dd82982cf26bfea"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 12:17:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 73076
x-xss-protection: 0
server: sffe

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 312ms
80ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecdb313f2d405c1189df06a5a4aa86096e52a4076e4b3e687ed810872e516226

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

content-encoding: br
etag: "be14e9bccd10e524"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 12:17:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 11499
x-xss-protection: 0
server: sffe

GET
H2 200 amp-bind-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
16 KB 271ms
72ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.js

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c262bdd9ac400485f5377414230449ae1fd6b870c4a90730948bdc28760c575

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

content-encoding: br
etag: "d60809689d30687c"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 12:17:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 16351
x-xss-protection: 0
server: sffe

GET
H2 200 logo.webp
candimax.pages.dev/assets/ 45 KB
45 KB 91ms
89ms Image
image/webp 2606:4700:310c::ac42:2d15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candimax.pages.dev/assets/logo.webp

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2d15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d794615670c01b794a5ccceb63f55e77da87c3d492d8f264b699c2df0af4a614

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "c70d6e39500d1004445df8146f2c93ea"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X58sparovcCCDYEyUZGEBHj8wRJq%2BXmMQbII%2FQKgUrcCvmOZ34vp1VGl5iccxKKvPC5Ypgxs6cBQk52F%2BVUPK%2F2BMvyKoCnAZzKUyeIee8spWUL60mqc7q20zClyUZYvggIRMS1z6Qh8qk3tBE7%2FiNo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8dfdbd73ee3d7157-YUL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 45877
server-timing: cfL4;desc="?proto=TCP&rtt=16359&sent=21&recv=27&lost=0&retrans=0&sent_bytes=11877&recv_bytes=2554&delivery_rate=931474&cwnd=257&unsent_bytes=0&cid=5f1569a8260c7328&ts=245&x=0"
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon-togel.png
img.viva88athenae.com// 2 KB
2 KB 86ms
35ms Image
image/webp 104.18.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com//icon-togel.png
Requested by: Host: candimax.pages.dev
URL: https://candimax.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f16cd2679e8bc3c5af1f4d39313fd87444f1df79cec3ce456f340edceb29e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 4668
expires: Sat, 09 Nov 2024 16:17:30 GMT
cf-polished: origFmt=png, origSize=3175
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
content-disposition: inline; filename="icon-togel.webp"
vary: Accept
last-modified: Wed, 19 Apr 2023 10:27:47 GMT
cache-control: public, max-age=14400
cf-ray: 8dfdbd743c58ab18-YYZ
accept-ranges: bytes
content-length: 1720
server: cloudflare

GET
H3 200 icon-slot.png
img.viva88athenae.com// 2 KB
2 KB 53ms
34ms Image
image/webp 104.18.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com//icon-slot.png
Requested by: Host: candimax.pages.dev
URL: https://candimax.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4565f55cc02a93bb42bdfcbbac64facc4a1a7f1236e4da1e9c6a35199d0a4af2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 4668
expires: Sat, 09 Nov 2024 16:17:30 GMT
cf-polished: origFmt=png, origSize=3134
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
content-disposition: inline; filename="icon-slot.webp"
vary: Accept
last-modified: Wed, 19 Apr 2023 10:27:47 GMT
cache-control: public, max-age=14400
cf-ray: 8dfdbd743c53ab18-YYZ
accept-ranges: bytes
content-length: 1822
server: cloudflare

GET
H3 200 icon-live.png
img.viva88athenae.com// 1 KB
2 KB 57ms
37ms Image
image/webp 104.18.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com//icon-live.png
Requested by: Host: candimax.pages.dev
URL: https://candimax.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef0d3521e7ebe6142259086f66d1e7c587e37118ac8c2d9f2a110fadff006de8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 4668
expires: Sat, 09 Nov 2024 16:17:30 GMT
cf-polished: origFmt=png, origSize=3265
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
content-disposition: inline; filename="icon-live.webp"
vary: Accept
last-modified: Wed, 19 Apr 2023 10:27:47 GMT
cache-control: public, max-age=14400
cf-ray: 8dfdbd743c5bab18-YYZ
accept-ranges: bytes
content-length: 1390
server: cloudflare

GET
H3 200 icon-sport.png
img.viva88athenae.com// 2 KB
2 KB 56ms
36ms Image
image/webp 104.18.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com//icon-sport.png
Requested by: Host: candimax.pages.dev
URL: https://candimax.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acc4113c310a8f0286b0e453971cc280c5b0f52b9a1257bfee63707c8bc102ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 4668
expires: Sat, 09 Nov 2024 16:17:30 GMT
cf-polished: origFmt=png, origSize=2886
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
content-disposition: inline; filename="icon-sport.webp"
vary: Accept
last-modified: Wed, 19 Apr 2023 10:27:47 GMT
cache-control: public, max-age=14400
cf-ray: 8dfdbd743c59ab18-YYZ
accept-ranges: bytes
content-length: 1662
server: cloudflare

GET
H3 200 icon-fishing.png
img.viva88athenae.com// 634 B
1 KB 52ms
33ms Image
image/webp 104.18.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com//icon-fishing.png
Requested by: Host: candimax.pages.dev
URL: https://candimax.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d79e08852078b4c29c8b20cc80f6d8559f749fffd6d44ad4864f7f6adf4c31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 4668
expires: Sat, 09 Nov 2024 16:17:30 GMT
cf-polished: origFmt=png, origSize=4057
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
content-disposition: inline; filename="icon-fishing.webp"
vary: Accept
last-modified: Mon, 22 May 2023 11:27:42 GMT
cache-control: public, max-age=14400
cf-ray: 8dfdbd743c55ab18-YYZ
accept-ranges: bytes
content-length: 634
server: cloudflare

GET
H3 200 icon-sabung.png
img.viva88athenae.com// 1 KB
2 KB 52ms
34ms Image
image/webp 104.18.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com//icon-sabung.png
Requested by: Host: candimax.pages.dev
URL: https://candimax.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c9dc87b20eeeb920089f52a31b056e9398ad2218702278df70b4906fcec95d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 4668
expires: Sat, 09 Nov 2024 16:17:30 GMT
cf-polished: origFmt=png, origSize=2668
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
content-disposition: inline; filename="icon-sabung.webp"
vary: Accept
last-modified: Wed, 19 Apr 2023 10:27:47 GMT
cache-control: public, max-age=14400
cf-ray: 8dfdbd743c57ab18-YYZ
accept-ranges: bytes
content-length: 1448
server: cloudflare

GET
H3 200 icon-interactive.png
img.viva88athenae.com// 364 B
850 B 34ms
32ms Image
image/webp 104.18.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com//icon-interactive.png
Requested by: Host: candimax.pages.dev
URL: https://candimax.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab426db97aa0aff214ff95147c7b2266324439da636662d133af8c190d470568

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 4667
expires: Sat, 09 Nov 2024 16:17:30 GMT
cf-polished: origFmt=png, origSize=681
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
content-disposition: inline; filename="icon-interactive.webp"
vary: Accept
last-modified: Thu, 29 Feb 2024 05:30:52 GMT
cache-control: public, max-age=14400
cf-ray: 8dfdbd746c72ab18-YYZ
accept-ranges: bytes
content-length: 364
server: cloudflare

GET
H3 200 download-apk.png
img.viva88athenae.com/ 3 KB
3 KB 39ms
38ms Image
image/webp 104.18.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/download-apk.png
Requested by: Host: candimax.pages.dev
URL: https://candimax.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 167169418999d48fad4740010ca5ba35d825f9ee341992ca98049c56a8dc80fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 4587
expires: Sat, 09 Nov 2024 16:17:30 GMT
cf-polished: origFmt=png, origSize=5922
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
content-disposition: inline; filename="download-apk.webp"
vary: Accept
last-modified: Mon, 15 May 2023 05:27:49 GMT
cache-control: public, max-age=14400
cf-ray: 8dfdbd745c6eab18-YYZ
accept-ranges: bytes
content-length: 3092
server: cloudflare

GET
H2 200 slide1.webp
candimax.pages.dev/assets/ 265 KB
266 KB 249ms
246ms Image
image/webp 2606:4700:310c::ac42:2d15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candimax.pages.dev/assets/slide1.webp

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2d15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75475bed4be2e80d9d34fdb8b385c58105c2ba1673e7255d3a57ee89b2e84bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "d030a43075d80be922e49dbb56a690c6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Lab5toxEk%2BAyqWz43A5mzwfcFf2wjJEROAkvPfccm6VMwacK8PTZlB%2BF%2FRMg%2B49I%2FjQh86LLknbdmmfkMWqTGPGOA9bGM5JiIp7WnN2MkGsqvkaXhwS4pBEF7fL6Jgmj9xxKzQ5dhYnhDmr31jMfEk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8dfdbd741e4a7157-YUL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 271592
server-timing: cfL4;desc="?proto=TCP&rtt=16088&sent=62&recv=50&lost=0&retrans=0&sent_bytes=59032&recv_bytes=2554&delivery_rate=3185586&cwnd=257&unsent_bytes=0&cid=5f1569a8260c7328&ts=438&x=0"
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
vary: Accept-Encoding
server: cloudflare

GET
H3 200 home-bawah.webp
candimax.pages.dev/assets/ 326 B
983 B 130ms
128ms Image
image/webp 172.66.45.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candimax.pages.dev/assets/home-bawah.webp

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.45.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605a04373343eb29ca2b678d74f29dc99723581836902b039fde15c30c558410

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "68d3da8ec97fd8745bc62f4f5bbbea0c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fe7aBGZlGT2zyGe7IzdDh4whaOhT5ZtyivNicxTZyn4UEwsKdWAiEvgMJFujUN9vu7EnQzKbJGmspBimHXEX62EhwtSe9zERieXCR2m8uJ2%2Bj%2F7v1Gw2K7XWUblF%2BKTk%2BI1BluI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8dfdbd742b99ab3c-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 326
server-timing: cfL4;desc="?proto=QUIC&rtt=22772&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4234&recv_bytes=5146&delivery_rate=584&cwnd=12000&unsent_bytes=0&cid=1920e2a79866c73a&ts=141&x=1", cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon-games1.webp
candimax.pages.dev/assets/ 1 KB
2 KB 134ms
133ms Image
image/webp 172.66.45.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candimax.pages.dev/assets/icon-games1.webp

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.45.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362ecfdeb9ed3b7966bf28b260a728bc63e6e18c8976d77ef1e44a9f0bd5c49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "92be7eeaf6ee68291ed0a90b8defeeaa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEC3J5a8IjQ5dmweOeQrAhrmLRzoogtcZv8L1sjWcRKA7VHVIhMRLPDCMGAQjJB1RPtHDCdaqibmLTNW9Pv27frULm73pdrskgOQ1XK8h1wYhRR%2B4St4AL%2FtpFr5AVgug8mJ%2F%2B0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8dfdbd742b9bab3c-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1500
server-timing: cfL4;desc="?proto=QUIC&rtt=22772&sent=14&recv=12&lost=0&retrans=0&sent_bytes=6337&recv_bytes=5146&delivery_rate=584&cwnd=12000&unsent_bytes=0&cid=1920e2a79866c73a&ts=146&x=1", cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
vary: Accept-Encoding
server: cloudflare

GET
H3 200 livechat-bawah.webp
candimax.pages.dev/assets/ 386 B
1 KB 130ms
129ms Image
image/webp 172.66.45.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candimax.pages.dev/assets/livechat-bawah.webp

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.45.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e3f3784d405dd66b0ff81550a6dfcf8d3e8948437035b896cf20ca4c0d37f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "e97eab66719c51817ebd6e1787d002a9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BoNIZK4mp4262vGCaYyyQjx27J0SzFg5l98Ri3QBGwFG0caAz1Lm0uJdKcO0pecI1c2KPgKOZxwOLTmUTn4OAECwviEkiBG34B7WbRMMILX3pSArslBRcfT%2BXTvmbO%2BHlcA0x0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8dfdbd742b9cab3c-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 386
server-timing: cfL4;desc="?proto=QUIC&rtt=22772&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4234&recv_bytes=5146&delivery_rate=584&cwnd=12000&unsent_bytes=0&cid=1920e2a79866c73a&ts=141&x=1", cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
vary: Accept-Encoding
server: cloudflare

GET
H3 200 4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v20/ 15 KB
15 KB 199ms
29ms Font
font/woff2 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

0903c47e44202c72ad2ee0563b2a05b063bf3cacfe050a4ce5775658e680cab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://candimax.pages.dev
Referer: https://candimax.pages.dev/

Response headers

age: 145098
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 19:59:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 19:59:12 GMT
last-modified: Wed, 27 Apr 2022 16:21:52 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14928
x-xss-protection: 0
server: sffe

GET
H3 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v20/ 14 KB
14 KB 196ms
27ms Font
font/woff2 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://candimax.pages.dev
Referer: https://candimax.pages.dev/

Response headers

age: 146001
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 19:44:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 19:44:09 GMT
last-modified: Wed, 27 Apr 2022 17:00:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14124
x-xss-protection: 0
server: sffe

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012410161801000/v0/ 8 KB
3 KB 94ms
40ms Script
text/javascript 142.250.72.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410161801000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f1.1e100.net

Software

sffe /

Resource Hash

512c91337431f94af2fb3078116524b156de8c57f1bc045fd27f1e79584fd1b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://candimax.pages.dev
Referer: https://candimax.pages.dev/

Response headers

content-encoding: br
etag: "149b0c761c2ef4b5"
age: 143831
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 20:20:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 20:20:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2974
x-xss-protection: 0
server: sffe

GET
H3 200 ww.js Show response
cdn.ampproject.org/rtv/012410161801000/ 51 KB
14 KB 76ms
29ms Fetch
text/javascript 142.250.72.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410161801000/ww.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f1.1e100.net

Software

sffe /

Resource Hash

a867d4c24f8eede13a641bb2914a0a587b0dc7cee7aa12a7a27c178e8c867617

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/plain
Referer: https://candimax.pages.dev/

Response headers

content-encoding: br
etag: "385dafab04772ae0"
age: 145398
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 19:54:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 19:54:12 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 14443
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012410161801000/v0/ 12 KB
4 KB 46ms
28ms Script
text/javascript 142.250.72.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410161801000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f1.1e100.net

Software

sffe /

Resource Hash

485a8e4f8b9cca27263f39bd4bffcffc3fd343cebcf06b6952d2f1058f8e5ed3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://candimax.pages.dev
Referer: https://candimax.pages.dev/

Response headers

content-encoding: br
etag: "c92c8dce1ca0463a"
age: 144693
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 20:05:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 20:05:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3935
x-xss-protection: 0
server: sffe

GET
H3 200 slide2.webp
candimax.pages.dev/assets/ 2 MB
2 MB 133ms
132ms Image
image/webp 172.66.45.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://candimax.pages.dev/assets/slide2.webp

Requested by

Host: candimax.pages.dev
URL: https://candimax.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.45.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0ab4e6be9aa46dd85bfe7c63530573b242162235ab5181f2d073ac67c8139b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "e58e9ed1595d562ff1352c2add4b8899"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BPuHgz5UeVdB0cxxD10K5T9yiSWmJmTVvb4Lua3tWcP5ULEKr%2B3o1U9bZ%2B%2F5tb1lAnoUozJmtehONVHBSF%2FWqTbrSlFWo%2BM0Y31Zo3sf6omFZNarpRqsxgNVuqC1DKDwiRMDXA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8dfdbd76ed70ab3c-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2266832
server-timing: cfL4;desc="?proto=QUIC&rtt=23141&sent=17&recv=16&lost=0&retrans=0&sent_bytes=8562&recv_bytes=5621&delivery_rate=194197&cwnd=12000&unsent_bytes=0&cid=1920e2a79866c73a&ts=589&x=1", cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 12:17:30 GMT
content-type: image/webp
vary: Accept-Encoding
server: cloudflare

GET bade8115-838c-4bdd-b459-069cae900a75
https://candimax.pages.dev/ 0
0

GET
H3 200 favicon.ico
candimax.pages.dev/ 39 KB
8 KB 81ms
81ms Other
text/html 172.66.45.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://candimax.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.45.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

751326919e01aba3dfabd54cbd9557ad6f4dbf872efd17e89f4c054ac76628e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://candimax.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LExIqhQeR5wUwQdb5EB3QAhc1aAhT63o%2FSi4LAlYYS5pdowQw3%2BhNnJoFvdX1I5HYPphvWM%2B6T5u0MWwJy4M%2FIjaKRJQrTkJRNdYLaDJg%2FIjk32t9kBNKPRnFR%2F0q8DbZw4yjY0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8dfdbd7a4f8eab3c-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31217&sent=2272&recv=591&lost=311&retrans=311&sent_bytes=2693465&recv_bytes=33420&delivery_rate=12419601&cwnd=447468&unsent_bytes=0&cid=1920e2a79866c73a&ts=1076&x=1", cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 12:17:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: candimax.pages.dev
URL: blob:https://candimax.pages.dev/bade8115-838c-4bdd-b459-069cae900a75

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.viva88athenae.com/	1970-01-21 00:52:36	Name: __cf_bm Value: 3RPnb_C43tbwAwwQwVtWA92O_fx9UAd3rNZMR5gGv84-1731154650-1.0.1.1-VC9yFE7e4JMVAWXEd5ZcUOnrZyQrBgQeAKKBsGReR7AJLbmNdaj6abOmbhAjKtiDEKsiQFZPJ8qOg3cLEBAFvA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

candimax.pages.dev
cdn.ampproject.org
fonts.gstatic.com
img.viva88athenae.com
candimax.pages.dev
104.18.25.122
142.250.72.97
142.251.40.227
172.66.45.21
2606:4700:310c::ac42:2d15
2607:f8b0:4006:809::2001
0903c47e44202c72ad2ee0563b2a05b063bf3cacfe050a4ce5775658e680cab9
167169418999d48fad4740010ca5ba35d825f9ee341992ca98049c56a8dc80fd
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
362ecfdeb9ed3b7966bf28b260a728bc63e6e18c8976d77ef1e44a9f0bd5c49d
4565f55cc02a93bb42bdfcbbac64facc4a1a7f1236e4da1e9c6a35199d0a4af2
47c9dc87b20eeeb920089f52a31b056e9398ad2218702278df70b4906fcec95d
485a8e4f8b9cca27263f39bd4bffcffc3fd343cebcf06b6952d2f1058f8e5ed3
512c91337431f94af2fb3078116524b156de8c57f1bc045fd27f1e79584fd1b8
605a04373343eb29ca2b678d74f29dc99723581836902b039fde15c30c558410
751326919e01aba3dfabd54cbd9557ad6f4dbf872efd17e89f4c054ac76628e8
9c262bdd9ac400485f5377414230449ae1fd6b870c4a90730948bdc28760c575
a867d4c24f8eede13a641bb2914a0a587b0dc7cee7aa12a7a27c178e8c867617
ab426db97aa0aff214ff95147c7b2266324439da636662d133af8c190d470568
acc4113c310a8f0286b0e453971cc280c5b0f52b9a1257bfee63707c8bc102ca
b3f16cd2679e8bc3c5af1f4d39313fd87444f1df79cec3ce456f340edceb29e4
b984655a7cc7e9d1918b12fec7d438b196419fe7f0b45810483725e73c127b03
c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e
d4e3f3784d405dd66b0ff81550a6dfcf8d3e8948437035b896cf20ca4c0d37f1
d794615670c01b794a5ccceb63f55e77da87c3d492d8f264b699c2df0af4a614
db0ab4e6be9aa46dd85bfe7c63530573b242162235ab5181f2d073ac67c8139b
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
ecdb313f2d405c1189df06a5a4aa86096e52a4076e4b3e687ed810872e516226
ef0d3521e7ebe6142259086f66d1e7c587e37118ac8c2d9f2a110fadff006de8
f5d79e08852078b4c29c8b20cc80f6d8559f749fffd6d44ad4864f7f6adf4c31
f75475bed4be2e80d9d34fdb8b385c58105c2ba1673e7255d3a57ee89b2e84bd

candimax.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2d15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

96 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

7 IPs

2 Countries

2710 kBTransfer

3081 kBSize

1 Cookies

5 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

candimax.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2d15 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

7
IPs

2
Countries

2710 kB
Transfer

3081 kB
Size

1
Cookies

25 HTTP transactions
2 data transactions