candymachine.app Open in urlscan Pro
75.2.60.5  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response candymachine.app/	1 KB 674 B	450ms 130ms	Document text/html	75.2.60.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://candymachine.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 75.2.60.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS acd89244c803f7181.awsglobalaccelerator.com Software Netlify / Resource Hash bd4468c70031727a6101aca1c5d650fc28251f883f003ccc70a745e060cf16b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 cache-control public, max-age=0, must-revalidate content-encoding br content-length 461 content-type text/html; charset=UTF-8 date Mon, 10 Jul 2023 14:33:41 GMT etag "d50eb4799b01cfea14219f217695573e-ssl-df" server Netlify strict-transport-security max-age=31536000 vary Accept-Encoding x-nf-request-id 01H503HX34WC69C687Z8SN9WQ0
GET H2	200	main.fc38eb25.js Show response candymachine.app/static/js/	2 MB 529 KB	207ms 154ms	Script application/javascript	75.2.60.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://candymachine.app/static/js/main.fc38eb25.js Requested by Host: candymachine.app URL: https://candymachine.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 75.2.60.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS acd89244c803f7181.awsglobalaccelerator.com Software Netlify / Resource Hash 3d2dcbec1da21b73c41465f436aa54ac9c492746401266b1a0629f076a8c0dc8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://candymachine.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H503HX93CNZ1MX0Q1SVBRB4W date Mon, 10 Jul 2023 14:33:42 GMT content-encoding br strict-transport-security max-age=31536000 server Netlify age 1 etag "4641e323ee2f024fd2691f198c5e8b82-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes
GET H2	200	js Show response www.googletagmanager.com/gtag/	242 KB 83 KB	111ms 32ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZMWR8MW50L Requested by Host: candymachine.app URL: https://candymachine.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 98c7ce892e5d90464f3b5fcd2b8cc2bfad6752d54df91ef45f9fea85360bb3be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://candymachine.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 14:33:41 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85003 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 10 Jul 2023 14:33:41 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 245 B	332ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-ZMWR8MW50L&gtm=45je3750&_p=7570844&cid=368681308.1688999622&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688999622&sct=1&seg=0&dl=https%3A%2F%2Fcandymachine.app%2F&dt=Aptos%20Candy%20Machine&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZMWR8MW50L Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://candymachine.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Mon, 10 Jul 2023 14:33:42 GMT server Golfe2 content-type text/plain access-control-allow-origin https://candymachine.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	logo512.png candymachine.app/	50 KB 50 KB	122ms 121ms	Image image/png	75.2.60.5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://candymachine.app/logo512.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 75.2.60.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS acd89244c803f7181.awsglobalaccelerator.com Software Netlify / Resource Hash 22a72966715d90743dfa79153925ceb0fb9ada4831c9c583f7147b549d2153d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://candymachine.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H503HY79XX5MDPMN30QM0X30 date Mon, 10 Jul 2023 14:33:42 GMT strict-transport-security max-age=31536000 server Netlify age 0 etag "a1e4c3a625cb77f0cd7f0ef24e5a2983-ssl" content-type image/png cache-control public, max-age=0, must-revalidate accept-ranges bytes content-length 50821
GET H2	200	aptos_word.svg candymachine.app/	2 KB 1 KB	133ms 132ms	Image image/svg+xml	75.2.60.5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://candymachine.app/aptos_word.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 75.2.60.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS acd89244c803f7181.awsglobalaccelerator.com Software Netlify / Resource Hash fc5a22f8528db28e8c72a6fbc9487388c4603e32b7cae2669efe8c002045ed14 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://candymachine.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H503HY7ANX9W86X970YQWMEW date Mon, 10 Jul 2023 14:33:42 GMT content-encoding br strict-transport-security max-age=31536000 server Netlify age 0 etag "8c925086928618870396556da184ea6f-ssl-df" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0, must-revalidate accept-ranges bytes content-length 947
GET H2	200	0x88e579563fad6dd96b17c9314badd081f667f443519a2512c0fbf95d462cc791::candy_machine_of_token_data_id::CandyMachineEvents Show response fullnode.mainnet.aptoslabs.com/v1/accounts/0x88e579563fad6dd96b17c9314badd081f667f443519a2512c0fbf95d462cc791/resource/	437 B 1 KB	354ms 96ms	XHR application/json	35.169.228.184 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://fullnode.mainnet.aptoslabs.com/v1/accounts/0x88e579563fad6dd96b17c9314badd081f667f443519a2512c0fbf95d462cc791/resource/0x88e579563fad6dd96b17c9314badd081f667f443519a2512c0fbf95d462cc791::candy_machine_of_token_data_id::CandyMachineEvents Requested by Host: candymachine.app URL: https://candymachine.app/static/js/main.fc38eb25.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.169.228.184 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-169-228-184.compute-1.amazonaws.com Software / Resource Hash dcdefb0df4a2f1e286fbf31795b1e8056e461be29f175088d08123ab276a180b Request headers Accept application/json Referer https://candymachine.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-aptos-ledger-version 177664362 date Mon, 10 Jul 2023 14:33:43 GMT x-aptos-oldest-block-height 0 x-aptos-ledger-oldest-version 0 x-aptos-epoch 3255 x-aptos-ledger-timestampusec 1688999621733471 content-type application/json; charset=utf-8 access-control-allow-origin https://candymachine.app x-aptos-block-height 67945582 access-control-allow-credentials true vary Origin content-length 437 x-aptos-chain-id 1
GET H2	200	0x88e579563fad6dd96b17c9314badd081f667f443519a2512c0fbf95d462cc791::candy_machine_of_token_data_id::CandyMachineEvents Show response fullnode.mainnet.aptoslabs.com/v1/accounts/0x88e579563fad6dd96b17c9314badd081f667f443519a2512c0fbf95d462cc791/resource/	437 B 1 KB	341ms 98ms	XHR application/json	35.169.228.184 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://fullnode.mainnet.aptoslabs.com/v1/accounts/0x88e579563fad6dd96b17c9314badd081f667f443519a2512c0fbf95d462cc791/resource/0x88e579563fad6dd96b17c9314badd081f667f443519a2512c0fbf95d462cc791::candy_machine_of_token_data_id::CandyMachineEvents Requested by Host: candymachine.app URL: https://candymachine.app/static/js/main.fc38eb25.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.169.228.184 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-169-228-184.compute-1.amazonaws.com Software / Resource Hash dcdefb0df4a2f1e286fbf31795b1e8056e461be29f175088d08123ab276a180b Request headers Accept application/json Referer https://candymachine.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-aptos-ledger-version 177664357 date Mon, 10 Jul 2023 14:33:43 GMT x-aptos-oldest-block-height 0 x-aptos-ledger-oldest-version 0 x-aptos-epoch 3255 x-aptos-ledger-timestampusec 1688999621313818 content-type application/json; charset=utf-8 access-control-allow-origin https://candymachine.app x-aptos-block-height 67945580 access-control-allow-credentials true vary Origin content-length 437 x-aptos-chain-id 1
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	16ms 15ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-ZMWR8MW50L&gtm=45je3750&_p=7570844&cid=368681308.1688999622&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1688999622&sct=1&seg=0&dl=https%3A%2F%2Fcandymachine.app%2F&dt=Aptos%20Candy%20Machine&en=scroll&epn.percent_scrolled=90&_et=5 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZMWR8MW50L Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://candymachine.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Mon, 10 Jul 2023 14:33:47 GMT server Golfe2 content-type text/plain access-control-allow-origin https://candymachine.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkcandymachine_ui undefined| memoryStorage object| regeneratorRuntime object| __REACT_ASYNC__

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.candymachine.app/	1970-01-20 22:45:59	Name: _ga Value: GA1.1.368681308.1688999622
			.candymachine.app/	1970-01-20 22:45:59	Name: _ga_ZMWR8MW50L Value: GS1.1.1688999622.1.0.1688999622.0.0.0
			fullnode.mainnet.aptoslabs.com/	1970-01-20 13:20:04	Name: AWSALBCORS Value: 1d+2mBT+YgZTFa37CZoC9K7f0jAuAGw5/oWJyB5/3o1jjbEtZaFLuhds0PxSrpVSDCK8ZibpIy6IfIYWGzuFdQAzy0+KHBpQlj8QnnwSzCJpg/eIAvgKlyLmUyCT

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

candymachine.app
fullnode.mainnet.aptoslabs.com
region1.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2a00:1450:4001:808::2008
35.169.228.184
75.2.60.5
22a72966715d90743dfa79153925ceb0fb9ada4831c9c583f7147b549d2153d0
3d2dcbec1da21b73c41465f436aa54ac9c492746401266b1a0629f076a8c0dc8
98c7ce892e5d90464f3b5fcd2b8cc2bfad6752d54df91ef45f9fea85360bb3be
bd4468c70031727a6101aca1c5d650fc28251f883f003ccc70a745e060cf16b0
dcdefb0df4a2f1e286fbf31795b1e8056e461be29f175088d08123ab276a180b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc5a22f8528db28e8c72a6fbc9487388c4603e32b7cae2669efe8c002045ed14