Submitted URL: http://candy.com/
Effective URL: https://www.candy.com/
Submission: On May 25 via manual from US — Scanned from DE

Summary

This website contacted 23 IPs in 4 countries across 20 domains to perform 64 HTTP transactions. The main IP is 2606:4700::6812:38c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.candy.com.
TLS certificate: Issued by E1 on May 17th 2022. Valid for: 3 months.
This is the only time www.candy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
20 99.86.4.50 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:2800:234... 15133 (EDGECAST)
2 199.232.136.157 54113 (FASTLY)
1 108.156.253.220 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2620:1ec:27::... 8075 (MICROSOFT...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.129.140 54113 (FASTLY)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 20.96.88.162 8075 (MICROSOFT...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 52.142.114.2 8075 (MICROSOFT...)
64 23
Apex Domain
Subdomains
Transfer
20 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 14838
10 MB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1266
k.clarity.ms — Cisco Umbrella Rank: 3361
c.clarity.ms — Cisco Umbrella Rank: 668
25 KB
5 candy.com
candy.com — Cisco Umbrella Rank: 435504
www.candy.com
21 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
490 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
c.bing.com — Cisco Umbrella Rank: 232
12 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 685
www.google.com — Cisco Umbrella Rank: 7
975 B
3 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 26815
5 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5483
629 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
3 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
201 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
187 KB
2 sendinblue.com
in-automate.sendinblue.com — Cisco Umbrella Rank: 28445
262 B
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 638
28 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1192
5 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1583
157 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1437
7 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 110
15 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
1 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 664
394 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
33 KB
64 20
Domain Requested by
20 uploads-ssl.webflow.com www.candy.com
uploads-ssl.webflow.com
4 www.facebook.com www.candy.com
4 www.candy.com www.candy.com
3 sibautomation.com www.candy.com
sibautomation.com
static.cloudflareinsights.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.candy.com
3 www.google.de www.candy.com
3 connect.facebook.net www.candy.com
connect.facebook.net
3 www.googletagmanager.com www.candy.com
www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 in-automate.sendinblue.com sibautomation.com
2 k.clarity.ms www.clarity.ms
k.clarity.ms
2 www.google.com www.candy.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 analytics.google.com www.googletagmanager.com
2 static.ads-twitter.com www.candy.com
1 c.bing.com 1 redirects
1 static.cloudflareinsights.com sibautomation.com
1 alb.reddit.com www.candy.com
1 www.clarity.ms www.candy.com
1 www.redditstatic.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 d3e54v103j8qbb.cloudfront.net www.candy.com
1 platform.twitter.com 1 redirects
1 ajax.googleapis.com www.candy.com
1 candy.com 1 redirects
64 26
Subject Issuer Validity Valid
*.candy.com
E1
2022-05-17 -
2022-08-15
3 months crt.sh
uploads-ssl.webflow.com
Amazon
2021-09-27 -
2022-10-26
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-04 -
2022-06-02
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
www.google.de
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-21 -
2022-07-26
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-17 -
2022-08-16
6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2022-03-16 -
2022-09-16
6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-02-27 -
2023-02-27
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-10 -
2022-07-09
a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-17 -
2022-08-16
6 months crt.sh
www.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google.de
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01
2021-07-27 -
2022-07-27
a year crt.sh
sendinblue.com
Cloudflare Inc ECC CA-3
2021-09-29 -
2022-09-28
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.candy.com/
Frame ID: 12AAB6D19A9C298E4776FF655BF2E0B0
Requests: 59 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=yeqx8v2oi6wdoul4buy3an52
Frame ID: 4DEA8388AA9D0D9E34833BEB6511F203
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 23B95348135B424E4D532EC916219E17
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Candy - Digital Collectible Experience

Page URL History Show full URLs

  1. http://candy.com/ HTTP 301
    https://www.candy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

97 %
HTTPS

72 %
IPv6

20
Domains

26
Subdomains

23
IPs

4
Countries

11199 kB
Transfer

15660 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://candy.com/ HTTP 301
    https://www.candy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 57
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=C7045BCBCC2441089743832E839ADA9C&RedC=c.clarity.ms&MXFR=2E602BE0EEAC6F0F1A153A4FEAAC6123 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=C7045BCBCC2441089743832E839ADA9C&MUID=045FA1CD91F960A5270DB06290726187

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.candy.com/
Redirect Chain
  • http://candy.com/
  • https://www.candy.com/
67 KB
11 KB
Document
General
Full URL
https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64ec7489e5f74d23d7e4f13289926fb251f3d59eb2852c0bc9b5b14dc9abeec
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14901
cf-cache-status
DYNAMIC
cf-ray
710fe3aa1c319bb9-FRA
content-encoding
br
content-type
text/html
date
Wed, 25 May 2022 17:11:16 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=7776000; includeSubDomains
vary
x-wf-forwarded-proto, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-cache-hits
0, 41
x-cluster-name
eu-west-1-prod-eks-15
x-lambda-id
e20fe4af-f2e2-4a89-a46e-76659f6cc47c
x-served-by
cache-iad-kiad7000136-IAD, cache-dub4343-DUB
x-timer
S1653498677.942876,VS0,VE0

Redirect headers

CF-RAY
710fe3a99d3a9101-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 25 May 2022 17:11:16 GMT
Expires
Wed, 25 May 2022 18:11:16 GMT
Location
https://www.candy.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
candy-digital-collectible-experience.webflow.96faac17c.min.css
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/
91 KB
19 KB
Stylesheet
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/candy-digital-collectible-experience.webflow.96faac17c.min.css
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d88628eab6c7a83a636359de53478fdb807e90cb93587d9f1eb8353dd1b486a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
.t93wkqpGcF5gIJe8ceq5Rs1KZFGXnBe
content-encoding
gzip
etag
"ec8b90e630c85d7c96127f6a32d2e472"
age
80613
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
18568
last-modified
Mon, 23 May 2022 18:53:27 GMT
server
AmazonS3
date
Tue, 24 May 2022 18:47:45 GMT
content-type
text/css
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
iztYfqucrM0GwDfmGYkz_y2L98R1xuEHmhlhc70OPXUZDueWndAhcw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 12:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
536170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 12:15:07 GMT
js
www.googletagmanager.com/gtag/
192 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8C9XEDS6Q6
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74f847cf9b521cb68a3316d59b6f6872f8fc4a438c6380ab185528f5ab0d40f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70171
x-xss-protection
0
expires
Wed, 25 May 2022 17:11:17 GMT
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
48 KB
14 KB
Script
General
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 16:49:30 GMT
etag
"39dd6daafb219ee61305f13521c2d060+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
14051
x-served-by
cache-iad-kcgs7200130-IAD, cache-hhn11560-HHN

Redirect headers

x-tw-cdn
VZ
Date
Wed, 25 May 2022 17:11:17 GMT
Server
ECS (frb/6763)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Server-Timing
"x-cache;desc= ,x-tw-cdn;desc=",edge;dur=1
Content-Length
0
api.js
www.candy.com/cdn-cgi/bm/cv/669835187/
35 KB
9 KB
Script
General
Full URL
https://www.candy.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=7776000; includeSubDomains
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
710fe3ac19939bb9-FRA
vary
Accept-Encoding
email-decode.min.js
www.candy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
865 B
Script
General
Full URL
https://www.candy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 21 May 2022 16:00:29 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"62890c9d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800, public
strict-transport-security
max-age=7776000; includeSubDomains
cf-ray
710fe3ab3f009bb9-FRA
expires
Fri, 27 May 2022 17:11:16 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
31 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61a540b1f30dec3af0929ac0
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.253.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-253-220.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.candy.com/
Origin
https://www.candy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 06:25:57 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
38721
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
iVKnjKNUaa80aRVH9Q32h4a8w5naoDvPCUbrUhp4EzX76YivcwEbnA==
webflow.6ad26ece9.js
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/js/
186 KB
58 KB
Script
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/js/webflow.6ad26ece9.js
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53f74ebc882fda149038d2fd3c1f3334c9b74cc64306d41bbb11428abb8d2e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
8.BA4huyJiok37rVxixtO27P881Rzvgm
content-encoding
gzip
etag
"2ed62e261d1f90469927f725f939ed33"
age
40785
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59170
last-modified
Fri, 20 May 2022 19:34:52 GMT
server
AmazonS3
date
Wed, 25 May 2022 05:51:33 GMT
content-type
text/javascript
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
40IQ0EaQTnytE3lTB0CqdDWiW94iXWU-SwtMXTl_fNFHf_eZ3PDJVA==
gtm.js
www.googletagmanager.com/
171 KB
62 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56J7XL9
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
420b79f517378529d6fd66f5b675f1cb4ed1b6485fb6db724f1978cf32d935a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63080
x-xss-protection
0
last-modified
Wed, 25 May 2022 16:08:46 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 May 2022 17:11:17 GMT
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
Fgo0K41yRDtyE7jZdrvVBwSGlvVD8tbnxoiXPcVuKDcMObgscqQZYpc8+s0nOaXt648vkywPlNwlV3u6cwI2yg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 25 May 2022 17:11:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/
0
346 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8C9XEDS6Q6&gtm=2oe5n0&_p=2067093485&_z=ccd.NNB&_gaz=1&cid=423647492.1653498677&ul=en-us&sr=1600x1200&_s=1&sid=1653498677&sct=1&seg=0&dl=https%3A%2F%2Fwww.candy.com%2F&dt=Candy%20-%20Digital%20Collectible%20Experience&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C9XEDS6Q6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.candy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
346 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8C9XEDS6Q6&cid=423647492.1653498677&gtm=2oe5n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C9XEDS6Q6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.candy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
152 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-365421231&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C9XEDS6Q6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7871c796bcef75c2e8b4fd075dd5534a1f69b2fa6134e49bb37916146cfa1f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57961
x-xss-protection
0
last-modified
Wed, 25 May 2022 16:08:46 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 May 2022 17:11:17 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8C9XEDS6Q6&cid=423647492.1653498677&gtm=2oe5n0&aip=1&z=1771123735
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
uwt.js
static.ads-twitter.com/
48 KB
14 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 16:49:30 GMT
etag
"39dd6daafb219ee61305f13521c2d060+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
14051
x-served-by
cache-iad-kjyo7100060-IAD, cache-hhn11560-HHN
61a8ee6def10123140d4ca21_SuisseIntl-Bold.otf
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
134 KB
135 KB
Font
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61a8ee6def10123140d4ca21_SuisseIntl-Bold.otf
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/candy-digital-collectible-experience.webflow.96faac17c.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3f03033718c9f5955906525e85a503bfbd78c04352b294533594104d23bec9b

Request headers

Referer
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/candy-digital-collectible-experience.webflow.96faac17c.min.css
Origin
https://www.candy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:27:33 GMT
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
7181025
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
137524
last-modified
Thu, 02 Dec 2021 16:03:58 GMT
server
AmazonS3
etag
"ceda09c978023f0b029310993b9f18c5"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
OSfQSxJ7qsyyS_EeDGM8SXUQHu0runtk
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/x-font-otf
x-amz-cf-id
3ZuvXz6fq6vQxreqnYUVRDPKDnCKD0VJOAzFM2t01HTMNwse42tKbQ==
61a5751e94cd6ecd3f756bb9_SuisseIntl-Regular.otf
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
127 KB
128 KB
Font
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61a5751e94cd6ecd3f756bb9_SuisseIntl-Regular.otf
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/candy-digital-collectible-experience.webflow.96faac17c.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4acd1a90984282531994fee8542e25cc1de087d47fd583726a0b256fc43eea7

Request headers

Referer
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/candy-digital-collectible-experience.webflow.96faac17c.min.css
Origin
https://www.candy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:27:33 GMT
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
7181025
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
130136
last-modified
Thu, 02 Dec 2021 16:12:33 GMT
server
AmazonS3
etag
"3f16c813c5c1b5ebe4fb8f1e53eb57c6"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
_GY5qLh5p5l.anv_ytCRtGkMNKR240k5
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/x-font-otf
x-amz-cf-id
1ddSK2ipy_KY1CCz5AavCc73UbX0LfPcoz3y1YsNpkBqtA-zdT3c2w==
6255805db1d305eda8fb5b11_Packs_Hero_Desktop.png
uploads-ssl.webflow.com/61a6575c55b3b567c42eba25/
3 MB
3 MB
Image
General
Full URL
https://uploads-ssl.webflow.com/61a6575c55b3b567c42eba25/6255805db1d305eda8fb5b11_Packs_Hero_Desktop.png
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d0ca1a12fa8e841086de037b218093ef7e76969b53237d3b95f19f405142fbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 12 Apr 2022 14:01:44 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified
Tue, 12 Apr 2022 13:45:12 GMT
server
AmazonS3
age
3726574
etag
"b0765a87faed2679b1c694c0744df8b5"
x-cache
Hit from cloudfront
x-amz-version-id
Pc4IPlkek.9c7ivkz88u6_r9gP9tikIr
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/png
content-length
3561627
x-amz-cf-id
R6KZ34qQAiv0JmO-1gQDeLsnIL_mXHTgwhag0HMM62cmuStC7or9Xg==
624759ed4f87fd1d45260b69_POTD_SiteBanner_Desktop.jpg
uploads-ssl.webflow.com/61a6575c55b3b567c42eba25/
2 MB
2 MB
Image
General
Full URL
https://uploads-ssl.webflow.com/61a6575c55b3b567c42eba25/624759ed4f87fd1d45260b69_POTD_SiteBanner_Desktop.jpg
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bfa7d06ef9c9dc7b4278b36fe04d2720319b5bf8a0980c995b3c39e56f0a6df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 01 Apr 2022 21:14:07 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified
Fri, 01 Apr 2022 20:00:46 GMT
server
AmazonS3
age
4651030
etag
"23240219fae4f72874ecb4de562daa6f"
x-cache
Hit from cloudfront
x-amz-version-id
vyXxPAOFFcKutMxSSX91CAwYToaG3phZ
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2458757
x-amz-cf-id
qKaJLzC-hYZaRaHUBhu4TLHRT8Bnfn9Vf--uNOc37vEs0IjQr7FocA==
61a9119ca07e4e5173c2614c_SuisseIntl-Medium.otf
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
126 KB
127 KB
Font
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61a9119ca07e4e5173c2614c_SuisseIntl-Medium.otf
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/candy-digital-collectible-experience.webflow.96faac17c.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e38c3a21fdbc3f80d949ea39c81dd0dad7783bda57d3835fd0592fb083033430

Request headers

Referer
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/candy-digital-collectible-experience.webflow.96faac17c.min.css
Origin
https://www.candy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:27:33 GMT
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
7181025
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
129268
last-modified
Thu, 02 Dec 2021 18:34:05 GMT
server
AmazonS3
etag
"1bde5e7cec3cccef63b4cdaddcabaa4c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
u4h2Zw5sZimL7umAIfYmKIenzoLCm8HE
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/x-font-otf
x-amz-cf-id
xi7LUlhNWaBYG_DFsbKrVwJq37mPdoGgYOAA_gGxSlG983coEQBFzQ==
61ad2eda4c1110ab0bbef22f_SuisseIntl-SemiBold.otf
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
129 KB
130 KB
Font
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61ad2eda4c1110ab0bbef22f_SuisseIntl-SemiBold.otf
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/candy-digital-collectible-experience.webflow.96faac17c.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
875f5a192d96d3fed764890b7a7909326f761a37f6d34c6820ac43f06aac2778

Request headers

Referer
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/css/candy-digital-collectible-experience.webflow.96faac17c.min.css
Origin
https://www.candy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:27:33 GMT
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
7181025
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
132600
last-modified
Sun, 05 Dec 2021 21:27:56 GMT
server
AmazonS3
etag
"00a0b40fb6d4872e3df5be25b7cf3520"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
mPNrqu10AlWgHGA7eIvxwuQfDZARgQij
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/x-font-otf
x-amz-cf-id
idOsYCZI6KEEq3wIz49IUGPYFBH2bkqtenXXgkmAAkB7XiXX4R8nZA==
61a5435d04b7aa781b71daff_CandyLogo_Default.png
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
2 KB
2 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61a5435d04b7aa781b71daff_CandyLogo_Default.png
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b188e88336543465584798d5efb4131edad374da35d65fc16fa98280d7943995

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 17 May 2022 02:46:19 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified
Mon, 29 Nov 2021 21:17:19 GMT
server
AmazonS3
age
743099
etag
"e91cde7e570d88068fdba51a81c7ad58"
x-cache
Hit from cloudfront
x-amz-version-id
oBp3k6k2V6fCLKGAgbYlGnKZ1KOylUh8
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/png
content-length
1804
x-amz-cf-id
tOWmlli4cUUZaXadISUjFslKn_OQ5I7yrk6_evBd4gZ5S7bmaQmPXQ==
62475e8656fd05c38822da9d_Play%20of%20the%20Day%20Lockup.png
uploads-ssl.webflow.com/61a6575c55b3b567c42eba25/
2 KB
2 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/61a6575c55b3b567c42eba25/62475e8656fd05c38822da9d_Play%20of%20the%20Day%20Lockup.png
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b85e2360d0a696ffdde9669b7e536d3f20915228cce93c053cecf28b7bc57f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 01 Apr 2022 20:58:00 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified
Fri, 01 Apr 2022 20:20:23 GMT
server
AmazonS3
age
4651998
etag
"2e917c9f96c403d272102faf185b695e"
x-cache
Hit from cloudfront
x-amz-version-id
hZsdxy4piGK6TogsflZUhsxmZ3u5IlaJ
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/png
content-length
1686
x-amz-cf-id
kg8CefyxmE0gkOFY1tgeCEvOyTTS7vX0kzqxD4xnAeLziFk8eGWUqQ==
61e0b6114a1cec7ba2ef36c1_MLBCandy_SiteBanner_Mobile_Lg_NoText-transcode.mp4
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
130 KB
130 KB
Media
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61e0b6114a1cec7ba2ef36c1_MLBCandy_SiteBanner_Mobile_Lg_NoText-transcode.mp4
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43088a5de64055681c19e5f5dbac5b973a5e2d1f7e42c499498c93f0ade405d4

Request headers

Referer
https://www.candy.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
igLYk3laEhAPOL_EhWlE3IpSpoo8Q.S8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag
"49eb4bb00ab781ea2771d3f524b0b0e7"
last-modified
Thu, 13 Jan 2022 23:30:36 GMT
server
AmazonS3
age
32063
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-132631/132632
date
Wed, 25 May 2022 08:16:55 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
Content-Length
132632
x-amz-cf-id
b42SIKHK7Gvimn1VvJSEqsVAkfQQF8re_ctzij7rX4Vky11ZqYXDkA==
61e058d262be26b4f081a0d5_Candy_SiteBanner_NoText-poster-00001.jpg
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
72 KB
73 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61e058d262be26b4f081a0d5_Candy_SiteBanner_NoText-poster-00001.jpg
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf71dc86f5a439083e980e6571bd71c09ce58e6e0dc355f5f407a453411d8d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
Sp_JzouxEo05c2vcmJMkfevZwRfempnG
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag
"5f9c1e59046958b1bb0fa1f18633d60e"
last-modified
Thu, 13 Jan 2022 16:52:54 GMT
server
AmazonS3
age
72319
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 25 May 2022 17:11:17 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
74021
x-amz-cf-id
D88H52-Nnz8_M0wieUkWi8MrTSgBXFVaE0tMhokxhbuNP-tvXuo3mA==
61b6736feb7e8a1ff185f63a_FirstQuarterCard_Videomp4-poster-00001.jpg
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
12 KB
12 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61b6736feb7e8a1ff185f63a_FirstQuarterCard_Videomp4-poster-00001.jpg
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02aaa10e3e156c9a6fc61c9432b35bd321ffe9137c629e5761a193208fdcd94d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
dWMA_jlTgGCoygnkLmJ7R6ELagmiP.Pc
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag
"b4607f385189232e936102305ef6e2a2"
last-modified
Sun, 12 Dec 2021 23:08:16 GMT
server
AmazonS3
age
46654
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 25 May 2022 04:13:44 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
12314
x-amz-cf-id
9onukFT3Ns7NX2B-vBdrxj1tE4voZQB4CnN2hFMZSziGXGlwU9iZLw==
61b673dac47a93257d530a7b_ThirdQuarterCard_Video-poster-00001.jpg
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
13 KB
13 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61b673dac47a93257d530a7b_ThirdQuarterCard_Video-poster-00001.jpg
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5db68f350d820f6c40b4b0c200d8362355fde17b7f50a092a7f0d23b58e8f9cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
TDQg9YufWL9cWFIlT54MBIngV5Uo.cK7
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag
"b3249544eabec07e2b2ea9d2cd673c00"
last-modified
Sun, 12 Dec 2021 23:52:23 GMT
server
AmazonS3
age
27593
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 25 May 2022 09:31:25 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
13355
x-amz-cf-id
p21T4Q9uNphVpJKhiu77LGrJJJ9IWwTEdcKFiY0EmdSG8oIh1Dp4LA==
61b674961e0ca86b27b56a5c_FourthQuarterCard_Videomp4-poster-00001.jpg
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
28 KB
29 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61b674961e0ca86b27b56a5c_FourthQuarterCard_Videomp4-poster-00001.jpg
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9149f75e85631e7503fdf27ae114802ea371bc5908e27a24403639c7b1145a06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 25 May 2022 00:31:13 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified
Sun, 12 Dec 2021 23:52:58 GMT
server
AmazonS3
age
60005
etag
"270a9b86a99dffc52033b7d52a58e93d"
x-cache
Hit from cloudfront
x-amz-version-id
vv7NLL3nJolb5vtHsqkRe1U7b3tOtJbU
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
28808
x-amz-cf-id
fpd4UJgW7v6ZyedTVo9X-Hrmv4HiFuhbRokJKxzfR6qA7wvagkULFQ==
61e058d262be26b4f081a0d5_Candy_SiteBanner_NoText-transcode.mp4
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
242 KB
243 KB
Media
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61e058d262be26b4f081a0d5_Candy_SiteBanner_NoText-transcode.mp4
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2f18bbfcf4219996c8d0eee86517a711a006f0a9ecabe337bfe8fd40058d46b

Request headers

Referer
https://www.candy.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
6kSURu14F6U7NUkaUVbOI4p3pL_0FK2I
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag
"8147f8c97f3046a66a62a4eca7e547cf"
last-modified
Thu, 13 Jan 2022 16:52:47 GMT
server
AmazonS3
age
46654
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-247840/247841
date
Wed, 25 May 2022 04:13:44 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
Content-Length
247841
x-amz-cf-id
u4uI4KL515e7N0eJooOaTmbWvO8-zvXx3hEyp0h0ykB61DWDqFncbw==
61ccacecfb0ea1b30c174955_CandyMLB_SignUpBanner_v1%20-%20Final-transcode.mp4
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
1001 KB
1004 KB
Media
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61ccacecfb0ea1b30c174955_CandyMLB_SignUpBanner_v1%20-%20Final-transcode.mp4
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c92cc95156747236d95bc509bf7c292d9341ab0f702306ef30d679b7a62d3c44

Request headers

Referer
https://www.candy.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
T39_uyNF5HXl5kQ6YEXtycjCY1SfEQEN
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag
"ed427362e18bc60b1b075029c42e5620"
last-modified
Wed, 29 Dec 2021 18:46:23 GMT
server
AmazonS3
age
41297
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-1025257/1025258
date
Wed, 25 May 2022 05:43:01 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
Content-Length
1025258
x-amz-cf-id
wmXL7cG_9OvXXtYmP7bxjNXOafQ8VtlmxYBf9Jr6ezYjGajQly8JLg==
61b6736feb7e8a1ff185f63a_FirstQuarterCard_Videomp4-transcode.mp4
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
2 MB
2 MB
Media
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61b6736feb7e8a1ff185f63a_FirstQuarterCard_Videomp4-transcode.mp4
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
157b6b323a71606c5d8aa8c23652b99174cf08b422956d74a14f380de0645531

Request headers

Referer
https://www.candy.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
.HSKOteR67ckmDkdbffamN2Y.rNhCOtP
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag
"fb37ad81ed4c55a3187ca8d619d75297"
last-modified
Sun, 12 Dec 2021 23:07:57 GMT
server
AmazonS3
age
27593
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-1691122/1691123
date
Wed, 25 May 2022 09:31:25 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
Content-Length
1691123
x-amz-cf-id
n2nFxBpNJtZjyzRnPOVkg1pPE66ZcsAwC158o-pNFYgQqKTUbpVfMg==
61b673dac47a93257d530a7b_ThirdQuarterCard_Video-transcode.mp4
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
3 MB
0
Media
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61b673dac47a93257d530a7b_ThirdQuarterCard_Video-transcode.mp4
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.candy.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Uu_y_bzZxZydgrIRX937tOai2RTV50GF
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag
"ad33e7477ed58067387ec18b5ab9e5b2"
last-modified
Sun, 12 Dec 2021 23:51:47 GMT
server
AmazonS3
age
32063
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-3465601/3465602
date
Wed, 25 May 2022 08:16:55 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
Content-Length
3465602
x-amz-cf-id
9_QRxS4fG1ch5xEs_GLaq-2hrj8RQevtyPooz8ee8oRrur9uWdZjjA==
61b674961e0ca86b27b56a5c_FourthQuarterCard_Videomp4-transcode.mp4
uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/
974 KB
976 KB
Media
General
Full URL
https://uploads-ssl.webflow.com/61a540b1f30dec3af0929ac0/61b674961e0ca86b27b56a5c_FourthQuarterCard_Videomp4-transcode.mp4
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7acd4b40bc76dcf5d758cffa0c4d591d47d83a41c56b528179cde68241edb640

Request headers

Referer
https://www.candy.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
KVKMUoh1_oYO5HMlI79rMCAVl3rYm5Lg
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
etag
"1c78c18bf72bcfd4675629404e9daab2"
last-modified
Sun, 12 Dec 2021 23:52:52 GMT
server
AmazonS3
age
32063
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-997463/997464
date
Wed, 25 May 2022 08:16:55 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
Content-Length
997464
x-amz-cf-id
LKuW5ufATNnqe5UtTXl7604MPnXxt38L-SHbxb8FO_RL7URzPRlKpQ==
320087963089791
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/320087963089791?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ce5bd3ec01d993698e8a1145a9207897da64141738ee27c5162055e3c742fff
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
TJXYeJj5tWFSW+2qORiEhI952Zt+Os1z0q2U5fEXWdtgNbRuLwEDvxcPyBk66ixNgxd7fjlwKutD+y8+aU4pyw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 25 May 2022 17:11:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1653498677669
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-365421231&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14849
x-xss-protection
0
server
cafe
etag
10272469744856839321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 May 2022 17:11:17 GMT
pixel.js
www.redditstatic.com/ads/
24 KB
7 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56J7XL9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 18 Apr 2022 22:30:59 GMT
server
snooserv
etag
"5dcf2f59e7a6e0d30193fedad78db790"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
7461
bat.js
bat.bing.com/
38 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56J7XL9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4C772FD20BCB4236B88E825C034B9AF3 Ref B: FRA31EDGE0206 Ref C: 2022-05-25T17:11:17Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Wed, 25 May 2022 17:11:17 GMT
accept-ranges
bytes
content-length
11333
8uxhxauvxh
www.clarity.ms/tag/
1 KB
2 KB
Script
General
Full URL
https://www.clarity.ms/tag/8uxhxauvxh?ref=gtm2
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2193 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ab991e8814ea0ceead8b448e4dc03e4a9310af3361ef52d50b739158bea6f19f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
x-powered-by
ASP.NET
x-azure-ref
0NWOOYgAAAADzYHi3XmTnSrANKoBkH7eiU09GMDFFREdFMDQxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
content-length
1395
expires
-1
sa.js
sibautomation.com/
8 KB
3 KB
Script
General
Full URL
https://sibautomation.com/sa.js?key=yeqx8v2oi6wdoul4buy3an52
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
34bfb1c53f424622eaeb0088d84f3b25fbc4ecc69ed4c4f56cee6c686a1f1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
Sails <sailsjs.com>
x-xss-protection
1
x-sib-server
SENDINBLUE-web2-2
cf-bgj
minify
server
cloudflare
etag
W/"29a2-gRmwV3XPXh5L7NMphJcvqKdlvX8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-polished
origSize=10658
cf-ray
710fe3ae88a6692b-FRA
expires
Wed, 25 May 2022 21:11:17 GMT
result
www.candy.com/cdn-cgi/bm/cv/
0
296 B
XHR
General
Full URL
https://www.candy.com/cdn-cgi/bm/cv/result?req_id=710fe3aa1c319bb9
Requested by
Host: www.candy.com
URL: https://www.candy.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

Referer
https://www.candy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=7776000; includeSubDomains
server
cloudflare
cf-ray
710fe3ae88459bb9-FRA
date
Wed, 25 May 2022 17:11:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/365421231/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/365421231/?random=1653498677667&cv=9&fst=1653498677667&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.candy.com%2F&tiba=Candy%20-%20Digital%20Collectible%20Experience&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02b54231b25316a0a30919ba870ab8fff31cd766a0e542e6a574b6df4436bd42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1041
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp.gif
alb.reddit.com/
42 B
157 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1653498677674&id=t2_il64r9vx&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=2644c6a4-c228-436e-8237-da9ab78a2f78&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
137026378.js
bat.bing.com/p/action/
0
120 B
Script
General
Full URL
https://bat.bing.com/p/action/137026378.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BD06E893D0644B308579E534D76EFC79 Ref B: FRA31EDGE0206 Ref C: 2022-05-25T17:11:17Z
date
Wed, 25 May 2022 17:11:17 GMT
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
177 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=137026378&tm=gtm002&Ver=2&mid=5d3c7254-b459-429e-aca4-179171cd5dfb&sid=b0b38c40dc4d11ec844c2542acf49d88&vid=b0b3ac80dc4d11eca7cb6b2c34a59989&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Candy%20-%20Digital%20Collectible%20Experience&p=https%3A%2F%2Fwww.candy.com%2F&r=&lt=563&evt=pageLoad&msclkid=N&sv=1&rn=472960
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0F3FCD6F14D64B43B9779B50A39B8993 Ref B: FRA31EDGE0206 Ref C: 2022-05-25T17:11:17Z
date
Wed, 25 May 2022 17:11:17 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
392119065710477
connect.facebook.net/signals/config/
308 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/392119065710477?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
862f6956ae48a8127bbb390e38ad7eadc9000cd2bd0f7f4608cc4cf61a49c882
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
QGCfkT5nraszzmx31EQul8R80ANyby/R9uH0nuWUpy0W+hlPSq6dAPi1y8nDhM8SSeVg0Yu7pGe4Xpl6SOxrtw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 25 May 2022 17:11:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1653498677782
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=320087963089791&ev=PageView&dl=https%3A%2F%2Fwww.candy.com%2F&rl=&if=false&ts=1653498677709&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653498677708.670380086&it=1653498677303&coo=false&exp=p1&rqm=GET
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 25 May 2022 17:11:17 GMT
/
www.google.com/pagead/1p-user-list/365421231/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/365421231/?random=1653498677667&cv=9&fst=1653498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.candy.com%2F&tiba=Candy%20-%20Digital%20Collectible%20Experience&async=1&fmt=3&is_vtc=1&random=240603196&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/365421231/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/365421231/?random=1653498677667&cv=9&fst=1653498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.candy.com%2F&tiba=Candy%20-%20Digital%20Collectible%20Experience&async=1&fmt=3&is_vtc=1&random=240603196&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
k.clarity.ms/s/0.6.34/
53 KB
23 KB
Script
General
Full URL
https://k.clarity.ms/s/0.6.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8uxhxauvxh?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
br
etag
"1d86e81880f1354"
last-modified
Mon, 23 May 2022 08:46:02 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
cm.html
sibautomation.com/ Frame 4DEA
3 KB
2 KB
Document
General
Full URL
https://sibautomation.com/cm.html?key=yeqx8v2oi6wdoul4buy3an52
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=yeqx8v2oi6wdoul4buy3an52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
a1294321ab84a1eeb2fff393d927538cc411f3bcdf468a3e3369693321b00572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.candy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
27347
cache-control
public, max-age=7200
cf-apo-via
origin,host
cf-cache-status
HIT
cf-ray
710fe3b00b85692b-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 17:11:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 25 May 2022 19:11:17 GMT
last-modified
Wed, 25 May 2022 09:35:30 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Sails <sailsjs.com>
x-sib-server
SENDINBLUE-web2-2
x-xss-protection
1
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 4DEA
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=yeqx8v2oi6wdoul4buy3an52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://sibautomation.com/
Origin
https://sibautomation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
710fe3b06c039073-FRA
cm
in-automate.sendinblue.com/ Frame 4DEA
0
203 B
XHR
General
Full URL
https://in-automate.sendinblue.com/cm?uuid=706cc389-78fb-4e65-8833-d284a5ee5e9a&key=yeqx8v2oi6wdoul4buy3an52&cuid=5bdb7447-81be-482b-8556-f76c7711957c
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=yeqx8v2oi6wdoul4buy3an52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
710fe3b07a189c12-FRA
/
www.facebook.com/tr/ Frame 23B9
0
17 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.candy.com
Referer
https://www.candy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.candy.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 17:11:17 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/365421231/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/365421231/?random=1653498677840&cv=9&fst=1653498677840&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.candy.com%2F&tiba=Candy%20-%20Digital%20Collectible%20Experience&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3984e95eb3447c86c7478d7c043e2a1b1f3b197b159cb9e1ed58764151029ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1043
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/365421231/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/365421231/?random=1653498677840&cv=9&fst=1653498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.candy.com%2F&tiba=Candy%20-%20Digital%20Collectible%20Experience&async=1&fmt=3&is_vtc=1&random=1850470767&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/365421231/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/365421231/?random=1653498677840&cv=9&fst=1653498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.candy.com%2F&tiba=Candy%20-%20Digital%20Collectible%20Experience&async=1&fmt=3&is_vtc=1&random=1850470767&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.candy.com
URL: https://www.candy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
sibautomation.com/cdn-cgi/ Frame 4DEA
0
81 B
XHR
General
Full URL
https://sibautomation.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sibautomation.com/cm.html?key=yeqx8v2oi6wdoul4buy3an52
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
application/json

Response headers

date
Wed, 25 May 2022 17:11:18 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
710fe3b19e8f692b-FRA
x-frame-options
DENY
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=C7045BCBCC2441089743832E839ADA9C&RedC=c.clarity.ms&MXFR=2E602BE0EEAC6F0F1A153A4FEAAC6123
  • https://c.clarity.ms/c.gif?CtsSyncId=C7045BCBCC2441089743832E839ADA9C&MUID=045FA1CD91F960A5270DB06290726187
42 B
368 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=C7045BCBCC2441089743832E839ADA9C&MUID=045FA1CD91F960A5270DB06290726187
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:17 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C0A5EC88BD26467AAB053D72E5127279 Ref B: FRA31EDGE0206 Ref C: 2022-05-25T17:11:18Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=C7045BCBCC2441089743832E839ADA9C&MUID=045FA1CD91F960A5270DB06290726187
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
p
in-automate.sendinblue.com/
0
59 B
XHR
General
Full URL
https://in-automate.sendinblue.com/p?key=yeqx8v2oi6wdoul4buy3an52&cuid=5bdb7447-81be-482b-8556-f76c7711957c&ma_url=https%3A%2F%2Fwww.candy.com%2F&sib_type=page&ma_title=Candy%20-%20Digital%20Collectible%20Experience&sib_name=Candy%20-%20Digital%20Collectible%20Experience&ma_referrer=&ma_path=%2F
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=yeqx8v2oi6wdoul4buy3an52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
710fe3b2d8679c12-FRA
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=320087963089791&ev=Microdata&dl=https%3A%2F%2Fwww.candy.com%2F&rl=&if=false&ts=1653498678211&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Candy%20-%20Digital%20Collectible%20Experience%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Candy%20-%20Digital%20Collectible%20Experience%22%2C%22twitter%3Atitle%22%3A%22Candy%20-%20Digital%20Collectible%20Experience%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1653498677708.670380086&it=1653498677303&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 25 May 2022 17:11:18 GMT
collect
k.clarity.ms/
0
69 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: k.clarity.ms
URL: https://k.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.candy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://www.candy.com
date
Wed, 25 May 2022 17:11:17 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=392119065710477&ev=Microdata&dl=https%3A%2F%2Fwww.candy.com%2F&rl=&if=false&ts=1653498678340&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Candy%20-%20Digital%20Collectible%20Experience%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Candy%20-%20Digital%20Collectible%20Experience%22%2C%22twitter%3Atitle%22%3A%22Candy%20-%20Digital%20Collectible%20Experience%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1653498677708.670380086&it=1653498677303&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.candy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 25 May 2022 17:11:18 GMT
collect
analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8C9XEDS6Q6&gtm=2oe5n0&_p=2067093485&_z=ccd.NNB&cid=423647492.1653498677&ul=en-us&sr=1600x1200&sid=1653498677&sct=1&seg=0&dl=https%3A%2F%2Fwww.candy.com%2F&dt=Candy%20-%20Digital%20Collectible%20Experience&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C9XEDS6Q6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.candy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 May 2022 17:11:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.candy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| dataLayer function| fbq function| _fbq function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| regeneratorRuntime object| twttr function| twq object| a0_0x433e function| a0_0x3d7e function| objectFitPolyfill function| tram object| Webflow object| __CF$cv$params function| rdt function| clarity object| sib object| sendinblue function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| ueto_328c40bf94 object| uetq

19 Cookies

Domain/Path Name / Value
.candy.com/ Name: _ga
Value: GA1.1.423647492.1653498677
.candy.com/ Name: _gcl_au
Value: 1.1.553194605.1653498677
.candy.com/ Name: _ga_8C9XEDS6Q6
Value: GS1.1.1653498677.1.1.1653498677.60
.candy.com/ Name: __cf_bm
Value: 8OJD5oSTRZ8NSPdHaoCTOxWaEIAf2rLf0.yos5HnOsw-1653498677-0-AfUg3DP/ORTaY/e6nMLLe6LhgGWmOHga0ymKnnTl8r3DSCToSWOF5Zd0fZlPMYfmGe4XbORger219Seddx7So+BGZxgsKIEB2pgA7/NsHYuHc04bUJRFUtfMwm492chLtelIqWb/VdgeoqGRDS66nvartR7T9EB07zPmtv7GtJLx
.bing.com/ Name: MUID
Value: 045FA1CD91F960A5270DB06290726187
.candy.com/ Name: _rdt_uuid
Value: 1653498677673.2644c6a4-c228-436e-8237-da9ab78a2f78
.candy.com/ Name: _uetsid
Value: b0b38c40dc4d11ec844c2542acf49d88
.candy.com/ Name: _uetvid
Value: b0b3ac80dc4d11eca7cb6b2c34a59989
.candy.com/ Name: _fbp
Value: fb.1.1653498677708.670380086
www.clarity.ms/ Name: CLID
Value: 1aa69457f1e34ca5bd1b14b66525e947.20220525.20230525
.www.candy.com/ Name: sib_cuid
Value: 5bdb7447-81be-482b-8556-f76c7711957c
sibautomation.com/ Name: uuid
Value: 706cc389-78fb-4e65-8833-d284a5ee5e9a
.doubleclick.net/ Name: IDE
Value: AHWqTUlhg8WkryqgX__8T-qSAKcYynFJ9ZPAGGy9LHF5udDbNztb1Bb5posazcGx
.candy.com/ Name: _clck
Value: 1h0mkje|1|f1r|0
.c.bing.com/ Name: SRM_B
Value: 045FA1CD91F960A5270DB06290726187
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 045FA1CD91F960A5270DB06290726187
.c.clarity.ms/ Name: ANONCHK
Value: 0
.candy.com/ Name: _clsk
Value: q875q7|1653498678437|1|1|k.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7776000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alb.reddit.com
analytics.google.com
bat.bing.com
c.bing.com
c.clarity.ms
candy.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
googleads.g.doubleclick.net
in-automate.sendinblue.com
k.clarity.ms
platform.twitter.com
sibautomation.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
uploads-ssl.webflow.com
www.candy.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
108.156.253.220
151.101.129.140
199.232.136.157
20.96.88.162
216.58.212.130
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::ac40:996f
2606:4700:440e::6812:2fe6
2606:4700::6811:90c
2606:4700::6812:28c
2606:4700::6812:38c
2620:1ec:27::cafe:2193
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:400c:c1b::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::396
52.142.114.2
99.86.4.50
02aaa10e3e156c9a6fc61c9432b35bd321ffe9137c629e5761a193208fdcd94d
02b54231b25316a0a30919ba870ab8fff31cd766a0e542e6a574b6df4436bd42
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
157b6b323a71606c5d8aa8c23652b99174cf08b422956d74a14f380de0645531
1d88628eab6c7a83a636359de53478fdb807e90cb93587d9f1eb8353dd1b486a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
34bfb1c53f424622eaeb0088d84f3b25fbc4ecc69ed4c4f56cee6c686a1f1c61
3984e95eb3447c86c7478d7c043e2a1b1f3b197b159cb9e1ed58764151029ef3
420b79f517378529d6fd66f5b675f1cb4ed1b6485fb6db724f1978cf32d935a6
43088a5de64055681c19e5f5dbac5b973a5e2d1f7e42c499498c93f0ade405d4
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4ce5bd3ec01d993698e8a1145a9207897da64141738ee27c5162055e3c742fff
53f74ebc882fda149038d2fd3c1f3334c9b74cc64306d41bbb11428abb8d2e01
5bfa7d06ef9c9dc7b4278b36fe04d2720319b5bf8a0980c995b3c39e56f0a6df
5db68f350d820f6c40b4b0c200d8362355fde17b7f50a092a7f0d23b58e8f9cd
74f847cf9b521cb68a3316d59b6f6872f8fc4a438c6380ab185528f5ab0d40f7
7871c796bcef75c2e8b4fd075dd5534a1f69b2fa6134e49bb37916146cfa1f36
7acd4b40bc76dcf5d758cffa0c4d591d47d83a41c56b528179cde68241edb640
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
862f6956ae48a8127bbb390e38ad7eadc9000cd2bd0f7f4608cc4cf61a49c882
875f5a192d96d3fed764890b7a7909326f761a37f6d34c6820ac43f06aac2778
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8b85e2360d0a696ffdde9669b7e536d3f20915228cce93c053cecf28b7bc57f9
9149f75e85631e7503fdf27ae114802ea371bc5908e27a24403639c7b1145a06
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d0ca1a12fa8e841086de037b218093ef7e76969b53237d3b95f19f405142fbb
a1294321ab84a1eeb2fff393d927538cc411f3bcdf468a3e3369693321b00572
ab991e8814ea0ceead8b448e4dc03e4a9310af3361ef52d50b739158bea6f19f
b188e88336543465584798d5efb4131edad374da35d65fc16fa98280d7943995
b2f18bbfcf4219996c8d0eee86517a711a006f0a9ecabe337bfe8fd40058d46b
c92cc95156747236d95bc509bf7c292d9341ab0f702306ef30d679b7a62d3c44
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cf71dc86f5a439083e980e6571bd71c09ce58e6e0dc355f5f407a453411d8d12
d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a
d3f03033718c9f5955906525e85a503bfbd78c04352b294533594104d23bec9b
d4acd1a90984282531994fee8542e25cc1de087d47fd583726a0b256fc43eea7
d64ec7489e5f74d23d7e4f13289926fb251f3d59eb2852c0bc9b5b14dc9abeec
e38c3a21fdbc3f80d949ea39c81dd0dad7783bda57d3835fd0592fb083033430
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505