candybox.live Open in urlscan Pro
2606:4700:3032::6815:4f6c  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://candybox.live/ Page URL
2. https://candybox.live/?m=0 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response candybox.live/	21 KB 7 KB	240ms 136ms	Document text/html	2606:4700:3032::6815:4f6c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4f6c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92798c923e1425d84bf32e4214d251db779bf7b7b446f11ee064c364262c7155 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e101f335c7e8c12-EWR content-encoding br content-type text/html date Mon, 03 Jul 2023 15:22:04 GMT last-modified Wed, 28 Jun 2023 19:43:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgEaRNbqqcmue8sWlG%2BB08ZvtchVkulLRm4Z0TygXHzOrOcNOsf1Y0f8s3Crp3okOAaqfkKklBYP4baYaKfdO%2BE1035Bsshs0HCl38pgP%2FOzZKlaHI%2FbcI%2B8i%2FWr3rDyOZCPpPfDGtbqbvY6"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/	152 KB 25 KB	104ms 29ms	Stylesheet text/css	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css Requested by Host: candybox.live URL: https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 03 Jul 2023 15:22:05 GMT x-content-type-options nosniff content-encoding br age 1920966 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 25360 x-served-by cache-fra-eddf8230097-FRA, cache-ewr18126-EWR x-jsd-version-type version etag W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	css2 fonts.googleapis.com/	2 KB 1 KB	101ms 38ms	Stylesheet text/css	2607:f8b0:4006:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Nunito+Sans&display=swap Requested by Host: candybox.live URL: https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0de55ef45e68d388ee8a7d1f1bb9f22c29d737f0222385e4986f98f7c5c228b7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 03 Jul 2023 15:22:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 03 Jul 2023 15:07:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 03 Jul 2023 15:22:05 GMT
GET H2	200	aaca8de.js d26h1wdc757l2w.cloudfront.net/	24 KB 7 KB	337ms 233ms	Script application/javascript	2600:9000:24f1:ea00:f:b481:de00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26h1wdc757l2w.cloudfront.net/aaca8de.js Requested by Host: candybox.live URL: https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f1:ea00:f:b481:de00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:21:49 GMT content-encoding br via 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront) last-modified Tue, 27 Jun 2023 13:23:05 GMT server AmazonS3 x-amz-cf-pop JFK50-P4 age 22 etag W/"07ace30cbd77eb9d6e74843abfd10980" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id F7jGX6JIeVDRJtcqGgDlK5ocEuWpeSlQCpPmjI-Q84w0F_YLgwVyTg==
GET		81wClHb0rsL._SL1435_.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWHwj-vWhXYamB8iriDvIn9bjWFYnOIO-0FFscS9P2EbPFsuqp7gqMcMgS9Zs4XtOnG_NByCE7k42rdVRHA5RrFG0UJ0G0YsWP0WI174zuUeUkdsznnihm3_4o6Knnb-2mY0pphtmDxSjaQ0Hn...	0 0
GET H2	200	Loteria-Candy-Co-Mexican-Candy-Box-1_9230bc14-bdd0-4a60-ba4e-cafcc4eb5769_1024x1024.jpg cdn.shopify.com/s/files/1/0017/4148/8194/products/	225 KB 226 KB	270ms 37ms	Image image/webp	23.227.60.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/0017/4148/8194/products/Loteria-Candy-Co-Mexican-Candy-Box-1_9230bc14-bdd0-4a60-ba4e-cafcc4eb5769_1024x1024.jpg?v=1619551785 Requested by Host: candybox.live URL: https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS cdn.shopify.com Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:05 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,gcp-us-central1 age 842365 source-type image/jpeg server-timing imagery;dur=961.607, imageryFetch;dur=108.201, imageryProcess;dur=849.552;desc="image", cfRequestDuration;dur=16.999960 source-length 1717958 content-length 230230 x-xss-protection 1; mode=block x-request-id 197db4cc-0443-49b5-8a1a-dfa7645bdb2e alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 20:49:42 GMT server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fX0kfN3DtbFn6fjH54xSbJCxwuJsKsXxtB%2BlqzhEa2kst4qK0emrTMOJF9xp%2Bs2uC076VmtuQ%2B7aj7feNgnCnRhONHhXPO1%2FH3vDAnBaeGfT9%2FbT9AXkS72%2Bly%2Bdsuj9%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0017/4148/8194/products/Loteria-Candy-Co-Mexican-Candy-Box-1_9230bc14-bdd0-4a60-ba4e-cafcc4eb5769_1024x1024.jpg>; rel="canonical" cf-ray 7e101f38889539d7-YYZ
GET		91MFMoXyFrL._SL1500_.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-vcsZvD35H84k7cLysD-u7kFj5zZFWqVW2GUsSu_oPbAgaugpweQhQbQt4gWMbhj8BW8PU3DuR-MI4Toqp5DpEJA9nw8ryvtBK_yvsRxd5DB8O6J5Xv_IKbHFGHJp8HKUZtuTDrznRRbUyLqg...	0 0
GET		DSCN1350__03720.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi552QTVB_tuCzX_OS96GybWZi7DKHLI7mUEYvt2gWpu7mJE8nknX-GlINSjjewgQiu3XiipxpqA68u5poLYXImYwAFwYP2jAejvDlqeknnBOPwnyukb9QMPlIeE1z4kqh--8we1WSrjVjR8HCG...	0 0
GET		s-l1600.jpg i.ebayimg.com/images/g/dkUAAOSwFLBip2fB/	0 0
GET H2	200	my_mexican_candy_top_chocolate_candy_mix_box_52_pieces_pack__34745.1675098460.png cdn11.bigcommerce.com/s-k2eyh8/images/stencil/1280x1280/products/667/2351/	308 KB 309 KB	258ms 34ms	Image image/webp	63.141.128.3 BIGCOMMERCE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn11.bigcommerce.com/s-k2eyh8/images/stencil/1280x1280/products/667/2351/my_mexican_candy_top_chocolate_candy_mix_box_52_pieces_pack__34745.1675098460.png?c=2 Requested by Host: candybox.live URL: https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:05 GMT x-bc-is-ha 1 cf-cache-status HIT x-bc-origin-cache MISS bc-ray 1 age 7690171 cf-polished origFmt=png, origSize=354932 content-disposition inline; filename="my_mexican_candy_top_chocolate_candy_mix_box_52_pieces_pack__34745.webp" alt-svc h3=":443"; ma=86400 content-length 315644 x-request-id 4d6c03127950d5b42f67fea89bd92678 cf-bgj imgq:100,h2pri last-modified Wed, 08 Mar 2023 01:53:52 GMT server cloudflare vary Accept access-control-max-age 604800 content-type image/webp access-control-allow-origin * cache-control max-age=31556926, public accept-ranges bytes cf-ray 7e101f389c34d14f-BUF expires Thu, 07 Mar 2024 07:42:38 GMT
GET		61qInBExmnL%20%281%29.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEili1Iw2iYnzc3ay46YndGnv2Hr-v7ihuJPjk5T3j2tI8b2qt9yPYXmOgnRfiI0Q0uJh3v-2iizG3wauayLk4f5zNZ_C-zAeD3iUOE-Liiv3CqO3hxb1ex_mtcS3w7sbI0BDoh_6WMXW7SG32iB...	0 0
GET		s-l1600.jpg i.ebayimg.com/images/g/FK8AAOSwakpiqykq/	0 0
GET H2	200	jquery.min.js cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/	88 KB 28 KB	114ms 39ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/jquery.min.js Requested by Host: candybox.live URL: https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 4706421 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 28035 last-modified Wed, 08 Mar 2023 16:05:42 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "6408b256-6d83" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHoB6kDSpOEijWzWW6G97Zq5p5%2FunCn9X0Nlr9x9VxcrNKHDnYVXZ7BwilxXhZTomTbSoUiIZqWzGoj34ot5WAux27%2B48ke7MJ6YJWIonAytuyrjOcnvYKEgB2keJujUF0Eu0J%2Bvb%2BYG0yuK96%2Bernk%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7e101f362c02d14f-BUF expires Sat, 22 Jun 2024 15:22:05 GMT
GET H2	200	popper.min.js cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/	18 KB 7 KB	32ms 31ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/popper.min.js Requested by Host: candybox.live URL: https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 03 Jul 2023 15:22:05 GMT x-content-type-options nosniff content-encoding br age 9512541 x-jsd-version 2.9.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 6930 x-served-by cache-fra-eddf8230074-FRA, cache-ewr18126-EWR x-jsd-version-type version etag W/"48a2-jut79x6Kl4uCoaGYAV8U1z0upZI" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap.min.js cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/	59 KB 17 KB	34ms 33ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.min.js Requested by Host: candybox.live URL: https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 03 Jul 2023 15:22:05 GMT x-content-type-options nosniff content-encoding br age 6600707 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 17261 x-served-by cache-fra-eddf8230043-FRA, cache-ewr18126-EWR x-jsd-version-type version etag W/"eab9-PwlPAQv7DAIqUbYneNQ2HRytP9Y" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET		html.3680685.535e7.0.js d3g64oftvxu9se.cloudfront.net/public/external/v2/	0 0
GET		css_front.css d3g64oftvxu9se.cloudfront.net/public/external/	0 0
GET H2	200	pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2 fonts.gstatic.com/s/nunitosans/v15/	14 KB 14 KB	222ms 27ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Nunito+Sans&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 19:40:29 GMT x-content-type-options nosniff age 157296 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13860 x-xss-protection 0 last-modified Thu, 27 Apr 2023 00:20:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 19:40:29 GMT
GET H2	200	Primary Request / Show response candybox.live/	21 KB 7 KB	124ms 123ms	Document text/html	2606:4700:3032::6815:4f6c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://candybox.live/?m=0 Requested by Host: candybox.live URL: https://candybox.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4f6c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73c3dc8b5c22921d4a157e0b9333bc90840dc838995fc483ac2e41d42bad4c81 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e101f38792c8c12-EWR content-encoding br content-type text/html date Mon, 03 Jul 2023 15:22:05 GMT last-modified Wed, 28 Jun 2023 19:43:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umkXzqIhGaS7zWLuK2A%2F%2B5s6J7RR18ldylT91quSKzHv9KsYk87ovYcGj2HCW3sXor9FqyhvKJT6AJnVsDdGhwaZgFngnw6nj1BvgwyXMwT0flcJC6Qk7%2BUmKraeP2jOMZM1IA8LBQIvkAe9"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/	152 KB 25 KB	33ms 32ms	Stylesheet text/css	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 03 Jul 2023 15:22:05 GMT x-content-type-options nosniff content-encoding br age 1920968 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 25360 x-served-by cache-fra-eddf8230097-FRA, cache-nyc-kteb1890028-NYC x-jsd-version-type version etag W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	css2 fonts.googleapis.com/	2 KB 714 B	44ms 42ms	Stylesheet text/css	2607:f8b0:4006:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Nunito+Sans&display=swap Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0de55ef45e68d388ee8a7d1f1bb9f22c29d737f0222385e4986f98f7c5c228b7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 03 Jul 2023 15:22:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 03 Jul 2023 15:20:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 03 Jul 2023 15:22:05 GMT
GET H2	200	aaca8de.js Show response d26h1wdc757l2w.cloudfront.net/	24 KB 7 KB	184ms 183ms	Script application/javascript	2600:9000:24f1:ea00:f:b481:de00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26h1wdc757l2w.cloudfront.net/aaca8de.js Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f1:ea00:f:b481:de00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:21:49 GMT content-encoding br via 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront) last-modified Tue, 27 Jun 2023 13:23:05 GMT server AmazonS3 x-amz-cf-pop JFK50-P4 age 22 etag W/"07ace30cbd77eb9d6e74843abfd10980" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id d7qcjs7VzWUbberzd_BuxYIRjwjjGKa132xjkoVpbPhUY5qwItpdbA==
GET H2	200	81wClHb0rsL._SL1435_.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWHwj-vWhXYamB8iriDvIn9bjWFYnOIO-0FFscS9P2EbPFsuqp7gqMcMgS9Zs4XtOnG_NByCE7k42rdVRHA5RrFG0UJ0G0YsWP0WI174zuUeUkdsznnihm3_4o6Knnb-2mY0pphtmDxSjaQ0Hn...	362 KB 363 KB	196ms 196ms	Image image/jpeg	2607:f8b0:4006:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWHwj-vWhXYamB8iriDvIn9bjWFYnOIO-0FFscS9P2EbPFsuqp7gqMcMgS9Zs4XtOnG_NByCE7k42rdVRHA5RrFG0UJ0G0YsWP0WI174zuUeUkdsznnihm3_4o6Knnb-2mY0pphtmDxSjaQ0HnDQ9JmlCB3BgTzOHJCyRVU7f85V7_uFexbfqIQuPv/s1600/81wClHb0rsL._SL1435_.jpg Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash c48648baf9a734d93e7b2182774eb0d1edcb1ef1fd69af8b9bfaa89a33a11e18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:06 GMT x-content-type-options nosniff server fife etag "v33" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="81wClHb0rsL._SL1435_.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 370939 x-xss-protection 0 expires Tue, 04 Jul 2023 15:22:06 GMT
GET H2	200	Loteria-Candy-Co-Mexican-Candy-Box-1_9230bc14-bdd0-4a60-ba4e-cafcc4eb5769_1024x1024.jpg cdn.shopify.com/s/files/1/0017/4148/8194/products/	225 KB 225 KB	35ms 31ms	Image image/webp	23.227.60.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/0017/4148/8194/products/Loteria-Candy-Co-Mexican-Candy-Box-1_9230bc14-bdd0-4a60-ba4e-cafcc4eb5769_1024x1024.jpg?v=1619551785 Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS cdn.shopify.com Software cloudflare / Resource Hash 23dbb83223f7c2c004423cf3a53ef1859b0df90ede94e2c7f70c12a68d14d9e0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:05 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,gcp-us-central1 age 842365 source-type image/jpeg server-timing imagery;dur=961.607, imageryFetch;dur=108.201, imageryProcess;dur=849.552;desc="image", cfRequestDuration;dur=9.000063 source-length 1717958 content-length 230230 x-xss-protection 1; mode=block x-request-id 197db4cc-0443-49b5-8a1a-dfa7645bdb2e alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 20:49:42 GMT server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftoqSJGKE9usEO3Gs09eaEwDdVFukbjRzCSQCnhTKPNhQwyfx0iAaLplnxf%2F%2BwCFHWF5aAlJrLXEKitglAPhYkZMGaa0OssuIpuwVPyty3Mc%2FdeCbl7T8ckFQHNQVsU6sg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0017/4148/8194/products/Loteria-Candy-Co-Mexican-Candy-Box-1_9230bc14-bdd0-4a60-ba4e-cafcc4eb5769_1024x1024.jpg>; rel="canonical" cf-ray 7e101f3abba339d7-YYZ
GET H2	200	91MFMoXyFrL._SL1500_.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-vcsZvD35H84k7cLysD-u7kFj5zZFWqVW2GUsSu_oPbAgaugpweQhQbQt4gWMbhj8BW8PU3DuR-MI4Toqp5DpEJA9nw8ryvtBK_yvsRxd5DB8O6J5Xv_IKbHFGHJp8HKUZtuTDrznRRbUyLqg...	398 KB 398 KB	302ms 299ms	Image image/jpeg	2607:f8b0:4006:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-vcsZvD35H84k7cLysD-u7kFj5zZFWqVW2GUsSu_oPbAgaugpweQhQbQt4gWMbhj8BW8PU3DuR-MI4Toqp5DpEJA9nw8ryvtBK_yvsRxd5DB8O6J5Xv_IKbHFGHJp8HKUZtuTDrznRRbUyLqgwXmR8pEyCAFEwhEC7sz4fLEXCGkB0kVj_c_jYtec/s1600/91MFMoXyFrL._SL1500_.jpg Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e3b4efa1175644f2cdabd7ac61a579636ff7be1ea1bf7c51dcc5815d0493f039 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:06 GMT x-content-type-options nosniff server fife etag "v3d" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="91MFMoXyFrL._SL1500_.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 407306 x-xss-protection 0 expires Tue, 04 Jul 2023 15:22:06 GMT
GET H2	200	DSCN1350__03720.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi552QTVB_tuCzX_OS96GybWZi7DKHLI7mUEYvt2gWpu7mJE8nknX-GlINSjjewgQiu3XiipxpqA68u5poLYXImYwAFwYP2jAejvDlqeknnBOPwnyukb9QMPlIeE1z4kqh--8we1WSrjVjR8HCG...	666 KB 667 KB	285ms 282ms	Image image/jpeg	2607:f8b0:4006:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi552QTVB_tuCzX_OS96GybWZi7DKHLI7mUEYvt2gWpu7mJE8nknX-GlINSjjewgQiu3XiipxpqA68u5poLYXImYwAFwYP2jAejvDlqeknnBOPwnyukb9QMPlIeE1z4kqh--8we1WSrjVjR8HCGxz31hV5HeQvVicMwPScmpTsxAyBchYh2s70gTos6/s1600/DSCN1350__03720.jpg Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 07d58b0d456e34224a117d8ea400d34dc97d8e0c0ff5dc759b8bf4405aa74c3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:06 GMT x-content-type-options nosniff server fife etag "v25" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="DSCN1350__03720.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 682155 x-xss-protection 0 expires Tue, 04 Jul 2023 15:22:06 GMT
GET H2	200	s-l1600.jpg i.ebayimg.com/images/g/dkUAAOSwFLBip2fB/	190 KB 191 KB	111ms 108ms	Image image/jpeg	2600:141b:5000:5a3::24d4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ebayimg.com/images/g/dkUAAOSwFLBip2fB/s-l1600.jpg Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:141b:5000:5a3::24d4 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software ebay-proxy-server / Resource Hash b8efb9aa8c13b75c4ea07733f30484ee6761fca949b4f02dfabedfdd4357c01e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:05 GMT strict-transport-security max-age=31536000 x-cdn AKAMAI x-ebay-pop-id UFES2-EWR-zoe-anycast akamai-grn , 0.c7be1cb8.1688397725.a7167982 x-envoy-upstream-service-time 71 x-ebay-c-version 1.0.0 content-length 194844 last-modified Mon, 13 Jun 2022 16:37:20 GMT server ebay-proxy-server x-edgeconnect-cache-status 1 content-type image/jpeg access-control-allow-origin * cache-control public,max-age=31536000,immutable rlogid t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*i0dc1%28rbpv6775-18709ed3142-0x135 expires Thu, 21 Mar 2024 15:25:52 GMT
GET H2	200	my_mexican_candy_top_chocolate_candy_mix_box_52_pieces_pack__34745.1675098460.png cdn11.bigcommerce.com/s-k2eyh8/images/stencil/1280x1280/products/667/2351/	308 KB 309 KB	36ms 33ms	Image image/webp	63.141.128.3 BIGCOMMERCE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn11.bigcommerce.com/s-k2eyh8/images/stencil/1280x1280/products/667/2351/my_mexican_candy_top_chocolate_candy_mix_box_52_pieces_pack__34745.1675098460.png?c=2 Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US), Reverse DNS Software cloudflare / Resource Hash 81d9c985ac8cc420cd1ccee4cd9bbd2bd28b0c42d3bff6c783eee03d2896a8b2 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:05 GMT x-bc-is-ha 1 cf-cache-status HIT x-bc-origin-cache MISS bc-ray 1 age 7690171 cf-polished origFmt=png, origSize=354932 content-disposition inline; filename="my_mexican_candy_top_chocolate_candy_mix_box_52_pieces_pack__34745.webp" alt-svc h3=":443"; ma=86400 content-length 315644 x-request-id 4d6c03127950d5b42f67fea89bd92678 cf-bgj imgq:100,h2pri last-modified Wed, 08 Mar 2023 01:53:52 GMT server cloudflare vary Accept access-control-max-age 604800 content-type image/webp access-control-allow-origin * cache-control max-age=31556926, public accept-ranges bytes cf-ray 7e101f3abc46d14f-BUF expires Thu, 07 Mar 2024 07:42:38 GMT
GET H2	200	61qInBExmnL%20%281%29.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEili1Iw2iYnzc3ay46YndGnv2Hr-v7ihuJPjk5T3j2tI8b2qt9yPYXmOgnRfiI0Q0uJh3v-2iizG3wauayLk4f5zNZ_C-zAeD3iUOE-Liiv3CqO3hxb1ex_mtcS3w7sbI0BDoh_6WMXW7SG32iB...	118 KB 118 KB	299ms 296ms	Image image/jpeg	2607:f8b0:4006:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEili1Iw2iYnzc3ay46YndGnv2Hr-v7ihuJPjk5T3j2tI8b2qt9yPYXmOgnRfiI0Q0uJh3v-2iizG3wauayLk4f5zNZ_C-zAeD3iUOE-Liiv3CqO3hxb1ex_mtcS3w7sbI0BDoh_6WMXW7SG32iBq5CFEvpA47jz62gZ3UoAebi1vvoz1xJtbJYMJJuC/s1600/61qInBExmnL%20%281%29.jpg Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 2519ce0c968caf1f7eb5ad7ea7357004093700e14093e770220bc5182e7126d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:06 GMT x-content-type-options nosniff server fife etag "v47" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="61qInBExmnL (1).jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120508 x-xss-protection 0 expires Tue, 04 Jul 2023 15:22:06 GMT
GET H2	200	s-l1600.jpg i.ebayimg.com/images/g/FK8AAOSwakpiqykq/	200 KB 200 KB	37ms 35ms	Image image/jpeg	2600:141b:5000:5a3::24d4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ebayimg.com/images/g/FK8AAOSwakpiqykq/s-l1600.jpg Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:141b:5000:5a3::24d4 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software ebay-proxy-server / Resource Hash 5e7d31d704c000380c2b20ca6c37e2cc9536f1c0467953c3f99acece864c13de Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:05 GMT strict-transport-security max-age=31536000 x-cdn AKAMAI x-ebay-pop-id UFES2-EWR-zoe-anycast akamai-grn , , 0.c7be1cb8.1688397725.a7167983 x-envoy-upstream-service-time 52 x-ebay-c-version 1.0.0 content-length 204659 last-modified Thu, 16 Jun 2022 12:59:22 GMT server ebay-proxy-server x-edgeconnect-cache-status 1 content-type image/jpeg access-control-allow-origin * cache-control public,max-age=31536000,immutable rlogid t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*dgtm5%28rbpv6612-1848310281c-0x112 expires Fri, 17 Nov 2023 00:49:45 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/	88 KB 28 KB	39ms 39ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/jquery.min.js Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 4706421 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 28035 last-modified Wed, 08 Mar 2023 16:05:42 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "6408b256-6d83" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4%2BLVsjNuGqIlkh%2FgFlgvpC9o%2F4bKNHsdvRDiBzo1E1oVbzCJNx07aMzfbeRDvz%2FbZeOBB6gm8FpNzRsLgvxUNVoHJXKQ2FTKogGia%2BgjBhCJjZnq7o%2FMZSQs930H6rqbsw2LMwtF72F6%2BP5y9ADkx7B"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7e101f39dc3cd14f-BUF expires Sat, 22 Jun 2024 15:22:05 GMT
GET H3	200	popper.min.js Show response cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/	18 KB 7 KB	30ms 29ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/popper.min.js Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 03 Jul 2023 15:22:05 GMT x-content-type-options nosniff content-encoding br age 5935403 x-jsd-version 2.9.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 6930 x-served-by cache-fra-eddf8230074-FRA, cache-nyc-kteb1890028-NYC x-jsd-version-type version etag W/"48a2-jut79x6Kl4uCoaGYAV8U1z0upZI" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	bootstrap.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/	59 KB 17 KB	31ms 30ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.min.js Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 03 Jul 2023 15:22:05 GMT x-content-type-options nosniff content-encoding br age 6600708 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 17261 x-served-by cache-fra-eddf8230043-FRA, cache-nyc-kteb1890028-NYC x-jsd-version-type version etag W/"eab9-PwlPAQv7DAIqUbYneNQ2HRytP9Y" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	html.3680685.535e7.0.js Show response d3g64oftvxu9se.cloudfront.net/public/external/v2/	14 KB 14 KB	195ms 193ms	Script application/javascript	2600:9000:23ca:f000:1d:33ee:8380:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3g64oftvxu9se.cloudfront.net/public/external/v2/html.3680685.535e7.0.js Requested by Host: d26h1wdc757l2w.cloudfront.net URL: https://d26h1wdc757l2w.cloudfront.net/aaca8de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:f000:1d:33ee:8380:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 07350c98edacfd11fec0f096e9cd653515a7b83b60c21a720b8f9b9e687124b1 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:06 GMT via 1.1 d3041c3025b9205db460853b5b9626bc.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P2 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id z1XVwh5JQ4HZKDtj28WdpsnUWN48RJtdrSHzB_UTG0wqCVTQNeZ6Bw==
GET H2	200	css_front.css d3g64oftvxu9se.cloudfront.net/public/external/	6 KB 7 KB	190ms 186ms	Stylesheet text/css	2600:9000:23ca:f000:1d:33ee:8380:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3g64oftvxu9se.cloudfront.net/public/external/css_front.css Requested by Host: d26h1wdc757l2w.cloudfront.net URL: https://d26h1wdc757l2w.cloudfront.net/aaca8de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:f000:1d:33ee:8380:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:05 GMT via 1.1 d3041c3025b9205db460853b5b9626bc.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P2 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id GMAbl6agCuIjTQhY3yLJc5kBdpkXwEc67PPjvgQqFUzYm5GR2D6r2Q==
GET H2	200	pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2 fonts.gstatic.com/s/nunitosans/v15/	14 KB 14 KB	32ms 31ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Nunito+Sans&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 38a3a7b587a96ccb845942e710e2f7063a11406ecd054e98772160e2e49a77ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://candybox.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 19:40:29 GMT x-content-type-options nosniff age 157296 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13860 x-xss-protection 0 last-modified Thu, 27 Apr 2023 00:20:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 19:40:29 GMT
GET H3	200	s.js Show response candybox.live/cdn-cgi/zaraz/	6 KB 3 KB	42ms 41ms	Script text/javascript	2606:4700:3032::6815:4f6c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://candybox.live/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQ0FORFklMjBTSE9QJTIyJTJDJTIyeCUyMiUzQTAuMzEyNDk3NDA3NTM0NjU0MDUlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhbmR5Ym94LmxpdmUlMkYlM0ZtJTNEMCUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyd2luZG93cy0xMjUyJTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE Requested by Host: candybox.live URL: https://candybox.live/?m=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:4f6c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17ee9a2ced80c91d77ff2a7aae18be3cea88557632351e0a7678cfa08ed26e11 Request headers accept-language en-US,en;q=0.9 Referer https://candybox.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:06 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-max-age 600 vary Origin, Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://candybox.live report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQkl5hFRMrEfEnMtG3YTGOYLUUWOG3NolOtCarsVvZwIClJw%2BlL9eoaDpuWY7gQJtspORm3EJwe9Zr2U%2B0eXNQM6Z3VdOV5eq1XQmHTGewAI%2FDhwNXPKDG%2F6XZDbdlnfvq5CbyrUCd66jk80"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-credentials true cf-ray 7e101f3c6fe3434a-EWR access-control-allow-headers Content-Type, Set-Cookie, Cache-Control alt-svc h3=":443"; ma=86400
GET H2	200	css.css d3g64oftvxu9se.cloudfront.net/public/clockers/CustomButton/	1010 B 1 KB	195ms 193ms	Stylesheet text/css	2600:9000:23ca:f000:1d:33ee:8380:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3g64oftvxu9se.cloudfront.net/public/clockers/CustomButton/css.css Requested by Host: d26h1wdc757l2w.cloudfront.net URL: https://d26h1wdc757l2w.cloudfront.net/aaca8de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:f000:1d:33ee:8380:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:06 GMT via 1.1 d3041c3025b9205db460853b5b9626bc.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P2 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id LRLQAhxGtGmUnTpOw2NbneXiD5V2uQ07fDAY9EjkwnFx8bpp5Qj2gA==
GET H2	200	guid Show response d3g64oftvxu9se.cloudfront.net/public/	0 278 B	108ms 107ms	Script text/html	2600:9000:23ca:f000:1d:33ee:8380:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3g64oftvxu9se.cloudfront.net/public/guid?cpguid=qwywlpli4&e=ll&t=1688397726864 Requested by Host: d26h1wdc757l2w.cloudfront.net URL: https://d26h1wdc757l2w.cloudfront.net/aaca8de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:f000:1d:33ee:8380:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:06 GMT via 1.1 d3041c3025b9205db460853b5b9626bc.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P2 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id jMeaV0YkydSSS0lO0cm__rDlS9DmyHzgJhzqCwyKC5pn5lQjWRj3HQ==
GET H2	200	check.php Show response d3g64oftvxu9se.cloudfront.net/public/external/	78 B 372 B	190ms 189ms	Script application/javascript	2600:9000:23ca:f000:1d:33ee:8380:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3g64oftvxu9se.cloudfront.net/public/external/check.php?it=3680685&time=1688397728259 Requested by Host: d26h1wdc757l2w.cloudfront.net URL: https://d26h1wdc757l2w.cloudfront.net/aaca8de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:f000:1d:33ee:8380:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 15:22:08 GMT via 1.1 d3041c3025b9205db460853b5b9626bc.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop JFK50-P2 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id qTtGLh-hE0gRCZ0hFQAJTDulrrlZIFbR0SJ9neAc1qEsRfvU6azO8Q==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

blogger.googleusercontent.com

URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWHwj-vWhXYamB8iriDvIn9bjWFYnOIO-0FFscS9P2EbPFsuqp7gqMcMgS9Zs4XtOnG_NByCE7k42rdVRHA5RrFG0UJ0G0YsWP0WI174zuUeUkdsznnihm3_4o6Knnb-2mY0pphtmDxSjaQ0HnDQ9JmlCB3BgTzOHJCyRVU7f85V7_uFexbfqIQuPv/s1600/81wClHb0rsL._SL1435_.jpg

Domain

blogger.googleusercontent.com

URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-vcsZvD35H84k7cLysD-u7kFj5zZFWqVW2GUsSu_oPbAgaugpweQhQbQt4gWMbhj8BW8PU3DuR-MI4Toqp5DpEJA9nw8ryvtBK_yvsRxd5DB8O6J5Xv_IKbHFGHJp8HKUZtuTDrznRRbUyLqgwXmR8pEyCAFEwhEC7sz4fLEXCGkB0kVj_c_jYtec/s1600/91MFMoXyFrL._SL1500_.jpg

Domain

blogger.googleusercontent.com

URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi552QTVB_tuCzX_OS96GybWZi7DKHLI7mUEYvt2gWpu7mJE8nknX-GlINSjjewgQiu3XiipxpqA68u5poLYXImYwAFwYP2jAejvDlqeknnBOPwnyukb9QMPlIeE1z4kqh--8we1WSrjVjR8HCGxz31hV5HeQvVicMwPScmpTsxAyBchYh2s70gTos6/s1600/DSCN1350__03720.jpg

Domain

i.ebayimg.com

URL

https://i.ebayimg.com/images/g/dkUAAOSwFLBip2fB/s-l1600.jpg

Domain

blogger.googleusercontent.com

URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEili1Iw2iYnzc3ay46YndGnv2Hr-v7ihuJPjk5T3j2tI8b2qt9yPYXmOgnRfiI0Q0uJh3v-2iizG3wauayLk4f5zNZ_C-zAeD3iUOE-Liiv3CqO3hxb1ex_mtcS3w7sbI0BDoh_6WMXW7SG32iBq5CFEvpA47jz62gZ3UoAebi1vvoz1xJtbJYMJJuC/s1600/61qInBExmnL%20%281%29.jpg

Domain

i.ebayimg.com

URL

https://i.ebayimg.com/images/g/FK8AAOSwakpiqykq/s-l1600.jpg

Domain

d3g64oftvxu9se.cloudfront.net

URL

https://d3g64oftvxu9se.cloudfront.net/public/external/v2/html.3680685.535e7.0.js

Domain

d3g64oftvxu9se.cloudfront.net

URL

https://d3g64oftvxu9se.cloudfront.net/public/external/css_front.css

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| zarazData object| zaraz function| disableSelection function| $ function| jQuery object| Popper number| uidEvent object| bootstrap object| nameArr object| phoneArr object| endDate function| countdown string| uri undefined| clean_uri function| defer function| deferscript object| dataLayer

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			candybox.live/	1970-01-20 13:14:21	Name: _cpguid Value: qwywlpli4
			.cdn.shopify.com/	1970-01-20 12:59:59	Name: __cf_bm Value: WM8rv8yl51ucOAHqvDG3IhUzuQ9DU8Lyj2H_gdl7td0-1688397725-0-Ad8lCnqvrAzOC9yh5fjPZrW+EuI5prs1aALwx88h0Z+IS2sWbgqu+5UXb1O+iEXSRznjumZEKlgYfVmYgjiTakU=
			.candybox.live/	1970-01-20 22:35:57	Name: google-analytics_v4_VhiK__engagementStart Value: 1688397726150
			.candybox.live/	1970-01-20 22:35:57	Name: google-analytics_v4_VhiK__counter Value: 1
			.candybox.live/	1970-01-20 12:59:59	Name: google-analytics_v4_VhiK__ga4sid Value: 1308562461
			.candybox.live/	1970-01-20 22:35:57	Name: google-analytics_v4_VhiK__session_counter Value: 1
			.candybox.live/	1970-01-20 22:35:57	Name: google-analytics_v4_VhiK__ga4 Value: ac8b49c6-f32a-40f1-a0a7-eaaf8a6985e5
			.candybox.live/	1970-01-20 22:35:57	Name: google-analytics_v4_VhiK__let Value: 1688397726150

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
candybox.live
cdn.jsdelivr.net
cdn.shopify.com
cdn11.bigcommerce.com
cdnjs.cloudflare.com
d26h1wdc757l2w.cloudfront.net
d3g64oftvxu9se.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
i.ebayimg.com
blogger.googleusercontent.com
d3g64oftvxu9se.cloudfront.net
i.ebayimg.com
23.227.60.200
2600:141b:5000:5a3::24d4
2600:9000:23ca:f000:1d:33ee:8380:21
2600:9000:24f1:ea00:f:b481:de00:21
2606:4700:3032::6815:4f6c
2606:4700::6811:180e
2607:f8b0:4006:806::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2a04:4e42:600::485
63.141.128.3
07350c98edacfd11fec0f096e9cd653515a7b83b60c21a720b8f9b9e687124b1
07d58b0d456e34224a117d8ea400d34dc97d8e0c0ff5dc759b8bf4405aa74c3d
0de55ef45e68d388ee8a7d1f1bb9f22c29d737f0222385e4986f98f7c5c228b7
17ee9a2ced80c91d77ff2a7aae18be3cea88557632351e0a7678cfa08ed26e11
23dbb83223f7c2c004423cf3a53ef1859b0df90ede94e2c7f70c12a68d14d9e0
2519ce0c968caf1f7eb5ad7ea7357004093700e14093e770220bc5182e7126d3
38a3a7b587a96ccb845942e710e2f7063a11406ecd054e98772160e2e49a77ce
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
5e7d31d704c000380c2b20ca6c37e2cc9536f1c0467953c3f99acece864c13de
73c3dc8b5c22921d4a157e0b9333bc90840dc838995fc483ac2e41d42bad4c81
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4
81d9c985ac8cc420cd1ccee4cd9bbd2bd28b0c42d3bff6c783eee03d2896a8b2
92798c923e1425d84bf32e4214d251db779bf7b7b446f11ee064c364262c7155
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b8efb9aa8c13b75c4ea07733f30484ee6761fca949b4f02dfabedfdd4357c01e
c48648baf9a734d93e7b2182774eb0d1edcb1ef1fd69af8b9bfaa89a33a11e18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b4efa1175644f2cdabd7ac61a579636ff7be1ea1bf7c51dcc5815d0493f039