store.xecurify.com Open in urlscan Pro
3.212.219.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://make-a-monster.com/
Effective URL:
https://store.xecurify.com/moas/shopify/firewallAccessDenied
Submission: On July 02 via api (July 2nd 2024, 5:33:40 am UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 14 domains to perform 33 HTTP transactions. The main IP is 3.212.219.190, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is store.xecurify.com. The Cisco Umbrella rank of the primary domain is 203791.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 15th 2024. Valid for: a year.

This is the only time store.xecurify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
8	2620:127:f00f... 2620:127:f00f:e::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:127:f00f... 2620:127:f00f:ff01::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	184.95.45.52 184.95.45.52	20454 (SSASN2) (SSASN2)
2 6	3.212.219.190 3.212.219.190	14618 (AMAZON-AES) (AMAZON-AES)
5	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:127:f00f... 2620:127:f00f:ff00::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:dfb3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.133.221 192.229.133.221	15133 (EDGECAST) (EDGECAST)
33	10

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

make-a-monster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:127:f00f:e:: (Canada)

ASN13335 (CLOUDFLARENET, US)

www.candywarehouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.95.45.52 (United States)

ASN20454 (SSASN2, US)

searchserverapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.212.219.190 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-219-190.compute-1.amazonaws.com

store.xecurify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com

www.candywarehouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:127:f00f:ff00:: (Canada)

ASN13335 (CLOUDFLARENET, US)

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:dfb3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.afterpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.133.221 (United States)

ASN15133 (EDGECAST, US)

www.w3schools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	candywarehouse.com www.candywarehouse.com	250 KB
6	xecurify.com 2 redirects store.xecurify.com — Cisco Umbrella Rank: 203791	16 KB
3	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2357	3 KB
1	w3schools.com www.w3schools.com — Cisco Umbrella Rank: 22461	5 KB
1	afterpay.com static.afterpay.com — Cisco Umbrella Rank: 20044	8 KB
1	shop.app shop.app — Cisco Umbrella Rank: 3288	568 B
1	searchserverapi.com searchserverapi.com — Cisco Umbrella Rank: 22290	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 816	30 KB
1	make-a-monster.com 1 redirects make-a-monster.com	244 B
0	aspnetcdn.com Failed ajax.aspnetcdn.com Failed
0	kxcdn.com Failed searchanise-ef84.kxcdn.com Failed
0	tidio.co Failed code.tidio.co Failed
0	turnto.com Failed widgets.turnto.com Failed
0	klaviyo.com Failed static.klaviyo.com Failed
33	14

	Domain	Requested by
13	www.candywarehouse.com	www.candywarehouse.com
6	store.xecurify.com	2 redirects www.candywarehouse.com store.xecurify.com
3	cdn.shopify.com	www.candywarehouse.com
1	www.w3schools.com	store.xecurify.com
1	static.afterpay.com	www.candywarehouse.com
1	shop.app	www.candywarehouse.com
1	searchserverapi.com	www.candywarehouse.com
1	code.jquery.com	www.candywarehouse.com
1	make-a-monster.com	1 redirects
0	ajax.aspnetcdn.com Failed	searchserverapi.com
0	searchanise-ef84.kxcdn.com Failed	searchserverapi.com
0	code.tidio.co Failed	www.candywarehouse.com
0	widgets.turnto.com Failed	www.candywarehouse.com
0	static.klaviyo.com Failed	www.candywarehouse.com
33	14

This site contains no links.

Subject Issuer	Validity	Valid
www.candywarehouse.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
cdn.shopify.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
searchserverapi.com E6	`2024-06-27` - `2024-09-25`	3 months	crt.sh
xecurify.com Amazon RSA 2048 M03	`2024-03-15` - `2025-04-14`	a year	crt.sh
shop.app E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
afterpay.com GTS CA 1P5	`2024-06-02` - `2024-09-01`	3 months	crt.sh
*.w3schools.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-03` - `2025-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://store.xecurify.com/moas/shopify/firewallAccessDenied
Frame ID: 76147495A23B3EC885EA497431CBFC01
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Access Denied

Page URL History Show full URLs

https://make-a-monster.com/ HTTP 301
http://www.candywarehouse.com/ HTTP 307
https://www.candywarehouse.com/ Page URL
https://store.xecurify.com/moas/shopify/firewallAccessDenied Page URL

Detected technologies

Afterpay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

static\.afterpay\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

73 %
HTTPS

50 %
IPv6

14
Domains

14
Subdomains

10
IPs

2
Countries

315 kB
Transfer

1702 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://make-a-monster.com/ HTTP 301
http://www.candywarehouse.com/ HTTP 307
https://www.candywarehouse.com/ Page URL
https://store.xecurify.com/moas/shopify/firewallAccessDenied Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://make-a-monster.com/ HTTP 301
http://www.candywarehouse.com/ HTTP 307
https://www.candywarehouse.com/

Request Chain 29

https://store.xecurify.com/moas/shopify/style.css HTTP 302
https://store.xecurify.com/moas/initialize HTTP 302
https://store.xecurify.com/moas/login

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.candywarehouse.com/
Redirect Chain

https://make-a-monster.com/
http://www.candywarehouse.com/
https://www.candywarehouse.com/

433 KB
68 KB

1842ms
953ms

Document
text/html

2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc424a75f07312e3c7ad1e182ab7845b611398838c5db906cccc52549425ca9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89cc42f5de2b9957-FRA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Tue, 02 Jul 2024 05:33:33 GMT
etag: "cacheable:164dcaa4a150b4b0d11971cf17b63401"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35LckKKEhZ3iXQrxGHVHyLnSovvv7JrAEJ9Nfdhwkho%2FlA3F4Xfo2xKmqaT5%2BpVqK0gLEGYpLHtfm7gZW8lXfyoFsITe5cbzO1pnWiltDztvok6sdL1hRRgy6MQdfEuJ%2Br05SghpLpYbA1WOAkELw2Pzbx4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=890;desc="gc:375", db;dur=175, fetch;dur=1, render;dur=186, wasm, asn;desc="31103", edge;desc="FRA", country;desc="DE", theme;desc="142968914170", pageType;desc="index", servedBy;desc="t264", requestID;desc="04224754-8e15-4e5d-b489-409f387ade87-1719898412" cfRequestDuration;dur=924.999952 ipv6, earlyhints
strict-transport-security: max-age=7889238
vary: Accept
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-europe-west3,gcp-europe-west1,gcp-europe-west1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 04224754-8e15-4e5d-b489-409f387ade87-1719898412
x-shardid: 249
x-shopid: 63625199866
x-shopify-nginx-no-cookies: 0
x-sorting-hat-podid: 249
x-sorting-hat-shopid: 63625199866
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.candywarehouse.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 lazysizes.aio.min.js Show response
www.candywarehouse.com/cdn/shop/t/98/assets/ 28 KB
10 KB 80ms
38ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shop/t/98/assets/lazysizes.aio.min.js?v=158897588034173888241717783851

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdac22006f59b004f0eda365219f37f97722979926f2ae448836936a704562f9

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
age: 2114347
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=181.599, imageryFetch;dur=107.346, cfRequestDuration;dur=17.999887, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 9128
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 63625199866
x-request-id: 040e2363-d557-4ea7-b862-ff393a9d496e-1717783902
last-modified: Fri, 07 Jun 2024 18:11:43 GMT
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2BN%2BTNNuwBtxUBwCuklV4NvUZta%2BOxbI4tcogfaEZE0rZhlZMQevWhWMtnKNs9b1fHLiFbeRx%2Buk%2BWhQk%2F55cUkiV8TCITBdv0KTRY9nThPxnbXNo58MVUif1dmC0wgICwBi256NM2zEs7xfbo%2FQ4SHOkig%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 89cc42fc6b679957-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/lazysizes.aio.min.js>; rel="canonical"
x-sorting-hat-podid: 249

GET
H2 200 vendor.aio.min.js Show response
www.candywarehouse.com/cdn/shop/t/98/assets/ 95 KB
28 KB 122ms
81ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shop/t/98/assets/vendor.aio.min.js?v=41859901124936010441717783851

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4db641e64aba04fb37b4cb9ec067c6182690d88b41d961390a4a72981599c9

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
age: 2114347
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=74.765, imageryFetch;dur=61.292, cfRequestDuration;dur=35.999775, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 27294
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 63625199866
x-request-id: 94e2ffbd-ead6-47f1-99e9-7c4dee075546-1717783902
last-modified: Fri, 07 Jun 2024 18:11:43 GMT
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zMQCw7P29a6ZJb3mYi03V72CP%2B%2FdLsTr6fx3Q4ILRMEbqoyt52UTDU7FWxUubmWoH1C%2FpGuAEETCsJfw6J9nYPM8GLAnmX3QQid4Dpx3axxnQ3MLxsQmN70BjTbtzJ7s2pINXXaOVsGMDxyCecm2UogdBZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 89cc42fc6b6a9957-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/vendor.aio.min.js>; rel="canonical"
x-sorting-hat-podid: 249

GET
H2 200 theme.aio.min.js Show response
www.candywarehouse.com/cdn/shop/t/98/assets/ 444 KB
76 KB 99ms
58ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shop/t/98/assets/theme.aio.min.js?v=63556128558602104521717783851

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cff72db9ac4cb08ac60c0587b43e915c6905477e5ef6aac89bfb9e2480a8342

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
age: 2114347
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=105.135, imageryFetch;dur=73.597, cfRequestDuration;dur=19.999981, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 76992
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 63625199866
x-request-id: 0ee0d174-717f-45ce-b46f-bdd563597d42-1717783902
last-modified: Fri, 07 Jun 2024 18:11:43 GMT
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMvJMB8lJ8DaqdctaeEc1B8BEx1eCF6t6iTeSYRLwY2pqGmkX9VmdfHKfE0kR3ckVHB7cAVXQQwf4ICIhqCr3yuUbmRwes01PdJpMWr7SsZEeMZxl6htZJis9eEz49qJo%2BdeGWKUy%2FMNRzrCZVIGO5Q7DDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 89cc42fc6b6c9957-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/theme.aio.min.js>; rel="canonical"
x-sorting-hat-podid: 249

GET
H2 200 theme.min.css
www.candywarehouse.com/cdn/shop/t/98/assets/ 438 KB
59 KB 80ms
39ms Stylesheet
text/css 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shop/t/98/assets/theme.min.css?v=183047871713161377341717783851

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01cf1f54304ab4b7e789be250b6af18be10a1e5e53374dd772fce9562ae5dd2a

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
age: 2114347
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=158.232, imageryFetch;dur=32.294, cfRequestDuration;dur=19.999981, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 59392
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 63625199866
x-request-id: 7665bf08-8acd-466f-afe3-c1a6096ea04e-1717783902
last-modified: Fri, 07 Jun 2024 18:11:43 GMT
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qlkVCuQzc7ZC9gpuGvtt7vvT2SGcNY7MhLFqp7lUCDgYbkd7efJ8TewmRcE98FoWk8kK0oYo4Y3nrxyYXHdk7bzUXtirYAJN6xfRJrF%2BGdlNqU4XFI2tksNbEaXZsWol4nMpzT5wAIDDa805b25M5RKLrhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 89cc42fc5b639957-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/theme.min.css>; rel="canonical"
x-sorting-hat-podid: 249

GET
H2 200 quick-add-to-cart.aio.min.js Show response
www.candywarehouse.com/cdn/shop/t/98/assets/ 1 KB
1011 B 98ms
57ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shop/t/98/assets/quick-add-to-cart.aio.min.js?v=117125094050151676481718074589

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611efaba058b379469b79bd0f3b8c001c08a73ed4bc1d7d17f9035dc8fbae236

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
age: 1822095
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=106.559, imageryFetch;dur=80.806, cfRequestDuration;dur=23.000002, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 456
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 63625199866
x-request-id: 247cdc6b-4eb7-45ec-acfe-abd1ec83e0ab-1718074590
last-modified: Tue, 11 Jun 2024 02:56:30 GMT
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7rQAictntM6Jx86prCMYsn80OtRlyvGIPTHJ7kUnRA5x%2FkcpdOcM8HPsAGxDCZ5Z7WLexgOl0rfCC5QAStFPFQJomNAx0JI0oTBIgq99ETcdR6GGxQVTtK6Q36aPolGcdpgXft9iGs1T%2F1ex0fpKQMFqKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 89cc42fc6b6d9957-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/quick-add-to-cart.aio.min.js>; rel="canonical"
x-sorting-hat-podid: 249

GET
H2 200 option_selection_5712952b-0591-4f8e-a2bd-a2e7a70d9f52.js Show response
cdn.shopify.com/s/files/1/0617/7298/8603/files/ 127 B
658 B 85ms
45ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0617/7298/8603/files/option_selection_5712952b-0591-4f8e-a2bd-a2e7a70d9f52.js?v=1659206952

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0f2e421d977757f17c8387d9eed4f425745e6460e1c5704d7219178633fe7d9

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
age: 4279688
server-timing: imagery;dur=61.350, imageryFetch;dur=48.658, cfRequestDuration;dur=25.000095, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 114
x-xss-protection: 1; mode=block
x-request-id: 7d8af07b-7497-4670-8d9c-86ca70047cad-1715618720
last-modified: Mon, 13 May 2024 16:45:21 GMT
server: cloudflare
x-shopid: 61772988603
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vphw1UC3hFe8OdI1SirdzbwD1bv0SMfJveiPE3eNXa6gEeSMtnEjmBXSZlQU6C0LWRPHkbf9ZJgTmBsrPVCqsC0gqDaAnr5YrIrQrOapubvlPjkWsPSEVMKZj8q2dkI8fSmzVtI%2Bw1AnTViS3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0617/7298/8603/files/option_selection_5712952b-0591-4f8e-a2bd-a2e7a70d9f52.js>; rel="canonical"
cf-ray: 89cc42fc68892c73-FRA

GET
H2 200 preconnect.js Show response
cdn.shopify.com/s/files/1/0617/7298/8603/files/ 830 B
1 KB 74ms
34ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0617/7298/8603/files/preconnect.js?v=1659207000

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd1131db170033a158806fa2c201313d8061df3abb205265b6aa25eb04a0a38c

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
age: 4270888
server-timing: imagery;dur=87.928, imageryFetch;dur=79.008, cfRequestDuration;dur=16.000032, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 358
x-xss-protection: 1; mode=block
x-request-id: aecafbc9-13f8-4e12-b102-6d737f95c03d-1715627524
last-modified: Mon, 13 May 2024 19:12:05 GMT
server: cloudflare
x-shopid: 61772988603
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1A5%2BnDujVsLvhKvxWNVKuaPFwJSwsuPZE7WwPJSYUW%2F9w11MCqYi2X9bgejxmY2puQNTFWynd4WA0lGAoELN0blslCXl7LhfXoYacd2qgyDvOXZip%2Fsnm5FHDk8rGtP%2BEUDwE1XQTSgKCzFq7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0617/7298/8603/files/preconnect.js>; rel="canonical"
cf-ray: 89cc42fc688b2c73-FRA

GET
H2 200 font-settings.aio.min.css
www.candywarehouse.com/cdn/shop/t/98/assets/ 2 KB
1 KB 77ms
37ms Stylesheet
text/css 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shop/t/98/assets/font-settings.aio.min.css?v=98464137025494802221717783851

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0033c6aa9420454e9735a56a8df8ec120f50b57e762a683c95e32c00064a8dc

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
age: 2114398
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=105.280, imageryFetch;dur=90.677, cfRequestDuration;dur=19.000053, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 527
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 63625199866
x-request-id: 50fb66ff-3e6c-426e-bd1e-fd2cd534c0ce-1717783902
last-modified: Fri, 07 Jun 2024 18:11:43 GMT
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wS%2B2yMF0B%2BL2wHTy9x7C6JJj7n4JYFnT8PRgnKSo9E7gqYfxrwKZHWt%2Fy4L1IzARW6PzFpFYSO75UWk1hC1recDZJTHjr1rgdNT2Equ95m59FKJBfqhKkGI2u5RJgLu4J6C%2BB6On%2BEK5nPiRaqv%2FzTL9O7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 89cc42fc5b649957-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/font-settings.aio.min.css>; rel="canonical"
x-sorting-hat-podid: 249

GET
H2 200 custom.min.css
www.candywarehouse.com/cdn/shop/t/98/assets/ 1 KB
1 KB 75ms
36ms Stylesheet
text/css 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shop/t/98/assets/custom.min.css?v=132293651894807298431717783851

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3483b757b1586ee1d1b7d03f4af6ca62c5b9e969caceca893218dd3ac787422f

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
age: 2114398
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=50.436, imageryFetch;dur=38.659, cfRequestDuration;dur=16.000032, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 302
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 63625199866
x-request-id: fcd777d0-5411-4ec1-ae91-feff048b3af1-1717783902
last-modified: Fri, 07 Jun 2024 18:11:43 GMT
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oc5TNCFjPMOKKqlnvfsDtqGd0tv9IkKUZy2MT4LzX0%2Bikq6y2NRRmx%2FzlLRwG%2Fe%2FFlZqmJQyk96DERLe7Hp5tTahBYetVWE6LDYG0ud72Er6Xcab%2BowwD1l5SdLtVPSkQWMx0kwENu7MAbFXvUW2pg6EK8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 89cc42fc6b659957-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0636/2519/9866/t/98/assets/custom.min.css>; rel="canonical"
x-sorting-hat-podid: 249

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 653ms
32ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Origin: https://www.candywarehouse.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1302985
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-etou8220124-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1719898414.085180,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 15, 299909

GET
H2 200 init.js
searchserverapi.com/widgets/shopify/ 7 KB
3 KB 1079ms
155ms Script
application/javascript 184.95.45.52
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL: https://searchserverapi.com/widgets/shopify/init.js?a=8A3Q1f8y1j
Requested by: Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.95.45.52 , United States, ASN20454 (SSASN2, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 05:33:34 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2024 08:12:06 GMT
server: nginx
etag: W/"667d1ed6-1abb"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
expires: Tue, 02 Jul 2024 05:33:33 GMT

GET
H2 200 check
store.xecurify.com/moas/rest/shopify/ 87 B
665 B 877ms
147ms Script
application/json 3.212.219.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.xecurify.com/moas/rest/shopify/check?shop=candywarehouseinc.myshopify.com
Requested by: Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.212.219.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-219-190.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/3.0.8 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:34 GMT
access-control-allow-credentials: true
server: Apache/2.4.58 () OpenSSL/3.0.8
access-control-allow-headers: Content-Type,Authorization
access-control-max-age: 3600
access-control-allow-methods: POST,GET,OPTIONS,DELETE,PUT
content-type: application/json;charset=UTF-8

GET
H3 200 preloads.js
www.candywarehouse.com/checkouts/internal/ 4 KB
2 KB 51ms
51ms Script
application/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/checkouts/internal/preloads.js?locale=en-US

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:34 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
server-timing: cfRequestDuration;dur=23.999929
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBm%2BWyJ%2BW4uKBVJVBzFHjucKbHMf1dNRk7KYYYXXbLNgpugXFpBW1gbETJUez3mrMEv2nL%2BAFrx6SgBkFP8SuWfVCQrcDtiCZ7tUazTEO2nq%2Bky27tvOK0j9oNbgGBj8GWWrfjkKo1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; encoding=utf-8
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate
timing-allow-origin: *
cf-ray: 89cc4302e8391961-FRA

GET
H2 200 preloads.js
shop.app/checkouts/internal/ 0
568 B 323ms
51ms Script
application/javascript 2620:127:f00f:ff00::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/checkouts/internal/preloads.js?locale=en-US&shop_id=63625199866

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff00:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Origin: https://www.candywarehouse.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.000044, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 0
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VIlqTPs0KMChmTAAZEBbj%2BVrmupvg393cc5RiRP5NLdSnVZi4us3%2B0OJ6AJzeJ2CptZ36opaSKTN5%2BJCNpOn2DmUMMFehbkEi%2B6NMP7gLhRbBky7i1ZeFPMOrJ8mC0h1dUTkJ11E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
timing-allow-origin: *
cf-ray: 89cc4304c80d65c6-FRA

GET
H3 200 load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
www.candywarehouse.com/cdn/shopifycloud/shopify/assets/storefront/ 12 KB
4 KB 108ms
86ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Origin: https://www.candywarehouse.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 1952660
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=90.316, imageryFetch;dur=38.169, cfRequestDuration;dur=16.000032
alt-svc: h3=":443"; ma=86400
content-length: 3324
x-xss-protection: 1; mode=block
x-request-id: 61dc225e-86fe-4018-9d9e-ae1b8f925530-1715639751
last-modified: Mon, 13 May 2024 22:35:51 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sNIu95mZhg0QJ156vy770%2FyFopk3dz6Q%2FJR6LhJzQ0DlUewymlTMlLg7VUynOkmoNDNbo%2Bahn3Z9IOJ5lznL01gsDU%2BIfGKvE56FEgKB9Hu1uaCw7ZEXdzylbydUenXkK355VDj1jF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 89cc4303f9561961-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js
www.candywarehouse.com/cdn/shopifycloud/shopify/assets/shopify_pay/ 42 KB
0 99ms
83ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js?v=20220906

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Origin: https://www.candywarehouse.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 4279866
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=235.334, imageryFetch;dur=32.901, cfRequestDuration;dur=19.000053
alt-svc: h3=":443"; ma=86400
content-length: 18677
x-xss-protection: 1; mode=block
x-request-id: 808ad7f4-7fe2-4de1-b551-b43cd0001443-1715618548
last-modified: Mon, 13 May 2024 16:42:28 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkB58eqHwykjIcRRTpFRiUqx2xkGsiuni17q1aiKkeNTWoZ%2BAQa1KCdykCYRJA%2BNFt6%2Fj5%2BD4tgNIMcfz9VM%2B6r9pY998y15IV5%2FtHgyIbZjSCR6WLqhNIrZkp4QtZPsTb8R76rXXto%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 89cc4304ca401961-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
www.candywarehouse.com/cdn/shopifycloud/shopify/assets/storefront/ 37 KB
0 133ms
131ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Origin: https://www.candywarehouse.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 4257603
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=266.652, imageryFetch;dur=25.049, cfRequestDuration;dur=15.999794
alt-svc: h3=":443"; ma=86400
content-length: 12292
x-xss-protection: 1; mode=block
x-request-id: 20377e83-46fe-4b02-ba04-6c632a757b85-1715640810
last-modified: Mon, 13 May 2024 22:53:31 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtzjlN%2BVQBmUuChLzpB1vtftDDQU5X1b9bgF%2FcW0e6MzWRp4uv7EbWfujWPBjeukz5UWcwEUdqoVir70I7X6R%2F7xAJhyPAThRRRkCEgAjX314tu9oqLZmzdm6Kw4Eeys8kW24TUbj6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 89cc43055ad51961-FRA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid: -1

GET klaviyo.js
static.klaviyo.com/onsite/js/ 0
0

GET acc-main.js
cdn.shopify.com/extensions/78e627ff-d595-4a0a-a5b6-f84514d21739/accessibly-12/assets/ 0
0

GET globo.alsobought.min.js
cdn.shopify.com/extensions/9679c128-060d-44e7-a513-e729eaaa02a7/glo-related-products-upsell-58/assets/ 0
0

GET
H2 200 optimizer.js Show response
cdn.shopify.com/s/files/1/0617/7298/8603/files/ 1 KB
982 B 75ms
37ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0617/7298/8603/files/optimizer.js?v=1659207041

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4180326c8a66f760ed87ecd74b5b3dec948ce15f898e1576c70fc50003ed6e43

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:33 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
age: 4257249
server-timing: imagery;dur=63.121, imageryFetch;dur=35.627, cfRequestDuration;dur=18.999815, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 466
x-xss-protection: 1; mode=block
x-request-id: 3300df57-1c59-4b2d-aef0-f50c2db3015c-1715641164
last-modified: Fri, 03 May 2024 21:51:27 GMT
server: cloudflare
x-shopid: 61772988603
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TirbQNwHYa1ygp6BfUI8JMGTwgWu1bdGtBwZ8rpUnQ5jpwVW56tIb9uiADHXVsHTZEBCIK8ShYl%2ByPOYM4%2FYeUfIZsxLDAHtkjkrADJoEv%2BSZSLTSDzWkccaEvAUZ6v53EV8ldjw4AjzOHzELw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0617/7298/8603/files/optimizer.js>; rel="canonical"
cf-ray: 89cc42fc688d2c73-FRA

GET turnto.js
widgets.turnto.com/v5/widgets/pgKKi1tJis5MWYCsite/js/ 0
0

GET kgahhi0m4cbvjsue85p9fpeof2exc8pd.js
code.tidio.co/ 0
0

GET
H2 200 shopify-afterpay-javascript.js
static.afterpay.com/ 34 KB
8 KB 724ms
49ms Script
application/x-javascript 2606:4700::6810:dfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.afterpay.com/shopify-afterpay-javascript.js

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dfb3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:34 GMT
via: 1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-jets3t-original-file-date-iso8601: 2024-02-15T05:33:38.221Z
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P7
age: 83442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-md5-hash: 786b1dfa3257f90ae460229a72ab537a
last-modified: Thu, 15 Feb 2024 05:34:53 GMT
server: cloudflare
etag: W/"786b1dfa3257f90ae460229a72ab537a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=3600
cf-ray: 89cc43031f27367f-FRA
x-amz-cf-id: WmDrKJWl2juQ_Bj3YYVhMyKQF8-eNVnF_zrl42EawytRF_lxhMsFnA==
expires: Tue, 02 Jul 2024 06:33:34 GMT

POST
H3 404 update.js
www.candywarehouse.com/cart/ 73 B
1 KB 323ms
323ms Fetch
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candywarehouse.com/cart/update.js

Requested by

Host: www.candywarehouse.com
URL: https://www.candywarehouse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=3ba041a5-761d-4130-9974-767d9c5c98c4-1719898414
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=3ba041a5-761d-4130-9974-767d9c5c98c4-1719898414

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.candywarehouse.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 02 Jul 2024 05:33:34 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=3ba041a5-761d-4130-9974-767d9c5c98c4-1719898414
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server-timing: processing;dur=155, cfRequestDuration;dur=295.000076
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=3ba041a5-761d-4130-9974-767d9c5c98c4-1719898414
x-sorting-hat-shopid: 63625199866
x-request-id: 3ba041a5-761d-4130-9974-767d9c5c98c4-1719898414
x-shardid: 249
server: cloudflare
x-shopid: 63625199866
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
content-language: en-US
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8Bs3npj2rrhEQeoFeOa3aZuxmk6J9QRANaSMlx%2FEbkkVo8liGW9JaEpeANJ2hXiaF0tNCiC0ToHl2LdRYfVS8Xtu%2Favu0Yuhw%2FyM%2B6WVq88A%2BBA9gDoHDvplzNP5qCOmDAGZmFQOXo%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 89cc43006dbb1961-FRA
x-sorting-hat-podid: 249

GET templates.8A3Q1f8y1j.js
searchanise-ef84.kxcdn.com/ 0
0

GET jquery-3.6.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 0
0

GET preload_data.8A3Q1f8y1j.js
searchanise-ef84.kxcdn.com/ 0
0

GET
H2 200 Primary Request firewallAccessDenied Show response
store.xecurify.com/moas/shopify/ 815 B
1 KB 473ms
132ms Document
text/html 3.212.219.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.xecurify.com/moas/shopify/firewallAccessDenied
Requested by: Host: store.xecurify.com
URL: https://store.xecurify.com/moas/rest/shopify/check?shop=candywarehouseinc.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.212.219.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-219-190.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/3.0.8 /
Resource Hash: 6cbc5e6b9e146bfadcd25ba6475212fb301b4de60c9bf8bc3233a6bbb3dd1089

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.candywarehouse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization
access-control-allow-methods: POST,GET,OPTIONS,DELETE,PUT
access-control-max-age: 3600
content-language: en
content-length: 815
content-type: text/html;charset=UTF-8
date: Tue, 02 Jul 2024 05:33:34 GMT
server: Apache/2.4.58 () OpenSSL/3.0.8

GET
H2

200

https://store.xecurify.com/moas/shopify/style.css
https://store.xecurify.com/moas/initialize
https://store.xecurify.com/moas/login

12 KB
12 KB

190ms
189ms

Stylesheet
text/html

3.212.219.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.xecurify.com/moas/login
Requested by: Host: store.xecurify.com
URL: https://store.xecurify.com/moas/shopify/firewallAccessDenied
Protocol: H2
Server: 3.212.219.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-219-190.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/3.0.8 /
Resource Hash: 21fae62b6af56c6c9c32c4151ee1c087d1a26475538b51227f33c12a5cf5d226

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://store.xecurify.com/moas/shopify/firewallAccessDenied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 05:33:35 GMT
server: Apache/2.4.58 () OpenSSL/3.0.8
access-control-max-age: 3600
access-control-allow-methods: POST,GET,OPTIONS,DELETE,PUT
content-language: en
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization

Redirect headers

date: Tue, 02 Jul 2024 05:33:35 GMT
server: Apache/2.4.58 () OpenSSL/3.0.8
access-control-max-age: 3600
access-control-allow-methods: POST,GET,OPTIONS,DELETE,PUT
content-language: en
location: /moas/login
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization
content-length: 0

GET
H2 200 w3.css
www.w3schools.com/w3css/4/ 23 KB
5 KB 398ms
31ms Stylesheet
text/css 192.229.133.221
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.w3schools.com/w3css/4/w3.css

Requested by

Host: store.xecurify.com
URL: https://store.xecurify.com/moas/shopify/firewallAccessDenied

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.221 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) / ASP.NET

Resource Hash

c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
X-Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://store.xecurify.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
content-encoding: gzip
date: Tue, 02 Jul 2024 05:33:35 GMT
last-modified: Mon, 01 Jul 2024 06:42:20 GMT
server: ECS (frb/6796)
age: 78204
etag: "0ee47d281cbda1:0+gzip"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=31536000,public
accept-ranges: bytes
content-length: 5256
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;

GET
H2 404 favicon.ico
store.xecurify.com/ 0
552 B 136ms
131ms Other
image/vnd.microsoft.icon 3.212.219.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.xecurify.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.212.219.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-219-190.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/3.0.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://store.xecurify.com/moas/shopify/firewallAccessDenied
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:33:35 GMT
server: Apache/2.4.58 () OpenSSL/3.0.8
access-control-max-age: 3600
access-control-allow-methods: POST,GET,OPTIONS,DELETE,PUT
content-type: image/vnd.microsoft.icon
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RZNRPP

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/78e627ff-d595-4a0a-a5b6-f84514d21739/accessibly-12/assets/acc-main.js

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/9679c128-060d-44e7-a513-e729eaaa02a7/glo-related-products-upsell-58/assets/globo.alsobought.min.js

Domain: widgets.turnto.com
URL: https://widgets.turnto.com/v5/widgets/pgKKi1tJis5MWYCsite/js/turnto.js

Domain: code.tidio.co
URL: https://code.tidio.co/kgahhi0m4cbvjsue85p9fpeof2exc8pd.js?extensionVersion=1.3.0

Domain: searchanise-ef84.kxcdn.com
URL: https://searchanise-ef84.kxcdn.com/templates.8A3Q1f8y1j.js

Domain: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js

Domain: searchanise-ef84.kxcdn.com
URL: https://searchanise-ef84.kxcdn.com/preload_data.8A3Q1f8y1j.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
store.xecurify.com/moas	1969-12-31 23:59:59	Name: JSESSIONID Value: a82054bd777d4c939754db4f18621ca3
www.candywarehouse.com/	1970-01-20 21:45:00	Name: keep_alive Value: 6ab0db6f-1c74-4bb4-b81d-794169321a29
www.candywarehouse.com/	1970-01-21 06:30:34	Name: secure_customer_sig Value:
www.candywarehouse.com/	1970-01-21 06:30:34	Name: localization Value: US
www.candywarehouse.com/	1970-01-20 22:05:08	Name: cart_currency Value: USD
.candywarehouse.com/	1970-01-21 06:30:34	Name: _tracking_consent Value: %7B%22con%22%3A%7B%22CMP%22%3A%7B%22a%22%3A%22%22%2C%22m%22%3A%22%22%2C%22p%22%3A%22%22%2C%22s%22%3A%22%22%7D%7D%2C%22v%22%3A%222.1%22%2C%22region%22%3A%22DE%22%2C%22reg%22%3A%22GDPR%22%7D
.candywarehouse.com/	1970-01-20 21:46:24	Name: _cmp_a Value: %7B%22purposes%22%3A%7B%22p%22%3Atrue%2C%22a%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.candywarehouse.com/	1970-01-21 06:30:34	Name: _shopify_y Value: 523c259d-641c-4f78-b81e-98632b13671b
.candywarehouse.com/	1970-01-20 21:45:00	Name: _shopify_s Value: 2f56398c-569c-492d-a586-911f1e235b28
.candywarehouse.com/	1970-01-20 22:05:08	Name: _orig_referrer Value:
.candywarehouse.com/	1970-01-20 22:05:08	Name: _landing_page Value: %2F
www.candywarehouse.com/	1969-12-31 23:59:59	Name: receive-cookie-deprecation Value: 1
.afterpay.com/	1970-01-20 21:45:00	Name: __cf_bm Value: Fd4YEN2b7ALokaea3T7YiZZb7DQ7Yh99h.7bYENrZZg-1719898414-1.0.1.1-V94L2_7uy7DFvyc660FqJO8kdiF7Xc_xI4LPd_b8zvtw.hm4agjGIHiw.mqaVkQbeUqDWKcC7x16jGx_XT7D4IfqKzVLfbpQ7wmA_2XJghw
.afterpay.com/	1969-12-31 23:59:59	Name: _cfuvid Value: gJVrTSKa83BQtnq2Qwr6SdMgrzcAls0l5LIGfc.VF.o-1719898414603-0.0.1.1-604800000
store.xecurify.com/	1970-01-20 21:55:03	Name: AWSALB Value: gqGaRG2XaJpiCKRNbgi6tpnuW5MAj2sNbJ8x3ugi4b3X7m75p65RmkSPPhIffNnkBN4Jh8wTBn11hndWbZNHPsVZ+IZ1s8PpOXfKAXAatljooXzAbALSAYcvWMrq
store.xecurify.com/	1970-01-20 21:55:03	Name: AWSALBCORS Value: gqGaRG2XaJpiCKRNbgi6tpnuW5MAj2sNbJ8x3ugi4b3X7m75p65RmkSPPhIffNnkBN4Jh8wTBn11hndWbZNHPsVZ+IZ1s8PpOXfKAXAatljooXzAbALSAYcvWMrq

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.candywarehouse.com/cart/update.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://store.xecurify.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
cdn.shopify.com
code.jquery.com
code.tidio.co
make-a-monster.com
searchanise-ef84.kxcdn.com
searchserverapi.com
shop.app
static.afterpay.com
static.klaviyo.com
store.xecurify.com
widgets.turnto.com
www.candywarehouse.com
www.w3schools.com
ajax.aspnetcdn.com
cdn.shopify.com
code.tidio.co
searchanise-ef84.kxcdn.com
static.klaviyo.com
widgets.turnto.com
15.197.225.128
184.95.45.52
192.229.133.221
23.227.38.74
2606:4700::6810:dfb3
2620:127:f00f:e::
2620:127:f00f:ff00::
2620:127:f00f:ff01::
2a04:4e42:600::649
3.212.219.190
01cf1f54304ab4b7e789be250b6af18be10a1e5e53374dd772fce9562ae5dd2a
21fae62b6af56c6c9c32c4151ee1c087d1a26475538b51227f33c12a5cf5d226
3483b757b1586ee1d1b7d03f4af6ca62c5b9e969caceca893218dd3ac787422f
4180326c8a66f760ed87ecd74b5b3dec948ce15f898e1576c70fc50003ed6e43
5a4db641e64aba04fb37b4cb9ec067c6182690d88b41d961390a4a72981599c9
611efaba058b379469b79bd0f3b8c001c08a73ed4bc1d7d17f9035dc8fbae236
6cbc5e6b9e146bfadcd25ba6475212fb301b4de60c9bf8bc3233a6bbb3dd1089
7cff72db9ac4cb08ac60c0587b43e915c6905477e5ef6aac89bfb9e2480a8342
bdac22006f59b004f0eda365219f37f97722979926f2ae448836936a704562f9
c0033c6aa9420454e9735a56a8df8ec120f50b57e762a683c95e32c00064a8dc
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
cd1131db170033a158806fa2c201313d8061df3abb205265b6aa25eb04a0a38c
cfc424a75f07312e3c7ad1e182ab7845b611398838c5db906cccc52549425ca9
d0f2e421d977757f17c8387d9eed4f425745e6460e1c5704d7219178633fe7d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

store.xecurify.com Open in urlscan Pro 3.212.219.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

73 %HTTPS

50 %IPv6

14 Domains

14 Subdomains

10 IPs

2 Countries

315 kBTransfer

1702 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

16 Cookies

2 Console Messages

store.xecurify.com Open in urlscan Pro
3.212.219.190 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

73 %
HTTPS

50 %
IPv6

14
Domains

14
Subdomains

10
IPs

2
Countries

315 kB
Transfer

1702 kB
Size

16
Cookies

33 HTTP transactions
0 data transactions