urlscan.io logo urlscan.io
SecurityTrails logo

store.xecurify.com Open in urlscan Pro
3.212.219.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://candywarehouse.biz/
Effective URL: https://store.xecurify.com/moas/shopify/firewallAccessDenied
Submission: On June 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 14 domains to perform 32 HTTP transactions. The main IP is 3.212.219.190, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is store.xecurify.com. The Cisco Umbrella rank of the primary domain is 203791.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 15th 2024. Valid for: a year.
This is the only time store.xecurify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.225.128 16509 (AMAZON-02)
12 2620:127:f00f... 13335 (CLOUDFLAR...)
5 2620:127:f00f... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 184.95.45.52 20454 (SSASN2)
2 6 3.212.219.190 14618 (AMAZON-AES)
1 151.101.130.133 54113 (FASTLY)
1 3.160.150.75 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.229.133.221 15133 (EDGECAST)
32 10
1    15.197.225.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
candywarehouse.biz
12    2620:127:f00f:e:: (Canada)

ASN13335 (CLOUDFLARENET, US)
www.candywarehouse.com
5    2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)
cdn.shopify.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    184.95.45.52 (United States)

ASN20454 (SSASN2, US)
searchserverapi.com
6    3.212.219.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-219-190.compute-1.amazonaws.com
store.xecurify.com
1    151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.klaviyo.com
1    3.160.150.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-75.fra60.r.cloudfront.net
widgets.turnto.com
1    2606:4700::6813:b0d3 (United States)

ASN13335 (CLOUDFLARENET, US)
static.afterpay.com
1    192.229.133.221 (United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
Apex Domain
Subdomains		 Transfer
12 candywarehouse.com
www.candywarehouse.com
270 KB
6 xecurify.com
store.xecurify.com — Cisco Umbrella Rank: 203791
16 KB
5 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2357
11 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 22461
5 KB
1 afterpay.com
static.afterpay.com — Cisco Umbrella Rank: 20044
8 KB
1 turnto.com
widgets.turnto.com — Cisco Umbrella Rank: 21978
4 KB
1 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3409
2 KB
1 searchserverapi.com
searchserverapi.com — Cisco Umbrella Rank: 22290
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
30 KB
1 candywarehouse.biz
candywarehouse.biz
170 B
0 aspnetcdn.com Failed
ajax.aspnetcdn.com Failed
0 kxcdn.com Failed
searchanise-ef84.kxcdn.com Failed
0 tidio.co Failed
code.tidio.co Failed
0 shop.app Failed
shop.app Failed
32 14
Domain Requested by
12 www.candywarehouse.com www.candywarehouse.com
6 store.xecurify.com 2 redirects www.candywarehouse.com
store.xecurify.com
5 cdn.shopify.com www.candywarehouse.com
1 www.w3schools.com store.xecurify.com
1 static.afterpay.com www.candywarehouse.com
1 widgets.turnto.com www.candywarehouse.com
1 static.klaviyo.com www.candywarehouse.com
1 searchserverapi.com www.candywarehouse.com
1 code.jquery.com www.candywarehouse.com
1 candywarehouse.biz 1 redirects
0 ajax.aspnetcdn.com Failed searchserverapi.com
0 searchanise-ef84.kxcdn.com Failed searchserverapi.com
0 code.tidio.co Failed www.candywarehouse.com
0 shop.app Failed www.candywarehouse.com
32 14

This site contains no links.

Subject Issuer Validity Valid
www.candywarehouse.com
E1		 2024-05-30 -
2024-08-28		 3 months crt.sh
cdn.shopify.com
E1		 2024-05-03 -
2024-08-01		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
searchserverapi.com
R3		 2024-04-28 -
2024-07-27		 3 months crt.sh
xecurify.com
Amazon RSA 2048 M03		 2024-03-15 -
2025-04-14		 a year crt.sh
static.klaviyo.com
R3		 2024-05-12 -
2024-08-10		 3 months crt.sh
*.turnto.com
Amazon RSA 2048 M02		 2024-02-01 -
2025-02-28		 a year crt.sh
afterpay.com
GTS CA 1P5		 2024-06-02 -
2024-09-01		 3 months crt.sh
*.w3schools.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-03 -
2025-05-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://store.xecurify.com/moas/shopify/firewallAccessDenied
Frame ID: 58CABBE1B920478968FCA4C6AE8924CB
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access Denied

Page URL History Show full URLs

  1. https://candywarehouse.biz/ HTTP 301
    http://www.candywarehouse.com/ HTTP 307
    https://www.candywarehouse.com/ Page URL
  2. https://store.xecurify.com/moas/shopify/firewallAccessDenied Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.afterpay\.com
Overall confidence: 100%
Detected patterns
  • klaviyo\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

81 %
HTTPS

40 %
IPv6

14
Domains

14
Subdomains

10
IPs

2
Countries

347 kB
Transfer

1711 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://candywarehouse.biz/ HTTP 301
    http://www.candywarehouse.com/ HTTP 307
    https://www.candywarehouse.com/ Page URL
  2. https://store.xecurify.com/moas/shopify/firewallAccessDenied Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://candywarehouse.biz/ HTTP 301
  • http://www.candywarehouse.com/ HTTP 307
  • https://www.candywarehouse.com/
Request Chain 28
  • https://store.xecurify.com/moas/shopify/style.css HTTP 302
  • https://store.xecurify.com/moas/initialize HTTP 302
  • https://store.xecurify.com/moas/login

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.candywarehouse.com/
Redirect Chain
  • https://candywarehouse.biz/
  • http://www.candywarehouse.com/
  • https://www.candywarehouse.com/
438 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2fecbe34d134d93ed0bc4ec7baa388ba3b437bf22416389d4fdb1c430f62948
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8994427fba0a9f72-AMS
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Tue, 25 Jun 2024 10:26:31 GMT
etag
"cacheable:da5763388af27aed207995d87cc2fbbf"
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZS4IkbZTpfMiESpnoRIALbf3g7ILrFM5gi%2BdYvLsMpfxfWVs8cY%2BGiqwhIVHNWK3VtAgCLvKNgahyJ0taF1Zsz3QGTx8b%2BGM724YcrCye3daAtgqRqpTWAyx6zBVmPGN2RUrfwqkv1RAIFnmcaevDq2ZArE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=20;desc="gc:1", db;dur=4, asn;desc="60068", edge;desc="AMS", country;desc="DE", theme;desc="142968914170", pageType;desc="index", servedBy;desc="9t4w", requestID;desc="568a4fd5-48c2-45d9-887b-afe221016210-1719311190" cfRequestDuration;dur=55.999994 ipv6, earlyhints
strict-transport-security
max-age=7889238
vary
Accept
x-cache
hit, server
x-content-type-options
nosniff
x-dc
gcp-europe-west4,gcp-europe-west1,gcp-europe-west1
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
568a4fd5-48c2-45d9-887b-afe221016210-1719311190
x-shardid
249
x-shopid
63625199866
x-shopify-nginx-no-cookies
0
x-sorting-hat-podid
249
x-sorting-hat-shopid
63625199866
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.candywarehouse.com/
Non-Authoritative-Reason
HttpsUpgrades
lazysizes.aio.min.js
www.candywarehouse.com/cdn/shop/t/98/assets/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cdn/shop/t/98/assets/lazysizes.aio.min.js?v=158897588034173888241717783851
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdac22006f59b004f0eda365219f37f97722979926f2ae448836936a704562f9
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
1527153
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=181.599, imageryFetch;dur=107.346, cfRequestDuration;dur=19.000053, ipv6
alt-svc
h3=":443"; ma=86400
content-length
9128
x-xss-protection
1; mode=block
x-sorting-hat-shopid
63625199866
x-request-id
040e2363-d557-4ea7-b862-ff393a9d496e-1717783902
last-modified
Fri, 07 Jun 2024 18:11:43 GMT
server
cloudflare
x-shopid
63625199866
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iAaXCvIh7BHh%2F1MUIDci7UE80TwY7gZMthxfJ9VRyKdNoLEkWfF%2BQ7pQkqFpj7B2TYge1Uel%2F8nB2%2FWWbOsh876X4jYoyMt18A2%2FuvthCYsrhRNIOA8OpphsuqXAfIUUqCH6UIxUJMAtufJ%2FCjVm0fmEhtc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
899442803ab39f72-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/lazysizes.aio.min.js>; rel="canonical"
x-sorting-hat-podid
249
vendor.aio.min.js
www.candywarehouse.com/cdn/shop/t/98/assets/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cdn/shop/t/98/assets/vendor.aio.min.js?v=41859901124936010441717783851
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4db641e64aba04fb37b4cb9ec067c6182690d88b41d961390a4a72981599c9
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
1527153
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=74.765, imageryFetch;dur=61.292, cfRequestDuration;dur=20.999908, ipv6
alt-svc
h3=":443"; ma=86400
content-length
27294
x-xss-protection
1; mode=block
x-sorting-hat-shopid
63625199866
x-request-id
94e2ffbd-ead6-47f1-99e9-7c4dee075546-1717783902
last-modified
Fri, 07 Jun 2024 18:11:43 GMT
server
cloudflare
x-shopid
63625199866
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xGuZdM0%2FoXyv6uuy9K%2F%2BxItgcaL5GjVkB2%2BxWnj9Lr9wUEuRrqonE0ZCO1N%2F2cMz7X2VnuPdl0DIQ0WsVgbHkWBjTkJ3NuXXgTaLEVqaFFYMDoaUWK5qnpd10iko6qIOS5TyQp1jH5JdBGjdeyy6izYZS5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
899442803ab49f72-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/vendor.aio.min.js>; rel="canonical"
x-sorting-hat-podid
249
theme.aio.min.js
www.candywarehouse.com/cdn/shop/t/98/assets/ 		444 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cdn/shop/t/98/assets/theme.aio.min.js?v=63556128558602104521717783851
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cff72db9ac4cb08ac60c0587b43e915c6905477e5ef6aac89bfb9e2480a8342
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
1527153
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=105.135, imageryFetch;dur=73.597, cfRequestDuration;dur=26.999950, ipv6
alt-svc
h3=":443"; ma=86400
content-length
76992
x-xss-protection
1; mode=block
x-sorting-hat-shopid
63625199866
x-request-id
0ee0d174-717f-45ce-b46f-bdd563597d42-1717783902
last-modified
Fri, 07 Jun 2024 18:11:43 GMT
server
cloudflare
x-shopid
63625199866
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2rxlgnUe9%2F8bkGFoXSXZT3TjdvqeUp0ZO2wwk%2BVsTo%2FwoSe3oEIUt7n5uf7teFnnIKu7rnihNvfjsOxksk%2FIEw7rzCj08o3inOVTjw%2BWeO4iK2qwHtH8m4qpPg%2Fl3DhSj5wyja%2BIt78%2FsgvCHZYLv8HVMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
899442803ab59f72-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/theme.aio.min.js>; rel="canonical"
x-sorting-hat-podid
249
theme.min.css
www.candywarehouse.com/cdn/shop/t/98/assets/ 		438 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cdn/shop/t/98/assets/theme.min.css?v=183047871713161377341717783851
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01cf1f54304ab4b7e789be250b6af18be10a1e5e53374dd772fce9562ae5dd2a
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
1527153
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=158.232, imageryFetch;dur=32.294, cfRequestDuration;dur=20.999908, ipv6
alt-svc
h3=":443"; ma=86400
content-length
59392
x-xss-protection
1; mode=block
x-sorting-hat-shopid
63625199866
x-request-id
7665bf08-8acd-466f-afe3-c1a6096ea04e-1717783902
last-modified
Fri, 07 Jun 2024 18:11:43 GMT
server
cloudflare
x-shopid
63625199866
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGlZEKAqkR2tRCYR1tzl3efJrw%2BHUUEU7NfeuReBAGBwb8NzEAAUFTB150UJEnxPhWbm3ZwwIbK9XBmNmWU7dQAnMV7IMjdEeorexf1pxvEdTPGVo59M7OLz3noo5XRHKXDayz2%2FP%2F3xhJ90LOIOUBZbFqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
899442803ab29f72-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/theme.min.css>; rel="canonical"
x-sorting-hat-podid
249
quick-add-to-cart.aio.min.js
www.candywarehouse.com/cdn/shop/t/98/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cdn/shop/t/98/assets/quick-add-to-cart.aio.min.js?v=117125094050151676481718074589
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611efaba058b379469b79bd0f3b8c001c08a73ed4bc1d7d17f9035dc8fbae236
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
1222622
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=106.559, imageryFetch;dur=80.806, cfRequestDuration;dur=16.999960, ipv6
alt-svc
h3=":443"; ma=86400
content-length
456
x-xss-protection
1; mode=block
x-sorting-hat-shopid
63625199866
x-request-id
247cdc6b-4eb7-45ec-acfe-abd1ec83e0ab-1718074590
last-modified
Tue, 11 Jun 2024 02:56:30 GMT
server
cloudflare
x-shopid
63625199866
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLYLL5cpenWZ34l6jGpGOFdOumIZi4WeiusJIPZx4A4pDRkETS30mLFHBA9hjyqPf9Rv0uq1EtaNmjQ1YstCNkJMYUFbilXf%2FXEmKvcVUDuvmjZz7mRLMZTpc3YNLzMIWYAvMfqMmdRs2WVWukOCUBGoILg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
899442803ab79f72-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/quick-add-to-cart.aio.min.js>; rel="canonical"
x-sorting-hat-podid
249
option_selection_5712952b-0591-4f8e-a2bd-a2e7a70d9f52.js
cdn.shopify.com/s/files/1/0617/7298/8603/files/ 		127 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0617/7298/8603/files/option_selection_5712952b-0591-4f8e-a2bd-a2e7a70d9f52.js?v=1659206952
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f2e421d977757f17c8387d9eed4f425745e6460e1c5704d7219178633fe7d9
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
3692466
server-timing
imagery;dur=61.350, imageryFetch;dur=48.658, cfRequestDuration;dur=21.000147, ipv6
alt-svc
h3=":443"; ma=86400
content-length
114
x-xss-protection
1; mode=block
x-request-id
7d8af07b-7497-4670-8d9c-86ca70047cad-1715618720
last-modified
Fri, 03 May 2024 15:36:12 GMT
server
cloudflare
x-shopid
61772988603
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1DQBfxhJ9nBJPgHtdrpgiqpMVp6svdSeqoz3DhgSHTdPfmNaswr5B4ub%2BN4KBIrUwa3SO3kOoj71VYZmOWolPEH4YeWa4JxHNfbzGISDPPN6YeeI8JXNMTzwulBZysXOzKY2Guvs%2BA%2BSlWp0Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0617/7298/8603/files/option_selection_5712952b-0591-4f8e-a2bd-a2e7a70d9f52.js>; rel="canonical"
cf-ray
8994428038e69f9c-AMS
preconnect.js
cdn.shopify.com/s/files/1/0617/7298/8603/files/ 		830 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0617/7298/8603/files/preconnect.js?v=1659207000
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1131db170033a158806fa2c201313d8061df3abb205265b6aa25eb04a0a38c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
3683663
server-timing
imagery;dur=87.928, imageryFetch;dur=79.008, cfRequestDuration;dur=17.999887, ipv6
alt-svc
h3=":443"; ma=86400
content-length
358
x-xss-protection
1; mode=block
x-request-id
aecafbc9-13f8-4e12-b102-6d737f95c03d-1715627524
last-modified
Mon, 13 May 2024 19:12:05 GMT
server
cloudflare
x-shopid
61772988603
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FgXMXV7rMbhYB925eMJe%2Beh%2FpFSuePAw5lcA7k%2BSdMRLl2uzMR%2F%2BmXykCZZPU6HbzCHA7jR96tWz23n1L6zGI1gdovZRYkDX4XK8pLWjEq2CBjDaQXi3KdaNCSnyXhV6BH0%2Fwk3UqphlExrqIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0617/7298/8603/files/preconnect.js>; rel="canonical"
cf-ray
8994428048e89f9c-AMS
font-settings.aio.min.css
www.candywarehouse.com/cdn/shop/t/98/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cdn/shop/t/98/assets/font-settings.aio.min.css?v=98464137025494802221717783851
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0033c6aa9420454e9735a56a8df8ec120f50b57e762a683c95e32c00064a8dc
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
1527153
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=105.280, imageryFetch;dur=90.677, cfRequestDuration;dur=16.999960, ipv6
alt-svc
h3=":443"; ma=86400
content-length
527
x-xss-protection
1; mode=block
x-sorting-hat-shopid
63625199866
x-request-id
50fb66ff-3e6c-426e-bd1e-fd2cd534c0ce-1717783902
last-modified
Fri, 07 Jun 2024 18:11:43 GMT
server
cloudflare
x-shopid
63625199866
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o2OW2Q%2B3XOQ%2Bi7V2NknVyiSKTSp74my2qk7xI1MbnvjBDrUqXzyZvHMidsCEFGojIyZOkUeHoAyNxeAIUqP2B90jcjTkeqP%2BS5MAIuRbJ5VZgcdE72NxIjHcwM6dcFq97QNd5itHtMmDulXHWd1WvoQCUPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
899442804aba9f72-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/font-settings.aio.min.css>; rel="canonical"
x-sorting-hat-podid
249
custom.min.css
www.candywarehouse.com/cdn/shop/t/98/assets/ 		1 KB
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cdn/shop/t/98/assets/custom.min.css?v=132293651894807298431717783851
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3483b757b1586ee1d1b7d03f4af6ca62c5b9e969caceca893218dd3ac787422f
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
1527153
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=50.436, imageryFetch;dur=38.659, cfRequestDuration;dur=17.999887, ipv6
alt-svc
h3=":443"; ma=86400
content-length
302
x-xss-protection
1; mode=block
x-sorting-hat-shopid
63625199866
x-request-id
fcd777d0-5411-4ec1-ae91-feff048b3af1-1717783902
last-modified
Fri, 07 Jun 2024 18:11:43 GMT
server
cloudflare
x-shopid
63625199866
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjNe179oYaXvtq2cXpLht3U4JlE5TZJF0zHawsuSmCrLaOuFa8gAFyAB1640wWF5EBUDwLfZ9LTIQYSrbO5CvCXlYxCYhMdfG8UcWVASwNGjHMNh0JdRu8QEl%2BkglQp89PLhJOrj6E0M0gBSfC1S04TyW50%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
899442804abc9f72-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/custom.min.css>; rel="canonical"
x-sorting-hat-podid
249
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Origin
https://www.candywarehouse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
715762
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-etou8220054-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719311191.120825,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
17, 371156
init.js
searchserverapi.com/widgets/shopify/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://searchserverapi.com/widgets/shopify/init.js?a=8A3Q1f8y1j
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.95.45.52 , United States, ASN20454 (SSASN2, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
gzip
last-modified
Tue, 25 Jun 2024 07:06:14 GMT
server
nginx
etag
W/"667a6c66-1abb"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
expires
Tue, 25 Jun 2024 10:26:30 GMT
check
store.xecurify.com/moas/rest/shopify/ 		87 B
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://store.xecurify.com/moas/rest/shopify/check?shop=candywarehouseinc.myshopify.com
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.212.219.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-219-190.compute-1.amazonaws.com
Software
Apache/2.4.58 () OpenSSL/3.0.8 /
Resource Hash
226e45a90f334806b17268e14ef268079c96729409f0c3247ec3f8da1aba705c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
access-control-allow-credentials
true
server
Apache/2.4.58 () OpenSSL/3.0.8
access-control-allow-headers
Content-Type,Authorization
access-control-max-age
3600
access-control-allow-methods
POST,GET,OPTIONS,DELETE,PUT
content-type
application/json;charset=UTF-8
preloads.js
www.candywarehouse.com/checkouts/internal/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/checkouts/internal/preloads.js?locale=en-US
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
cfRequestDuration;dur=51.000118, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
x-shopid
63625199866
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7wA%2FGQMAq7fp7ydAnAA96jdjeWZU9xsf4xFw%2BVpCX0jq7%2BdnRgugLx9kCh69rhpX1AhpQ8HCYJquzGnfKwdrVRwZwrkPrEibqX3lyoxR6D%2FuoXjGyYIUieh3XLwMq3RFsvrzO7THZHMAwQDZTfhZWgeo%2FvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; encoding=utf-8
access-control-allow-origin
*
x-download-options
noopen
cache-control
no-store, no-cache, must-revalidate
timing-allow-origin
*
cf-ray
89944282b8c64184-AMS
preloads.js
shop.app/checkouts/internal/ 		0
0
load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
www.candywarehouse.com/cdn/shopifycloud/shopify/assets/storefront/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Origin
https://www.candywarehouse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
3671439
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=255.264, imageryFetch;dur=20.179, cfRequestDuration;dur=15.000105, ipv6
alt-svc
h3=":443"; ma=86400
content-length
3324
x-xss-protection
1; mode=block
x-request-id
5f502529-7880-418e-b1d6-b7289d750364-1715639751
last-modified
Mon, 13 May 2024 22:35:52 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1DlcUDFYDBPbxmhgQQ0lMCJCN2%2FRkUW8FSdL4lpG%2FHR9%2Fuu3Am0dT1M22ssvwJ5NNRdxMD6b1PVP93UVHZEqX043DmZ%2BpIQi5u8bLYupYhopKX8PZsMfDDTLUBnCOkR7ggUG%2FWJ3VESBn1loi%2FMXBh9wN4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
cf-ray
8994428329024184-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js>; rel="canonical"
x-sorting-hat-podid
-1
storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js
www.candywarehouse.com/cdn/shopifycloud/shopify/assets/shopify_pay/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js?v=20220906
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Origin
https://www.candywarehouse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
3692643
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=235.334, imageryFetch;dur=32.901, cfRequestDuration;dur=16.000032, ipv6
alt-svc
h3=":443"; ma=86400
content-length
18677
x-xss-protection
1; mode=block
x-request-id
808ad7f4-7fe2-4de1-b551-b43cd0001443-1715618548
last-modified
Mon, 13 May 2024 16:42:28 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMSE9Oz1WLaTErFwOcTIhNsGmWsU2v5VBSRj2xp2lhf3WsGE8qaBPX47%2BisS0kYvUB5upA%2FDgKiIP69ezg9uB22Vmo%2FS%2BJORj9NQQjfGmdOh5TFxhK%2B8s8tq5ou9TsRfXXAd7CViIG2jldFvdE%2Fks8vu9Rs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
cf-ray
8994428369314184-AMS
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js>; rel="canonical"
x-sorting-hat-podid
-1
klaviyo.js
static.klaviyo.com/onsite/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RZNRPP
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Tue, 25 Jun 2024 10:26:31 GMT
age
39337
x-cache
MISS, HIT
content-length
1059
x-served-by
cache-lga21982-LGA, cache-fra-eddf8230131-FRA
server
nginx
x-timer
S1719311192.653627,VS0,VE1
etag
"124211c9e28a88e83c4062d9a90798c4"
allow
GET, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
content-type
application/javascript
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1, 1
globo.alsobought.min.js
cdn.shopify.com/extensions/9679c128-060d-44e7-a513-e729eaaa02a7/glo-related-products-upsell-58/assets/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/9679c128-060d-44e7-a513-e729eaaa02a7/glo-related-products-upsell-58/assets/globo.alsobought.min.js
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
358889
server-timing
imagery;dur=71.040, imageryFetch;dur=49.891, cfRequestDuration;dur=15.999794, ipv6
alt-svc
h3=":443"; ma=86400
content-length
2894
x-xss-protection
1; mode=block
x-request-id
ddf2d9a0-8753-411f-bd44-919abbd6bdd2-1718952285
last-modified
Fri, 21 Jun 2024 06:44:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vciuB64xmm9e1nhn6KOMVDwyss3WDuqAoOBfj%2BZX5ZySq4JrbpvQgJdVumxicm%2FvOkxcT0DtyS%2Fwp%2BNTSrptfllNxU4FbAJZtsxglt6z13sBbLDCzDNojQkOdUHVDw0K56hMIrLlpWrSRO%2FnwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/9679c128-060d-44e7-a513-e729eaaa02a7/glo-related-products-upsell-58/assets/globo.alsobought.min.js>; rel="canonical"
cf-ray
89944283ed699f9c-AMS
main.js
cdn.shopify.com/extensions/e6ba4888-1a79-4d65-8658-6bca79405e69/accessibly-11/assets/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/e6ba4888-1a79-4d65-8658-6bca79405e69/accessibly-11/assets/main.js
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
3681804
server-timing
imagery;dur=120.616, imageryFetch;dur=70.273, cfRequestDuration;dur=19.000053, ipv6
alt-svc
h3=":443"; ma=86400
content-length
3520
x-xss-protection
1; mode=block
x-request-id
b190be57-01b4-497a-8ea0-371a609b6af9-1715629386
last-modified
Mon, 13 May 2024 19:43:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mSwQco5QmTQc57ke5nx4PI4uvAcaV7YfUPLxuugF0y6TEpP8hH5ZjXpwYlGH2VeVvt1XRIWhU5sEGw3Dzt4ESMVJ5B6XnBk91B4O1n5DYEy8TktFPNpZLKIO%2FYaOigtNRF6bYUPxZtjlg%2FvpAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/e6ba4888-1a79-4d65-8658-6bca79405e69/accessibly-11/assets/main.js>; rel="canonical"
cf-ray
8994428418556625-AMS
optimizer.js
cdn.shopify.com/s/files/1/0617/7298/8603/files/ 		1 KB
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0617/7298/8603/files/optimizer.js?v=1659207041
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4180326c8a66f760ed87ecd74b5b3dec948ce15f898e1576c70fc50003ed6e43
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
3670026
server-timing
imagery;dur=57.209, imageryFetch;dur=23.132, cfRequestDuration;dur=41.999817, ipv6
alt-svc
h3=":443"; ma=86400
content-length
466
x-xss-protection
1; mode=block
x-request-id
d5b5499b-88ac-46af-b0a6-39a027a9501d-1715641163
last-modified
Mon, 13 May 2024 22:59:24 GMT
server
cloudflare
x-shopid
61772988603
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8neX4daJ2BuK4JzqJGeFtRQvpYXW8Rh%2BUnBc8b5tONKF5M9eRPwVJTa7FS7%2BiAvAJD1KGtLevNCQNGzt9xA%2FaQT4K1WC4jVPvu4ehGhs6hGGLyXdexVpevUtXr7U6OZJfhzwmUC8eX%2FUJok1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0617/7298/8603/files/optimizer.js>; rel="canonical"
cf-ray
8994428048e99f9c-AMS
turnto.js
widgets.turnto.com/v5/widgets/pgKKi1tJis5MWYCsite/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.turnto.com/v5/widgets/pgKKi1tJis5MWYCsite/js/turnto.js
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-75.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 20:45:51 GMT
content-encoding
gzip
via
1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jun 2024 20:42:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
1172441
etag
W/"234660d4f64f65197d2218f12ab94f61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
no-cache, must-revalidate
x-amz-cf-id
9xdY-_-NMrqza4WPoXHGvPVsjkhHeaxHUzJkfP0s5rYDDxGoDEJ8sA==
kgahhi0m4cbvjsue85p9fpeof2exc8pd.js
code.tidio.co/ 		0
0
shopify-afterpay-javascript.js
static.afterpay.com/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.afterpay.com/shopify-afterpay-javascript.js
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b0d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e13534966a74c4020150eff6fd80a60342ef3a2eb86812b61fe352d56a7848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
via
1.1 01abec7ece24959c09067a58477de9ee.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-meta-jets3t-original-file-date-iso8601
2024-02-15T05:33:38.221Z
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P2
age
19387
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-meta-md5-hash
786b1dfa3257f90ae460229a72ab537a
last-modified
Thu, 15 Feb 2024 05:34:53 GMT
server
cloudflare
etag
W/"786b1dfa3257f90ae460229a72ab537a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=3600
cf-ray
899442809a1a0b62-AMS
x-amz-cf-id
QenIGZeJ-x-DXmtH83zZJZUr3nCHIiHBET_-j6saQxRg-D3DNGpFPw==
expires
Tue, 25 Jun 2024 11:26:31 GMT
update.js
www.candywarehouse.com/cart/ 		73 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.candywarehouse.com/cart/update.js
Requested by
Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0e988ed341a0fcf44e9aea6cc5ffa565bc82de45d070fed366218318c5b2ed0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=cd2143be-6105-45fe-93b7-11f1bb654bb0-1719311191
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=cd2143be-6105-45fe-93b7-11f1bb654bb0-1719311191

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.candywarehouse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jun 2024 10:26:31 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=cd2143be-6105-45fe-93b7-11f1bb654bb0-1719311191
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dc
gcp-europe-west4,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
server-timing
processing;dur=104, cfRequestDuration;dur=240.000010, ipv6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=cd2143be-6105-45fe-93b7-11f1bb654bb0-1719311191
x-sorting-hat-shopid
63625199866
x-request-id
cd2143be-6105-45fe-93b7-11f1bb654bb0-1719311191
x-shardid
249
server
cloudflare
x-shopid
63625199866
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en-US
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQgl2rpGOUK7Pg25nYwFRrXd7Wt0CIYyC%2F1OHDdG015y5PHghipqPE%2F8BejSRsNXvNgNx1UIfDFbczBCIRxxVjT6oIBjnzACcmCfKY8qlaaRo1o1mETL8P21uzAxBw%2BOj8G8DfBeMwLArrIAJ66%2Bu0hZX4E%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
89944280bf9a4184-AMS
x-sorting-hat-podid
249
templates.8A3Q1f8y1j.js
searchanise-ef84.kxcdn.com/ 		0
0
jquery-3.6.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		0
0
preload_data.8A3Q1f8y1j.js
searchanise-ef84.kxcdn.com/ 		0
0
Primary Request firewallAccessDenied
store.xecurify.com/moas/shopify/ 		815 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://store.xecurify.com/moas/shopify/firewallAccessDenied
Requested by
Host: store.xecurify.com
URL: https://store.xecurify.com/moas/rest/shopify/check?shop=candywarehouseinc.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.212.219.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-219-190.compute-1.amazonaws.com
Software
Apache/2.4.58 () OpenSSL/3.0.8 /
Resource Hash
6cbc5e6b9e146bfadcd25ba6475212fb301b4de60c9bf8bc3233a6bbb3dd1089

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.candywarehouse.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
access-control-allow-methods
POST,GET,OPTIONS,DELETE,PUT
access-control-max-age
3600
content-language
en
content-length
815
content-type
text/html;charset=UTF-8
date
Tue, 25 Jun 2024 10:26:31 GMT
server
Apache/2.4.58 () OpenSSL/3.0.8
login
store.xecurify.com/moas/
Redirect Chain
  • https://store.xecurify.com/moas/shopify/style.css
  • https://store.xecurify.com/moas/initialize
  • https://store.xecurify.com/moas/login
12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store.xecurify.com/moas/login
Requested by
Host: store.xecurify.com
URL: https://store.xecurify.com/moas/shopify/firewallAccessDenied
Protocol
H2
Server
3.212.219.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-219-190.compute-1.amazonaws.com
Software
Apache/2.4.58 () OpenSSL/3.0.8 /
Resource Hash
ae568b7262863361ef1cb03bcb6ee6f2d07e7493e0ca5e1b270a49237e8c5db9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://store.xecurify.com/moas/shopify/firewallAccessDenied
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 25 Jun 2024 10:26:32 GMT
server
Apache/2.4.58 () OpenSSL/3.0.8
access-control-max-age
3600
access-control-allow-methods
POST,GET,OPTIONS,DELETE,PUT
content-language
en
content-type
text/html;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization

Redirect headers

date
Tue, 25 Jun 2024 10:26:31 GMT
server
Apache/2.4.58 () OpenSSL/3.0.8
access-control-max-age
3600
access-control-allow-methods
POST,GET,OPTIONS,DELETE,PUT
content-language
en
location
/moas/login
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
content-length
0
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: store.xecurify.com
URL: https://store.xecurify.com/moas/shopify/firewallAccessDenied
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://store.xecurify.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
date
Tue, 25 Jun 2024 10:26:31 GMT
last-modified
Thu, 20 Jun 2024 12:23:42 GMT
server
ECS (frb/6796)
age
423380
etag
"0dbf5afcc3da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=31536000,public
accept-ranges
bytes
content-length
5250
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
favicon.ico
store.xecurify.com/ 		0
554 B 		Other
General
Check archive.org
Download Go to
Full URL
https://store.xecurify.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.212.219.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-219-190.compute-1.amazonaws.com
Software
Apache/2.4.58 () OpenSSL/3.0.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://store.xecurify.com/moas/shopify/firewallAccessDenied
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:26:32 GMT
server
Apache/2.4.58 () OpenSSL/3.0.8
access-control-max-age
3600
access-control-allow-methods
POST,GET,OPTIONS,DELETE,PUT
content-type
image/vnd.microsoft.icon
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
shop.app
URL
https://shop.app/checkouts/internal/preloads.js?locale=en-US&shop_id=63625199866
Domain
code.tidio.co
URL
https://code.tidio.co/kgahhi0m4cbvjsue85p9fpeof2exc8pd.js?extensionVersion=1.3.0
Domain
searchanise-ef84.kxcdn.com
URL
https://searchanise-ef84.kxcdn.com/templates.8A3Q1f8y1j.js
Domain
ajax.aspnetcdn.com
URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js
Domain
searchanise-ef84.kxcdn.com
URL
https://searchanise-ef84.kxcdn.com/preload_data.8A3Q1f8y1j.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

16 Cookies

Domain/Path Name / Value
store.xecurify.com/moas Name: JSESSIONID
Value: 58866431ad9040aa9101c4db4b9450ed
www.candywarehouse.com/ Name: keep_alive
Value: 9dc7b432-7e52-4b56-ac77-b54e9e9a6a4d
www.candywarehouse.com/ Name: secure_customer_sig
Value:
www.candywarehouse.com/ Name: localization
Value: US
www.candywarehouse.com/ Name: cart_currency
Value: USD
.candywarehouse.com/ Name: _tracking_consent
Value: %7B%22con%22%3A%7B%22CMP%22%3A%7B%22a%22%3A%22%22%2C%22m%22%3A%22%22%2C%22p%22%3A%22%22%2C%22s%22%3A%22%22%7D%7D%2C%22v%22%3A%222.1%22%2C%22region%22%3A%22DEHE%22%2C%22reg%22%3A%22GDPR%22%7D
.candywarehouse.com/ Name: _cmp_a
Value: %7B%22purposes%22%3A%7B%22p%22%3Atrue%2C%22a%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.candywarehouse.com/ Name: _shopify_y
Value: 886ec27f-5a49-42dc-b539-f0c534913af7
.candywarehouse.com/ Name: _shopify_s
Value: 93a1c665-cded-407b-8041-51d789a1a3ac
.candywarehouse.com/ Name: _orig_referrer
Value:
.candywarehouse.com/ Name: _landing_page
Value: %2F
www.candywarehouse.com/ Name: receive-cookie-deprecation
Value: 1
.afterpay.com/ Name: __cf_bm
Value: T1hb7EBZ60ruzks5IFNrwye6Z.xjGNEiFZCxmebjTnc-1719311191-1.0.1.1-Qv7eszbalZMlQa_FdKe8JTj.LEVAJC3gafTo3y4kGnSL4C.hFheMpvTTke2hzLRv4OJ.vRikIOnRr5QM.6YZTjl6UcaUlrWXAETZR7skc60
.afterpay.com/ Name: _cfuvid
Value: 1C9Xo_tVtBE85_PpE6AGzX2qaLLXZhR34kV4T942GPI-1719311191180-0.0.1.1-604800000
store.xecurify.com/ Name: AWSALB
Value: rmeWoPYwwg7Hx7HYYA9gCNzNaJ3/7jaVfNxC28e7+6w/S9mT/sWwsnD8eUBRnUZIhbLS99Dvjpyvwp+rSijarwaAMQLPNDUoPGP7arUVJSzWHjBe328X0euXCgxU
store.xecurify.com/ Name: AWSALBCORS
Value: rmeWoPYwwg7Hx7HYYA9gCNzNaJ3/7jaVfNxC28e7+6w/S9mT/sWwsnD8eUBRnUZIhbLS99Dvjpyvwp+rSijarwaAMQLPNDUoPGP7arUVJSzWHjBe328X0euXCgxU

2 Console Messages

Source Level URL
Text
network error URL: https://www.candywarehouse.com/cart/update.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://store.xecurify.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
candywarehouse.biz
cdn.shopify.com
code.jquery.com
code.tidio.co
searchanise-ef84.kxcdn.com
searchserverapi.com
shop.app
static.afterpay.com
static.klaviyo.com
store.xecurify.com
widgets.turnto.com
www.candywarehouse.com
www.w3schools.com
ajax.aspnetcdn.com
code.tidio.co
searchanise-ef84.kxcdn.com
shop.app
15.197.225.128
151.101.130.133
184.95.45.52
192.229.133.221
2606:4700::6813:b0d3
2620:127:f00f:e::
2620:127:f00f:ff01::
2a04:4e42:600::649
3.160.150.75
3.212.219.190
01cf1f54304ab4b7e789be250b6af18be10a1e5e53374dd772fce9562ae5dd2a
13e13534966a74c4020150eff6fd80a60342ef3a2eb86812b61fe352d56a7848
226e45a90f334806b17268e14ef268079c96729409f0c3247ec3f8da1aba705c
3483b757b1586ee1d1b7d03f4af6ca62c5b9e969caceca893218dd3ac787422f
4180326c8a66f760ed87ecd74b5b3dec948ce15f898e1576c70fc50003ed6e43
5a4db641e64aba04fb37b4cb9ec067c6182690d88b41d961390a4a72981599c9
611efaba058b379469b79bd0f3b8c001c08a73ed4bc1d7d17f9035dc8fbae236
6cbc5e6b9e146bfadcd25ba6475212fb301b4de60c9bf8bc3233a6bbb3dd1089
7cff72db9ac4cb08ac60c0587b43e915c6905477e5ef6aac89bfb9e2480a8342
ae568b7262863361ef1cb03bcb6ee6f2d07e7493e0ca5e1b270a49237e8c5db9
bdac22006f59b004f0eda365219f37f97722979926f2ae448836936a704562f9
c0033c6aa9420454e9735a56a8df8ec120f50b57e762a683c95e32c00064a8dc
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
cd1131db170033a158806fa2c201313d8061df3abb205265b6aa25eb04a0a38c
d0e988ed341a0fcf44e9aea6cc5ffa565bc82de45d070fed366218318c5b2ed0
d0f2e421d977757f17c8387d9eed4f425745e6460e1c5704d7219178633fe7d9
e2fecbe34d134d93ed0bc4ec7baa388ba3b437bf22416389d4fdb1c430f62948
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e