www.candydirect.com Open in urlscan Pro
2620:127:f00f:e:: Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.candydirect.com/
Effective URL:
https://www.candydirect.com/
Submission: On May 09 via api (May 9th 2024, 3:11:13 pm UTC) from US — Scanned from CA

Summary HTTP 158 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 2 countries across 24 domains to perform 158 HTTP transactions. The main IP is 2620:127:f00f:e::, located in Canada and belongs to CLOUDFLARENET, US. The main domain is www.candydirect.com. The Cisco Umbrella rank of the primary domain is 871265.
TLS certificate: Issued by R3 on April 1st 2024. Valid for: 3 months.

This is the only time www.candydirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 65	2620:127:f00f... 2620:127:f00f:e::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1 4	2620:127:f00f... 2620:127:f00f:ff00::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	169.150.236.98 169.150.236.98	60068 (CDN77 _) (CDN77 _)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::65	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4004:c21::5e	15169 (GOOGLE) (GOOGLE)
2	37.19.207.34 37.19.207.34	60068 (CDN77 _) (CDN77 _)
6	2606:4700:20:... 2606:4700:20::681a:c5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2620:127:f00f... 2620:127:f00f:ff01::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	2606:4700:310... 2606:4700:3108::ac42:2af8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.157.4.65 54.157.4.65	14618 (AMAZON-AES) (AMAZON-AES)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2607:f8b0:400... 2607:f8b0:4004:c07::65	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:727	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3466	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::6812:2889	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.111.94.218 34.111.94.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.205.33.42 23.205.33.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:219... 2600:9000:2191:dc00:1:427b:a440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:269... 2600:9000:269f:2600:3:6639:8f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f5:fe00:2:6020:4100:21	16509 (AMAZON-02) (AMAZON-02)
1	174.129.35.13 174.129.35.13	14618 (AMAZON-AES) (AMAZON-AES)
2	18.208.60.216 18.208.60.216	14618 (AMAZON-AES) (AMAZON-AES)
158	31

65 2620:127:f00f:e:: (Canada) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.candydirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
candydirect.myshopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:127:f00f:ff00:: (Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.150.236.98 (Chicago, United States)

ASN60068 (CDN77 _, GB)
PTR: 169-150-236-98.bunnyinfra.net

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::65 (Washington, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c21::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net

cdn.fera.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:c5f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.equalweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2af8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.157.4.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-4-65.compute-1.amazonaws.com

geo.bananastand.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:727 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fera.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3466 (United States)

ASN13335 (CLOUDFLARENET, US)

api0.fera.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2889 (United States)

ASN13335 (CLOUDFLARENET, US)

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.111.94.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.94.111.34.bc.googleusercontent.com

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.33.42 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-33-42.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2191:dc00:1:427b:a440:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:269f:2600:3:6639:8f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d23dclunsivw3h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f5:fe00:2:6020:4100:21 (United States)

ASN16509 (AMAZON-02, US)

d3ox8tdk614ykk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.35.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-35-13.compute-1.amazonaws.com

qab.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.60.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-60-216.compute-1.amazonaws.com

poboxblocker.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	candydirect.com 1 redirects www.candydirect.com — Cisco Umbrella Rank: 871265	931 KB
20	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2303 pay.shopify.com — Cisco Umbrella Rank: 11468	946 KB
20	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3290 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4009 fast.a.klaviyo.com — Cisco Umbrella Rank: 4251 static-forms.klaviyo.com — Cisco Umbrella Rank: 3929 a.klaviyo.com — Cisco Umbrella Rank: 3832	161 KB
6	shopifysvc.com monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 3104
6	equalweb.com cdn.equalweb.com — Cisco Umbrella Rank: 21629	29 KB
5	gstatic.com fonts.gstatic.com	128 KB
4	fera.ai cdn.fera.ai — Cisco Umbrella Rank: 62279 api.fera.ai — Cisco Umbrella Rank: 125765 api0.fera.ai — Cisco Umbrella Rank: 86466	102 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 345	14 KB
3	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5911 api.omappapi.com — Cisco Umbrella Rank: 5964	22 KB
3	shop.app 1 redirects shop.app — Cisco Umbrella Rank: 3102	6 KB
2	herokuapp.com poboxblocker.herokuapp.com — Cisco Umbrella Rank: 129801	1 KB
2	cloudfront.net d23dclunsivw3h.cloudfront.net d3ox8tdk614ykk.cloudfront.net	4 KB
2	hextom.com cdn.hextom.com — Cisco Umbrella Rank: 15856 qab.hextom.com — Cisco Umbrella Rank: 29148	14 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103	83 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	192 KB
1	myshopify.com 1 redirects candydirect.myshopify.com	1 KB
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 5623	579 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	349 B
1	bananastand.io geo.bananastand.io — Cisco Umbrella Rank: 86137	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	2 KB
1	google.com apis.google.com — Cisco Umbrella Rank: 139	21 KB
0	heliumdev.com Failed cdn-meteor.heliumdev.com Failed
158	24

	Domain	Requested by
64	www.candydirect.com	1 redirects www.candydirect.com
19	cdn.shopify.com	www.candydirect.com static.klaviyo.com
13	static.klaviyo.com	www.candydirect.com static.klaviyo.com
6	monorail-edge.shopifysvc.com	www.candydirect.com
6	cdn.equalweb.com	www.candydirect.com
5	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.candydirect.com
3	www.google-analytics.com	www.candydirect.com www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.candydirect.com
3	static-tracking.klaviyo.com	static.klaviyo.com
3	shop.app	1 redirects www.candydirect.com
2	poboxblocker.herokuapp.com	www.candydirect.com
2	a.klaviyo.com	www.candydirect.com
2	cdn.fera.ai	www.candydirect.com
2	maxcdn.bootstrapcdn.com	www.candydirect.com maxcdn.bootstrapcdn.com
2	www.googletagmanager.com	www.candydirect.com www.googletagmanager.com
2	a.omappapi.com	www.candydirect.com a.omappapi.com
1	qab.hextom.com	www.candydirect.com
1	d3ox8tdk614ykk.cloudfront.net	www.candydirect.com
1	d23dclunsivw3h.cloudfront.net	www.candydirect.com
1	cdn.hextom.com	www.candydirect.com
1	candydirect.myshopify.com	1 redirects
1	chimpstatic.com	www.candydirect.com
1	pay.shopify.com	cdn.shopify.com
1	stats.g.doubleclick.net	www.candydirect.com
1	static-forms.klaviyo.com	www.candydirect.com
1	fast.a.klaviyo.com	www.candydirect.com
1	api0.fera.ai	www.candydirect.com
1	api.fera.ai	www.candydirect.com
1	geo.bananastand.io	www.candydirect.com
1	api.omappapi.com	a.omappapi.com
1	cdnjs.cloudflare.com	www.candydirect.com
1	apis.google.com	www.candydirect.com
0	cdn-meteor.heliumdev.com Failed	www.candydirect.com
158	34

This site contains links to these domains. Also see Links.

Domain
www.shopify.com

Subject Issuer	Validity	Valid
www.candydirect.com R3	`2024-04-01` - `2024-06-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
shop.app E1	`2024-03-27` - `2024-06-25`	3 months	crt.sh
static.klaviyo.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
a.omappapi.com R3	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
cdn.fera.ai R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh
equalweb.com E1	`2024-03-31` - `2024-06-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
cdn.shopify.com E1	`2024-05-03` - `2024-08-01`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
omappapi.com GTS CA 1P5	`2024-04-18` - `2024-07-17`	3 months	crt.sh
geo.bananastand.io R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
fera.ai E1	`2024-04-26` - `2024-07-25`	3 months	crt.sh
fast.a.klaviyo.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
static-forms.klaviyo.com R3	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
pay.shopify.com E1	`2024-03-16` - `2024-06-14`	3 months	crt.sh
monorail-edge-gateway-east.shopifycloud.com R3	`2024-03-14` - `2024-06-12`	3 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.hextom.com Amazon RSA 2048 M03	`2024-02-15` - `2025-03-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.herokuapp.com Amazon RSA 2048 M02	`2024-03-02` - `2025-03-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.candydirect.com/
Frame ID: A7896A3758D46537D7C3A7C3CCC44D9E
Requests: 155 HTTP requests in this frame

Frame: https://www.candydirect.com/wpm@a144381aw75357604p183e4578m1913cbd7/custom/web-pixel-shopify-custom-pixel@064/sandbox/modern/
Frame ID: 856DB0DB2942C7D9E1DB04A29E6D7675
Requests: 1 HTTP requests in this frame

Frame: https://pay.shopify.com/pay/sdk-authorize?target_origin=https%3A%2F%2Fwww.candydirect.com&flow=discount&flow_version=EMAIL_CAPTURE&locale=en&analytics_trace_id=b5592925-1039-4544-b886-e9cd5182cfe0&phone_capture=false&save_discount_at=authorize-success&response_mode=form_post&scope=openid+pay%3Asession_token+email+phone%3Averified&response_type=id_token&client_id=00aecd32-5037-4c17-a42f-eeadc8759770&redirect_uri=https%3A%2F%2Fwww.candydirect.com%2Fservices%2Flogin_with_shop%2Fcallback&state=TTBFTFBId09TeXZoalltQ1NFb0w1YmZBRWNCMWhRTHZ6a1RtbzNudnJFbWhpbGsybGkzeFovdE5RcEQrSkdLU0NHWGMzMmlzVUwzZ1JKK0ZZZllnYkVBWWpNNFZjaGJlK2FVWGJtNk4zYUhGUDlXaVRjQlJDZlA2TnA4UXBHOEFoTzBUNm1mbXdLY3NDQjNvbTNmUGcrb0tqSnFKMnRKdWVuL2doaFE5bTNPVDJQY1dBa3V2T05FdXkxeUQzOXVxQXBWaHlHazNyOFhlaG4rU2FONjhtN2MrUnpsZjRLOENZTG4zRjI0a1labFU2TTNjc0d5WWFETEZDUmMwUTc3TUF5TnRnVUszQXU3d1prUStJQUppNzI2bloyMjdRMWNMekJUbDR1UWZGcGJaR0JnTmY4V21hOFB4LzNkSkVKRElHb3BRWDgrVkdaUVpmWTRuckoxaVA2bUFRaU9ua0RLMGNGSXlEVkpwcHhFRXg2V2xLazhwZGtxTDErTy81NlRCdXM5U0J3b0FucXhJeTJtRU95OTIwaFBUNFJ6T2hwR2daS2xqdm9mQ0N5Um1QSUJmd3ZGc1Z6QitLOHAweEFRZjZNQkoxWEpFRlZMalprNU9VWlVIRHc9PS0tc3ZqSU8zTk00Y2VDUEU2M1d1VHdMUT09--89d44c48b2462dd6451f02f2ba163a11f6e572c6&require_verification=false&uniq_token=74bda804-2a40-49a7-9e05-0bff7bd15e4b&visit_token=d64e59db-2a9c-42a7-a686-4f8d658e604b&nonce=TKrMcFtJAJMfp4VN-HUMFNxL
Frame ID: 43BA3294702765554303B6172C09EBAA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CandyDirect.com - Oldest Online Candy Store

Page URL History Show full URLs

http://www.candydirect.com/ HTTP 307
https://www.candydirect.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

EqualWeb (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.equalweb\.com.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

97 %
HTTPS

67 %
IPv6

24
Domains

34
Subdomains

31
IPs

2
Countries

2678 kB
Transfer

4969 kB
Size

29
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.shopify.com/?utm_campaign=poweredby&utm_medium=shopify&utm_source=onlinestore
Title: Powered by Shopify

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.candydirect.com/ HTTP 307
https://www.candydirect.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://www.candydirect.com/services/login_with_shop/authorize?target_origin=https%3A%2F%2Fwww.candydirect.com&api_key=5edd9000b933a8fa88c152d1e498531f&flow=discount&flow_version=EMAIL_CAPTURE&locale=en&analytics_trace_id=b5592925-1039-4544-b886-e9cd5182cfe0&phone_capture=false&save_discount_at=authorize-success HTTP 302
https://shop.app/pay/sdk-session?target_origin=https%3A%2F%2Fwww.candydirect.com&flow=discount&flow_version=EMAIL_CAPTURE&locale=en&analytics_trace_id=b5592925-1039-4544-b886-e9cd5182cfe0&phone_capture=false&save_discount_at=authorize-success&response_mode=form_post&scope=openid+pay%3Asession_token+email+phone%3Averified&response_type=id_token&client_id=00aecd32-5037-4c17-a42f-eeadc8759770&redirect_uri=https%3A%2F%2Fwww.candydirect.com%2Fservices%2Flogin_with_shop%2Fcallback&state=TTBFTFBId09TeXZoalltQ1NFb0w1YmZBRWNCMWhRTHZ6a1RtbzNudnJFbWhpbGsybGkzeFovdE5RcEQrSkdLU0NHWGMzMmlzVUwzZ1JKK0ZZZllnYkVBWWpNNFZjaGJlK2FVWGJtNk4zYUhGUDlXaVRjQlJDZlA2TnA4UXBHOEFoTzBUNm1mbXdLY3NDQjNvbTNmUGcrb0tqSnFKMnRKdWVuL2doaFE5bTNPVDJQY1dBa3V2T05FdXkxeUQzOXVxQXBWaHlHazNyOFhlaG4rU2FONjhtN2MrUnpsZjRLOENZTG4zRjI0a1labFU2TTNjc0d5WWFETEZDUmMwUTc3TUF5TnRnVUszQXU3d1prUStJQUppNzI2bloyMjdRMWNMekJUbDR1UWZGcGJaR0JnTmY4V21hOFB4LzNkSkVKRElHb3BRWDgrVkdaUVpmWTRuckoxaVA2bUFRaU9ua0RLMGNGSXlEVkpwcHhFRXg2V2xLazhwZGtxTDErTy81NlRCdXM5U0J3b0FucXhJeTJtRU95OTIwaFBUNFJ6T2hwR2daS2xqdm9mQ0N5Um1QSUJmd3ZGc1Z6QitLOHAweEFRZjZNQkoxWEpFRlZMalprNU9VWlVIRHc9PS0tc3ZqSU8zTk00Y2VDUEU2M1d1VHdMUT09--89d44c48b2462dd6451f02f2ba163a11f6e572c6&require_verification=false&uniq_token=74bda804-2a40-49a7-9e05-0bff7bd15e4b&visit_token=d64e59db-2a9c-42a7-a686-4f8d658e604b&nonce=TKrMcFtJAJMfp4VN-HUMFNxL HTTP 302
https://pay.shopify.com/pay/sdk-authorize?target_origin=https%3A%2F%2Fwww.candydirect.com&flow=discount&flow_version=EMAIL_CAPTURE&locale=en&analytics_trace_id=b5592925-1039-4544-b886-e9cd5182cfe0&phone_capture=false&save_discount_at=authorize-success&response_mode=form_post&scope=openid+pay%3Asession_token+email+phone%3Averified&response_type=id_token&client_id=00aecd32-5037-4c17-a42f-eeadc8759770&redirect_uri=https%3A%2F%2Fwww.candydirect.com%2Fservices%2Flogin_with_shop%2Fcallback&state=TTBFTFBId09TeXZoalltQ1NFb0w1YmZBRWNCMWhRTHZ6a1RtbzNudnJFbWhpbGsybGkzeFovdE5RcEQrSkdLU0NHWGMzMmlzVUwzZ1JKK0ZZZllnYkVBWWpNNFZjaGJlK2FVWGJtNk4zYUhGUDlXaVRjQlJDZlA2TnA4UXBHOEFoTzBUNm1mbXdLY3NDQjNvbTNmUGcrb0tqSnFKMnRKdWVuL2doaFE5bTNPVDJQY1dBa3V2T05FdXkxeUQzOXVxQXBWaHlHazNyOFhlaG4rU2FONjhtN2MrUnpsZjRLOENZTG4zRjI0a1labFU2TTNjc0d5WWFETEZDUmMwUTc3TUF5TnRnVUszQXU3d1prUStJQUppNzI2bloyMjdRMWNMekJUbDR1UWZGcGJaR0JnTmY4V21hOFB4LzNkSkVKRElHb3BRWDgrVkdaUVpmWTRuckoxaVA2bUFRaU9ua0RLMGNGSXlEVkpwcHhFRXg2V2xLazhwZGtxTDErTy81NlRCdXM5U0J3b0FucXhJeTJtRU95OTIwaFBUNFJ6T2hwR2daS2xqdm9mQ0N5Um1QSUJmd3ZGc1Z6QitLOHAweEFRZjZNQkoxWEpFRlZMalprNU9VWlVIRHc9PS0tc3ZqSU8zTk00Y2VDUEU2M1d1VHdMUT09--89d44c48b2462dd6451f02f2ba163a11f6e572c6&require_verification=false&uniq_token=74bda804-2a40-49a7-9e05-0bff7bd15e4b&visit_token=d64e59db-2a9c-42a7-a686-4f8d658e604b&nonce=TKrMcFtJAJMfp4VN-HUMFNxL

Request Chain 133

https://candydirect.myshopify.com/apps/litefy/js/main-js?shop=candydirect.myshopify.com HTTP 301
https://www.candydirect.com/apps/litefy/js/main-js?shop=candydirect.myshopify.com

158 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.candydirect.com/
Redirect Chain

http://www.candydirect.com/
https://www.candydirect.com/

485 KB
79 KB

856ms
442ms

Document
text/html

2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb71883e245fc15c8cdef6af65cf3e9583a702a19b5e1a5a391d7390bd9dcc69

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88129ea0dfffab63-YYZ
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 15:11:01 GMT
etag: "cacheable:a1124d42e3be132a8e3ad7456e7d7f8e"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Yl%2BrlVSKiedIFS62SpQafAshvv6tXFQCb9AFZsXVuEEedUTm%2B4DOCOirVOKWno7u7lf4OCTibKyQMQQ3276gS9LIZcnTKI9rjHEroC0EqniBsiyvI5O6YCufTW5Qsm0lTxSf5OT1DtcstMJlOvOLFU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=267;desc="gc:62", db;dur=63, parse;dur=5, render;dur=116, wasm, asn;desc="577", edge;desc="YYZ", country;desc="CA", theme;desc="83847708732", pageType;desc="index", servedBy;desc="grmh", requestID;desc="e91cc87b-ec5c-49b1-8390-0a1299887834-1715267461" cfRequestDuration;dur=337.999821 ipv6
strict-transport-security: max-age=7889238
vary: Accept
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: e91cc87b-ec5c-49b1-8390-0a1299887834-1715267461
x-shardid: 316
x-shopid: 545226812
x-sorting-hat-podid: 316
x-sorting-hat-shopid: 545226812
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.candydirect.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 theme.scss.css
www.candydirect.com/cdn/shop/t/15/assets/ 116 KB
22 KB 185ms
182ms Stylesheet
text/css 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/theme.scss.css?v=120739948295413352581686689238

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6236a7410710599bc88dae7964063a20bf36c16882b313d29fe1d332cd5ef88a

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=1042.624, imageryFetch;dur=173.165, imageryProcess;dur=834.948;desc="scss", cfRequestDuration;dur=69.000006, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 21799
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: dc41f341-bbcf-44b3-8acc-df35335300fd-1714765909
last-modified: Fri, 03 May 2024 19:51:50 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IhuL7pBrEbdLa3RXdtsyifxVOYB9%2B75fN4kjEFS%2FDCJerGDbhPcH%2BFdYL%2FkQem9nj9M5o4xUb7hGf8sUCPcrMqoYU2lFr5UL2VNWYMJIsNnF8xwxcojpyybvZIk7wQIVp00roFnh4dmlZmJHMDqD9EA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 88129ea59d63ab63-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/t/15/assets/theme.scss.css>; rel="canonical"
x-sorting-hat-podid: 316

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1005 B 555ms
149ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,700

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b161bff030bb7d9d7128fd5902566ab087e590bc341fa81ff07205ae6d31b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 May 2024 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 May 2024 14:58:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 May 2024 15:11:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 725 B
448 B 558ms
152ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

181332276dd0c0bd527c598cbc42dc34a6d0be9120b37e615d3b9202e25f95e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 May 2024 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 May 2024 14:15:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 May 2024 15:11:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 556ms
150ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4e544b010077ceacf159dfdf566b37d06f8ab3c151e9561720e392b8f1ea38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 May 2024 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 May 2024 14:17:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 May 2024 15:11:02 GMT

GET meteor.js
cdn-meteor.heliumdev.com/embed/3.2.0/ 0
0

GET
H3 200 preloads.js Show response
www.candydirect.com/checkouts/internal/ 4 KB
2 KB 310ms
308ms Script
application/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d541333555955c914fb9f228f4197c17125749e875b1dbd7b4db2163f64b1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
server-timing: cfRequestDuration;dur=173.000097, ipv6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmQ%2FYyDqqUfXcUnLbmIsKC2ZLiwW8IFf9I145Do%2BhXMG9CtcvYMVM3bzIhPqGS14yJvgwHs3lB8pScWWpp7jIecQLscc4zyK%2BJ4y3YzZqMTqSHeXDslgt30aB%2Frkym%2FNWQGB8VfK0YklXVpVc9lIprs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; encoding=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
timing-allow-origin: *
cf-ray: 88129eac3e5e5491-YYZ

GET
H2 200 preloads.js Show response
shop.app/checkouts/internal/ 0
555 B 565ms
189ms Script
application/javascript 2620:127:f00f:ff00::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/checkouts/internal/preloads.js?locale=en-CA&shop_id=545226812

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff00:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=if0TTNU1ByroqktD2xtFzsHLvw9RjjPwfX%2BOZ9IChRLFIyAaarP9JR%2B6Ob7BW6lArtG09QiWDc6sFGHomDBDsDZqjZ4AyMvm%2F9Y8I5WWw%2Bc%2F%2FKEQMJykBzlfePvBGO6lVK5OWEJ2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
server-timing: cfRequestDuration;dur=12.000084, ipv6
timing-allow-origin: *
cf-ray: 88129eae98a2aac8-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js Show response
www.candydirect.com/cdn/shopifycloud/shopify/assets/storefront/ 12 KB
4 KB 117ms
115ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 495786
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=47.606, imageryFetch;dur=22.130, cfRequestDuration;dur=12.000084, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 3324
x-xss-protection: 1; mode=block
x-request-id: 6c408abd-3d9c-414b-9b8e-ca40a55a22d1-1714771676
last-modified: Fri, 03 May 2024 21:27:56 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GHTRL75fUhMh137a1M9O1K3%2BA8cG41oNh%2BtyUOw6u9rcWcQeJidIHGeMU7pgasxNDloE1H%2FtsEMsb%2FHxFKWd6dH7f5jBJbBDys9ktCele5SSYsCliNjzAkRIL3smN64NHpQRuokTYC7W7Yfec2eGbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 88129eac3e5f5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js Show response
www.candydirect.com/cdn/shopifycloud/shopify/assets/shopify_pay/ 51 KB
19 KB 113ms
112ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js?v=20220906

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 517070
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=48.682, imageryFetch;dur=23.601, cfRequestDuration;dur=14.000177, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 18677
x-xss-protection: 1; mode=block
x-request-id: 7fae61af-750c-4521-adc4-1125d2c85711-1714750393
last-modified: Fri, 03 May 2024 15:33:13 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMqzSX49ucCsvPWsRlHaj%2BnV6yJhNotUllMYZ60cbJ%2BSiLpCtB1cjCg9hQWYlz2IYerZxYE1k%2BVhcSbrXDxXUkFoTBuRDyZMs6jVP%2FHuLhK3NY6VBNQu1L6YBF7CImEuE7bG8%2Fe9cDEnO6E4hEshN1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 88129eae2fa75491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js Show response
www.candydirect.com/cdn/shopifycloud/shopify/assets/storefront/ 37 KB
13 KB 113ms
113ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 494729
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=45.037, imageryFetch;dur=22.701, cfRequestDuration;dur=14.999866, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 12292
x-xss-protection: 1; mode=block
x-request-id: dda4bbd4-df07-4bb8-93f4-d595c7f6f8c9-1714772734
last-modified: Fri, 03 May 2024 21:45:34 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TWKNEOprdBLSO0OUw0cBuLENm63vpJoF%2F2gu6%2BRNIJpyzRpWE7v%2FsPcyOS4c87nTZVkoOCKubEqTy%2Fm1IAUKQD36xWVr5kx38lWAWIYaT0J5%2BYJccAPPDfjA8dxtcnxdw8n%2FgFqh%2FcJivvLZfjs9yXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 88129eae3fab5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 jquery-2.2.3.min.js Show response
www.candydirect.com/cdn/shop/t/15/assets/ 84 KB
29 KB 194ms
193ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/jquery-2.2.3.min.js?v=58211863146907186831611685899

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=75.247, imageryFetch;dur=55.033, cfRequestDuration;dur=73.999882, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 28968
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 2ab57b30-4d3e-429e-8e3f-f64245b04ead-1714763029
last-modified: Fri, 03 May 2024 19:03:49 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFtkrxzr7G%2FdoEbizXbq35GM4Fmprei9oGMQigYNq3rTYLo1hjDqbz59UkfsdeWyrNj1oLsNGtE%2FN%2FVF0lxjGin00CRfZRaZweaQ%2FxcjdnIjQJos3CZXn0MJjx4nUlYZl9cAI4gNdpSwILpncuOaO64%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 88129ea59d69ab63-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/t/15/assets/jquery-2.2.3.min.js>; rel="canonical"
x-sorting-hat-podid: 316

GET
H3 200 lazysizes.min.js Show response
www.candydirect.com/cdn/shop/t/15/assets/ 21 KB
8 KB 211ms
210ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/lazysizes.min.js?v=8147953233334221341611685900

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32bdd920f4c76736a77c4e2493b7a8a1586adf891f6b22aef65a9f550b3c9100

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=187.810, imageryFetch;dur=79.288, cfRequestDuration;dur=58.000088, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 7274
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 2e963311-4fa1-4ab0-adf8-71d0acf19574-1714753685
last-modified: Fri, 03 May 2024 16:28:05 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol7HP6zhZgKNOB4SLqKKllMABXZ37abfE%2Fp2h75xEwxppH9i0tcrEZyU%2BitRA6ARb0tBEVgB%2Ft8zAq2IzqqReWOKzLD0G8azh%2B63Wt7lkTP3Rd8ntdKJum9FT0G0Nyh9mlEMMl%2B%2B1LMOeqnVGBnQ%2F4w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 88129eae3fac5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/t/15/assets/lazysizes.min.js>; rel="canonical"
x-sorting-hat-podid: 316

GET
H3 200 vendor.js Show response
www.candydirect.com/cdn/shop/t/15/assets/ 121 KB
38 KB 141ms
141ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/vendor.js?v=36233103725173156861611685910

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1150d4271819752a2517079db4634dda7e034359c1691af25a55c8a3a54294e1

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=214.474, imageryFetch;dur=135.656, cfRequestDuration;dur=42.000055, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 38369
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 49e47758-8d84-4fac-b413-797bcbcdfa94-1714769025
last-modified: Fri, 03 May 2024 20:43:46 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTI3kxsorhtfB9rQMBckksCp29tSIGjxqN2%2FC7NSvhc7Ojv2sWkDs91JaKjlM0XSyq%2BTYbCEwtiF%2FBap1lyWXVZPn8IY9p6zusVzXbSS0kPslyci7RRiP7Zfw%2BTgoAUzoB9M85khzFak8ww7LgfgkzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 88129eae3fad5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/t/15/assets/vendor.js>; rel="canonical"
x-sorting-hat-podid: 316

GET
H3 200 theme.js Show response
www.candydirect.com/cdn/shop/t/15/assets/ 55 KB
15 KB 121ms
120ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/theme.js?v=93773388993562967121611685924

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74039bad28b87a629ad9b93724257f59183cdd2daf42eeab7abe1152e1e20cf9

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
age: 74534
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=109.999, imageryFetch;dur=81.396, cfRequestDuration;dur=21.000147, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 14070
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 86679c61-336a-4eec-9df1-e081915f1d5c-1714760823
last-modified: Fri, 03 May 2024 18:27:04 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNF%2B9L9GZ1gHAGC1k5APR7cxBNJbTTWNSMTVa4tjScdVzgye%2BUxXosWphUPBzR7SwdVHHKmcm0x3vZW6WiiUOZF5VwVtehGLQDpd3oIS7ns1SR04iK%2FZhJYzi6MPVYZp5KU1t04twLmQrWgBF%2FyzU4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 88129eaed81a5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/t/15/assets/theme.js>; rel="canonical"
x-sorting-hat-podid: 316

GET
H2 200 v3globomenu.css
www.candydirect.com/cdn/shop/t/15/assets/ 69 KB
10 KB 155ms
154ms Stylesheet
text/css 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/v3globomenu.css?v=84533941112669599111677584624

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c00f534747c0a86072f771a7dfbd2cac81168981431c34a43275805b58d98c04

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=119.071, imageryFetch;dur=92.976, cfRequestDuration;dur=55.999994, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 9088
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 09ed0026-e9a7-4dcf-bb99-60b62b25bd62-1714760495
last-modified: Fri, 03 May 2024 18:21:35 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RL2L2hW8v0KxlEEN92AGcbhoc2%2FnAH9aDj2u7hR33M1oXLhbLqJHE2R4rkT8%2BATlJ7prZz7y8rKUljADxXPVpa%2FBLK3TIh4NmkP0uJa5h5h8CSBb%2B%2B%2FSwh3DdN3im86%2BoCjMr%2FItGOfR6c3nMI5jpUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 88129ea59d68ab63-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/t/15/assets/v3globomenu.css>; rel="canonical"
x-sorting-hat-podid: 316

GET
H2 200 v3globomenu.js Show response
www.candydirect.com/cdn/shop/t/15/assets/ 147 KB
45 KB 163ms
162ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/v3globomenu.js?v=121407563990150031811677584625

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

899f135ac7737be1e96189440a75632cc6e7bcacfed3bb5e5363e5a27aac21a7

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=208.463, imageryFetch;dur=112.465, cfRequestDuration;dur=62.999964, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 45617
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 7d7127af-5c78-4c16-a557-818e0e8b7b2e-1714759398
last-modified: Fri, 03 May 2024 18:03:18 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMzT2SPmas4fyPcjTdFfzBTC9D9P3cpcQsx9viveukydTnZT5YgXbfikFIRhfiYcFB4aiCUU1x8o%2BTWfVKt4fOvdHIiffbb7k7spinN2vUpcOsIOoY9xhllGDHceZm9sccDalbG4%2BQfOWvZ1AUB%2FQ4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 88129ea59d6bab63-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/t/15/assets/v3globomenu.js>; rel="canonical"
x-sorting-hat-podid: 316

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 4 KB
2 KB 364ms
79ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c73f179788585447ec4a0a9d21da2882424b6c5d00d2649d96257f2e38c44845

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; report-uri /csp/

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; report-uri /csp/
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:03 GMT
age: 4567
x-cache: HIT, HIT
content-length: 1281
x-served-by: cache-lga21929-LGA, cache-yyz4539-YYZ
server: nginx
x-timer: S1715267464.782352,VS0,VE1
etag: "41a7de6bdfe125a1d889d65d51e0364f"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
content-type: application/javascript
vary: Accept-Encoding
x-resp-is-stale: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 19, 0

GET
H3 200 CandyDirect-home-slideshow-narrow_300x.jpg
www.candydirect.com/cdn/shop/files/ 10 KB
11 KB 163ms
162ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/files/CandyDirect-home-slideshow-narrow_300x.jpg?v=1613734498

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a8f2c0d50bdfa9becf079c24add122000c3fd1f727923d17a361497086fef6

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:02 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=328.952, imageryFetch;dur=45.953, imageryProcess;dur=282.111;desc="image", cfRequestDuration;dur=53.999901, ipv6
source-length: 157088
content-length: 10268
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 66ce1e81-08ee-4fed-81a3-2aaf0fd4b0d3-1714762171
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 18:49:31 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UKrmRGHIEu8%2BrijKQVPzBVpJEch7FM3R0a1p3CSFtung6SJtAop3V4bWr5cJ0oi0vyOU0RFyceWDyHEvd9sXsjAovh0cFzU7iUZhmsJD4yJ%2BS5BFmQE5kLZ5Fnh2KktTv%2FFNl%2B5l7rKq6JM%2B4uza5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129ea90c2d5491-YYZ
x-sorting-hat-podid: 316

GET meteor.css
cdn-meteor.heliumdev.com/embed/3.2.0/ 0
0

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 51 KB
18 KB 405ms
86ms Script
application/javascript 169.150.236.98
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.236.98 Chicago, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-236-98.bunnyinfra.net
Software: BunnyCDN-IL1-1068 /
Resource Hash: 99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
cdn-edgestorageid: 718
perma-cache: HIT
cdn-storageserver: NY-268
cdn-cachedat: 05/09/2024 03:33:41
cdn-pullzone: 293267
last-modified: Mon, 15 Apr 2024 18:01:26 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 388
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"661d6b76-cc60"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d03fd8e8706a5f02f4234bbfad8918de
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 platform.js Show response
apis.google.com/js/ 55 KB
21 KB 518ms
125ms Script
text/javascript 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=renderBadge

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcd8d3f8ffadcc1c14443eb2cd1f7cf25670330115d3ef04f27154ffaffc5cbe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 May 2024 15:11:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "7a1c793903f14d09"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 15:11:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
88 KB 560ms
146ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZVNXG

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

268dc7e887fee1abf2441f4acf2f253f6b3f657dffecd555b2dca4f01baab352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 May 2024 15:11:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
483 B 134ms
132ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700|Lato:400

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/shop/t/15/assets/v3globomenu.css?v=84533941112669599111677584624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 May 2024 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 May 2024 14:57:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 May 2024 15:11:02 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 478ms
128ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/shop/t/15/assets/v3globomenu.css?v=84533941112669599111677584624

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 864847
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 88129eab4ff0abf4-YYZ
cdn-requestpullsuccess: True

GET
H3 200 ba144381aw75357604p183e4578m1913cbd7m.js Show response
www.candydirect.com/cdn/wpm/ 78 KB
27 KB 118ms
117ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c44b167b1dfb5874df43cc90b4e035a7b1f89e7642e705d0424fc0bbd5d8c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 4084
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=85.798, imageryFetch;dur=61.118, cfRequestDuration;dur=14.999866, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 27076
x-xss-protection: 1; mode=block
x-request-id: b6406a6d-4b2c-485e-b138-f1569a428036-1715263375
last-modified: Thu, 09 May 2024 14:02:55 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXizeqbECEd1Rf0dGsvAMz4CNxuo3cJMYaq8pWUA%2B9SP9ZQr5FkhilQ%2Bopp294VJwB2zhJikPOUdYHCDNF8GLQKBS9N33zIKk5HBreZaqeQNIY5Spyd1fL7LzeQKn9sysbzgWGKT944h4EIaDzKs7u8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88129eb46c4c5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/wpm/ba144381aw75357604p183e4578m1913cbd7m.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 trekkie.storefront.dd626a6a6fbdab104f8779acc4331c330134c832.min.js Show response
www.candydirect.com/cdn/s/ 113 KB
24 KB 116ms
115ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/s/trekkie.storefront.dd626a6a6fbdab104f8779acc4331c330134c832.min.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43d03e3a26f3e486d60a35e6902123f372c5402f035995d665f73eabdf2a8813

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
age: 511817
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=93.137, imageryFetch;dur=67.717, cfRequestDuration;dur=13.999939, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 24134
x-xss-protection: 1; mode=block
x-request-id: 0303ab95-d62a-4b42-b24f-844964642c7a-1714755647
last-modified: Thu, 02 May 2024 16:46:07 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4Aq%2FZOf95ecGsBptkah05s1EoYc3B2Ay7b1aGCNppTID%2BX6f0tHdABqzuPH8p7yY3k3f%2FcybEqXmFPxEPYbD%2Fmzjo81ChquGGlHWebmZX7McPznuwMrVW80ze8jDTaFzjuEyoxxXd5pBI2dUS%2Fu%2BPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88129eb46c4d5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.dd626a6a6fbdab104f8779acc4331c330134c832.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js Show response
www.candydirect.com/cdn/shopifycloud/shopify/assets/ 8 KB
3 KB 113ms
112ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 489961
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=54.625, imageryFetch;dur=34.745, cfRequestDuration;dur=13.000011, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 2640
x-xss-protection: 1; mode=block
x-request-id: 8fab9b1c-8f53-4bb7-81bc-9ebf86969b7e-1714777502
last-modified: Mon, 11 Mar 2024 18:35:13 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpwKfVE1B4oedScB%2BsPUBPIcwZSwNXn0gLuFk4C2pjEjSxpMH0WxFsITwMmjJBvw4coE0iPAiFX9jJW9hHKGNIk4YM0GBDg9dUrAkcjzlr9RaE64KQHnYlxxx3q2Ch88LZQTZIq8MiBrDyLALgwL%2Fz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 88129eb51cc45491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shopify-boomerang-1.0.0.min.js Show response
www.candydirect.com/cdn/shopifycloud/boomerang/ 58 KB
18 KB 119ms
118ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 507045
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=52.347, imageryFetch;dur=40.521, cfRequestDuration;dur=13.999939, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 17459
x-xss-protection: 1; mode=block
x-request-id: 62045392-ee8b-41c8-acb9-b0ad55719d5b-1714760418
last-modified: Fri, 03 May 2024 18:20:18 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6b57bxwzW8KZQ2OHlcDfOV2TcPGom4AEdjjq3ihsqGcOV7zVajmSRJyQW3ENw2HrqGjT0e3FHRBgCKAB3DuA9YkFudNsHTdFOJUcXv4IEK9F9i%2FkBM0AkwefVGuqMbRC3MdIG6ZNeqUkoD05Ou4LCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
cf-ray: 88129eac3e5c5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET meteor.css
cdn-meteor.heliumdev.com/embed/3.2.0/ 0
0

GET
H3 200 header-bg-5.jpg
www.candydirect.com/cdn/shop/t/15/assets/ 39 KB
40 KB 174ms
173ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/header-bg-5.jpg?v=35416962142223560911611685895

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/shop/t/15/assets/theme.scss.css?v=120739948295413352581686689238

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a5f4bc9369dcc8dea6b49803e6c7d3a11c507b8c0b8b4a6f7a6047592d6e2ca

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/cdn/shop/t/15/assets/theme.scss.css?v=120739948295413352581686689238
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=335.646, imageryFetch;dur=158.312, imageryProcess;dur=176.671;desc="image", cfRequestDuration;dur=41.000128, ipv6
source-length: 123174
content-length: 39780
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 81b6621c-ad56-443d-80a4-f1dc53699525-1714753741
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 16:29:02 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTjz40NvJv%2BIkQGzCcH4AD5KD0df1gwCC747T%2FWsp5Qn0brsJ1g25Okrn4MRj2uby9tx5HIbS%2FWAXD7P6FoWI3CipAF%2Bo0QONUbcHiBEAbo0YEQc%2BHXUJFm0MFq4peXzw7a7gzKhnTDPxfWDe60Ee%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eac7e8e5491-YYZ
x-sorting-hat-podid: 316

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 633ms
242ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 04:55:15 GMT
x-content-type-options: nosniff
age: 36951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 May 2025 04:55:15 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 523ms
134ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 12:53:35 GMT
x-content-type-options: nosniff
age: 94651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 May 2025 12:53:35 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 580ms
191ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 05:16:17 GMT
x-content-type-options: nosniff
age: 35689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 May 2025 05:16:17 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 633ms
253ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 04:58:44 GMT
x-content-type-options: nosniff
age: 36742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 May 2025 04:58:44 GMT

GET
H2 200 fera.js Show response
cdn.fera.ai/js/ 349 KB
98 KB 602ms
230ms XHR
application/javascript 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fera.ai/js/fera.js?shop=candydirect.myshopify.com

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

37-19-207-34.bunnyinfra.net

Software

BunnyCDN-ASB1-925 /

Resource Hash

575c2b6df776713764435cbd2dba53ef88ec7d463ffcac05c78210aa6d91b458

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .fera.ai fera.ai .fera.reviews .fera.review .fera.to .shopify.com .myshopify.com .mybigcommerce.com .bigcommerce.com .wix.com .editorx.com .luckyorange.com admin.shopify.com .fera.review
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' *.fera.ai fera.ai *.fera.reviews *.fera.review *.fera.to *.shopify.com *.myshopify.com *.mybigcommerce.com *.bigcommerce.com *.wix.com *.editorx.com *.luckyorange.com admin.shopify.com *.fera.review
content-encoding: br
x-permitted-cross-domain-policies: none
cdn-pullzone: 1548962
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1715267443&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=88gX8ZLAfx5McxDI2kgK7dj1W23XqwrYi2VbjGTzX0E%3D
referrer-policy: strict-origin-when-cross-origin
cdn-proxyver: 1.04
etag: W/"0b8a69d79d2a5f30231daffde4446d41"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date: Thu, 09 May 2024 15:11:04 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cdn-edgestorageid: 925
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="Not used"
cdn-cachedat: 05/09/2024 15:11:03
cdn-tag: store-107982/assets
alt-svc: h3=":443"
x-xss-protection: 1; mode=block
x-request-id: 6e5b8d69-b39a-42ed-af8a-2ce37a4ca767
x-runtime: 0.022566
server: BunnyCDN-ASB1-925
cdn-requestpullcode: 200
x-download-options: noopen
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715267443&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=88gX8ZLAfx5McxDI2kgK7dj1W23XqwrYi2VbjGTzX0E%3D"}]}
cdn-uid: a4c88a4a-0c95-4e94-951a-df19ca9d982a
cdn-requestid: 0c97c83c3b2c96a6d85d61d13869cedb
cf-ray: 88129e33cb229ebe-CDG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 accessibility.js Show response
cdn.equalweb.com/core/2.1.10/ 36 KB
13 KB 472ms
107ms Script
application/javascript 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/core/2.1.10/accessibility.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456bc140b3800bfa8705990bec075ebbf1c795e6c54d4678e597f6fb1988c76e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-security-policy: default-src 'self' ;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
age: 76813
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Jan 2021 11:02:24 GMT
server: cloudflare
etag: W/"2467d6a1be4d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBifBRJ%2BXtGB8gCEOInvil6WPUxHDwbwnwn82lVJVW1S6fP5y%2BcdapqTD7FpNdT1kWclGVwZdOflljlTL6Q7%2FhEiDpSo1PP6w6yKqw2pwulyvkDQvbGXo8GbRIAhOvp6HAQ2tbPwRv1rK6OMB5c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: CA
cf-ray: 88129eb75a8bab24-YYZ

GET
H2 200 session Show response
shop.app/pay/ 18 B
2 KB 547ms
189ms Fetch
application/json 2620:127:f00f:ff00::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1&token=74bda804-2a40-49a7-9e05-0bff7bd15e4b&shop_id=545226812

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js?v=20220906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff00:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://.hcaptcha.com; frame-ancestors admin.shopify.com https: .myshopify.com admin.shopify.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=91.999769, ipv6
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.candydirect.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-frame-options: DENY
x-robots-tag: noindex
date: Thu, 09 May 2024 15:11:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
p3p: CP="Not used"
alt-svc: h3=":443"; ma=86400
content-length: 18
x-xss-protection: 1; mode=block
x-request-id: 405cd0b5-7649-4da0-ab5b-aeeb1b6daf22-1715267463
x-runtime: 0.003862
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=orrcjUctZGV%2FH0FFg1m9wi7kaqylVamklz%2FwJjTv9ESVetCDJj4npO3fV06v11YsRmP9pUmeKGZu8pBRjBefQicwo4XjCBm%2FWToNgVJ3l6oCKFSHG87YZKVRdZUZJ2DhL%2BGh6ifi"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 88129eb16dc6ac5d-YYZ
x-sorting-hat-podid: -1

GET
H3 200 logo-v5_360x.png
www.candydirect.com/cdn/shop/files/ 23 KB
23 KB 240ms
238ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/files/logo-v5_360x.png?v=1613733872

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91aa9f564a3406a538e30f33cb38d95562b4a74e61a682f2872300841981d482

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/png
server-timing: imagery;dur=728.163, imageryFetch;dur=87.820, imageryProcess;dur=639.275;desc="image", cfRequestDuration;dur=49.999952, ipv6
source-length: 81816
content-length: 23070
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 28125898-470d-43af-92e8-cc65dec3acae-1714769957
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:59:18 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9AqXzBBSwjl9OS87bvzMOcX2NF4JIaaylHwivmP3LEkfWP9YhsiAlAPxGUAAQd%2FyRaivZGGf8svObTt%2F48IiUPV43KOfz%2BqGTUcLsvfPaQdcuaYHxjiDIi2zKlycZ%2Bf2%2FK8tQGhJ6XnsZc8I%2FVnGPK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf989c5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 wrapped-category-1_360x.jpg
www.candydirect.com/cdn/shop/collections/ 7 KB
8 KB 137ms
135ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/collections/wrapped-category-1_360x.jpg?v=1529519806

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac819b1c3df4313aec897cc8380fcca3e2a0b5552ef5e33ee01a5e8747d15141

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=332.989, imageryFetch;dur=57.422, imageryProcess;dur=230.996;desc="image", cfRequestDuration;dur=32.999992, ipv6
source-length: 8014
content-length: 6910
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 7b3c860c-5d76-49ea-a138-604a0921c04f-1714766846
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:07:27 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K95K5%2FUynl7nHW2lnyLkdnHjBnF%2FZt8gTDwB45ZfgnBEgtKnf3xvRSNJCd%2BcrBoZz0ikLEdDjku2KeqFw28USD41Sd4Pyqd4GtIxsV7aQlKDTUZqYrXKKl9KNgmdZdIytdEhiqEljJ4ZCbEul4bdhds%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf989e5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 candy-cigarettes-candydirect-1024x1024_360x.jpg
www.candydirect.com/cdn/shop/collections/ 14 KB
15 KB 144ms
144ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/collections/candy-cigarettes-candydirect-1024x1024_360x.jpg?v=1529417353

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

454ecc2332c60e9894a0cff210dd421e3e0b663dbe85373399362f077069853e

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=159.390, imageryFetch;dur=60.140, imageryProcess;dur=87.869;desc="image", cfRequestDuration;dur=41.999817, ipv6
source-length: 190554
content-length: 13986
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: f9a52a9e-e8a4-47b3-9954-39ac7d68cb72-1714780489
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 23:54:49 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DeaHjqr2Oyts1lt9vOlUTyHvgvWjM1bnaUIhxyRGz0gz9qZp5%2FxuIvIyzZf0MpD1EoHTbwDVdF1331TpOM2c03rIm%2BQNC9qmDmDY5Vm7orEyt%2BcckAJhYsYx2vmtyXqJ%2BbAxYB0XaLddvt4uvfhGqMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf98995491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 3cacff21ec05315df3c77fd38a3ccb82_360x.jpg
www.candydirect.com/cdn/shop/collections/ 6 KB
7 KB 139ms
138ms Image
image/jpeg 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/collections/3cacff21ec05315df3c77fd38a3ccb82_360x.jpg?v=1525247298

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf9a96bfe750f334b9e4ac991922c2cc6fbd3cbeeceb47e8db52fd07d43bfdf

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=251.262, imageryFetch;dur=82.780, imageryProcess;dur=167.777;desc="image", cfRequestDuration;dur=34.999847, ipv6
source-length: 5682
content-length: 5728
x-xss-protection: 1; mode=block
x-request-id: 15b216ed-828a-4b21-a6d4-f0f7eaa20b2a-1715151829
x-sorting-hat-shopid: 545226812
alt-svc: h3=":443"; ma=86400
cf-bgj: h2pri
last-modified: Wed, 08 May 2024 07:03:49 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMSVE5scriSyEelLQB6bfk5JRErXUbXczWKYkveD1rLvpb92JvMinAvBvNNGnQ2wxyYh%2BQbMKVwP7fptTh%2FX1QvZfoExyLHbnXxHuIkhcy5VMEYqP0AxyMXuUsnmJSNBNpdsTYWcv99BU8ts9km5j%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf98975491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 f430412c00176fc22167e64c8c8dd9e4_125x.jpg
www.candydirect.com/cdn/shop/collections/ 6 KB
7 KB 240ms
239ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/collections/f430412c00176fc22167e64c8c8dd9e4_125x.jpg?v=1525247588

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

179ee11fc7f6f5855fe4af60c4ea2788e029a8b827ea1b2d2a0fae7a9276e6db

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=259.824, imageryFetch;dur=94.217, imageryProcess;dur=164.122;desc="image", cfRequestDuration;dur=118.999958, ipv6
source-length: 17475
content-length: 6602
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 96f8e214-9469-4ad7-ad0e-5148365874a9-1714780489
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 23:54:49 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXCQV7ifxXakF1dZBmVu53O7aIa1QUFLJjxselyPOThB%2BLPyq5NjlB4QceBPksrPC%2FFJdgg47rcYmBZbA7EDjjzWVjTf2Si%2BXv%2BdRFSqM5gtNFcXyy69aVXzz6UEZFQNRIuHuoVIvm8Lzb2bbLJNl%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf98915491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 91f0b2f899a4922ef390ad6838177c60_125x.jpg
www.candydirect.com/cdn/shop/collections/ 8 KB
9 KB 143ms
142ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/collections/91f0b2f899a4922ef390ad6838177c60_125x.jpg?v=1525247581

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31ccef9236a21b8c7fa5bd45028b27e8f67a9ba0cb1620d2c8113f51fb5ccab7

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=199.819, imageryFetch;dur=41.356, imageryProcess;dur=156.515;desc="image", cfRequestDuration;dur=39.000034, ipv6
source-length: 21281
content-length: 8471
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 3e26e6c5-be45-4d00-b4dc-1df38c86a31e-1714772272
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 21:37:52 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3pn%2FK71gAXNn%2FpALtv1xpDMrFbXlPpbcXIhVyQbhGs9FE92vCIYLRzyVG60ZlobewvGyOUUibOePEY3jqkFAxGw947Pjuju%2B03U8zlv7Vfs8EcoXjHEcZhE6r1rtftTtY6B%2BWigWLUEMM8tLkQ7n4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf989b5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 959a9ff31670ec59d2fb075e05fdaf38_125x.jpg
www.candydirect.com/cdn/shop/collections/ 3 KB
4 KB 160ms
160ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/collections/959a9ff31670ec59d2fb075e05fdaf38_125x.jpg?v=1525247570

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ea9363eb16a7f9360d1f3c0fbba87d4467a5f8724a959d720f9e070070590a

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=142.368, imageryFetch;dur=81.410, imageryProcess;dur=59.924;desc="image", cfRequestDuration;dur=42.999983, ipv6
source-length: 10197
content-length: 2864
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: b3979e2f-0cf8-4353-a494-539ab78e0a1c-1714766846
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:07:27 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ST8wQeX9%2FVscM4%2BBKWY676LcYSVCsMkiIToT3fvR4dVNSpul89P6oZwq2qpSYiLmPByl2nXSSUkHFWb3J1tL7z1TEzTxapvNZ9Vy8ESFNe5NFmR2mSB2Y0x2gkeWDadidamHOQmMA9%2BvSYO%2BuM2JZKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf98985491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 599457fed33858e0e8f16c739c4a17ed_125x.jpg
www.candydirect.com/cdn/shop/collections/ 10 KB
11 KB 140ms
139ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/collections/599457fed33858e0e8f16c739c4a17ed_125x.jpg?v=1525247239

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0e7ca8e8fd251886b1f1f561b4a3a5879bd908b95b6a0182df0a44f3e1ca5d9

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=514.994, imageryFetch;dur=65.596, imageryProcess;dur=223.774;desc="image", cfRequestDuration;dur=41.000128, ipv6
source-length: 24696
content-length: 9938
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 04cf92cc-42ef-4227-99b4-17eebf150246-1714768389
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:33:10 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2Fay%2FELNCuVRucY9k%2Bo0nIRuWZ7vjIBO8rp5bp461OvGH11fwl0r%2Fm8o6Bd6UdR0ZHr5ys1ynYDzRenHNv3Lx2xvuo6zFdx2noV%2BMjlDHne8AogUBA7hCjhTXgmGQI8n0UYz9QCbqZcmS522TxceI3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf98935491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 f1b150c10a7a90bfd02bcc49109cb376_125x.jpg
www.candydirect.com/cdn/shop/collections/ 4 KB
5 KB 242ms
240ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/collections/f1b150c10a7a90bfd02bcc49109cb376_125x.jpg?v=1525247279

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad8b63e4394588fe755da2f3d6b247c17f36009f00d31dca6b77e9bca3893af7

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=111.868, imageryFetch;dur=25.356, imageryProcess;dur=84.839;desc="image", cfRequestDuration;dur=60.000181, ipv6
source-length: 38899
content-length: 3920
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 234f54a8-c624-4fd1-8aad-c266861fcbe5-1714766846
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:07:27 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FbUHgnRo7ARx3%2FivX1Aeg%2FilDkqIrSokJkId6TcKKqClyqWgNCT%2BspVo2gO7jqdM1c%2F6Cc9Ds0WyAFy7HQqGepzse9bOSsKQIHnrO2TpyjYXoCS4UNbLUH%2FGCxkFYCeRe%2BGXaJgsemNm6ewLjRjS5eM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf989f5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 92c0530ee1b75ac0241aa127a3e86687_125x.jpg
www.candydirect.com/cdn/shop/collections/ 5 KB
6 KB 134ms
134ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/collections/92c0530ee1b75ac0241aa127a3e86687_125x.jpg?v=1525247591

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c77455d85a5950a2725c3bb8c34f4144a3b1f7f70ab3055d2639f191f127ab6

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=230.492, imageryFetch;dur=93.170, imageryProcess;dur=134.074;desc="image", cfRequestDuration;dur=35.000086, ipv6
source-length: 44927
content-length: 5337
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 69c07fdc-8cb9-46de-9190-a8f1b046c2fd-1714766846
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:07:27 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppCWLRWU5JGO3JqxW2FNTvkiM1yGnolulO1z3dw62uei2hBnaz9z3%2BPSY0QrsQyaiQQ3w0kbfQCCjLYqfyf85u1A2lJ23%2FNbulEcaTYDeHgLlgZ6hBTUw1xV4FIRPjBwGU9%2F7%2FZBUblUdElnAHeJKmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eaf98945491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 icons.woff
www.candydirect.com/cdn/shop/t/15/assets/ 12 KB
12 KB 172ms
172ms Font
font/woff2 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/icons.woff?v=159737922959752215011611685899

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/shop/t/15/assets/theme.scss.css?v=120739948295413352581686689238

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c9e3146263834e2eb82ad31480b9efbd6e9e5228326492295ac4b021ef0b40

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/cdn/shop/t/15/assets/theme.scss.css?v=120739948295413352581686689238
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:06 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=150.353, imageryFetch;dur=108.674, imageryProcess;dur=41.377;desc="font", cfRequestDuration;dur=68.000078, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 11796
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: c2f33ba2-5f1a-43cf-9d06-abea96590d0a-1714758193
last-modified: Fri, 03 May 2024 17:43:14 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNG%2F07Xwv2yDIRu2dagp7R5DIyrRKdDg5FlJvx6PmNYjNB1%2FSFocTIWilM8O4TorWt%2BB9KihoWQe7%2BEgFE%2FF4oGoWtx9dKjNObENKVSsHvDmBoB33H5v6juR1JOTQkit2t%2BY7k7Cmb%2FeHMU8f3AYJkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 88129ec23f2f5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/t/15/assets/icons.woff>; rel="canonical"
x-sorting-hat-podid: 316

GET
H3 200 spin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/ 4 KB
2 KB 434ms
104ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/spin.min.js?_=1715267462541

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/shop/t/15/assets/jquery-2.2.3.min.js?v=58211863146907186831611685899

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e27aa13441d103329a705eb4f349942bead5855f75b92a4c91572175ccddde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 64322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1827
last-modified: Mon, 04 May 2020 16:16:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd6-10b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6L2hA2jj1vHwmSxfwSc%2BKkL%2FSJwES%2F8RWuvxf34CF2e8IhicagE%2Fa7k35IV1z961Fk%2Bg3VM72I6%2BXqnCXvmz70x8vabyuW%2Frs6D7TBWXnG0oJzX5iAqmpx5RFuAkdfSKKaALs%2BicAiREfoUmVofYZ4r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb72b1e54af-YYZ
expires: Tue, 29 Apr 2025 15:11:04 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e12e39ba64ffd82047d353b8c00a647717d78823b6681d23b7a9e069fa6c42b

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e881d2b255ce09773d13b13427d5990b4eff960e7ef8b7f4fcc9e4f334829772

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 620 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d58fd319b63d6d79955e2942a91772cd946d06e454639b05f8576a4285c202db

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 CandyDirect-home-slideshow-narrow_300x.jpg
www.candydirect.com/cdn/shop/files/ 10 KB
0 0ms
0ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/files/CandyDirect-home-slideshow-narrow_300x.jpg?v=1613734498

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a8f2c0d50bdfa9becf079c24add122000c3fd1f727923d17a361497086fef6

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:02 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1
source-type: image/jpeg
server-timing: imagery;dur=328.952, imageryFetch;dur=45.953, imageryProcess;dur=282.111;desc="image", cfRequestDuration;dur=53.999901, ipv6
source-length: 157088
content-length: 10268
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 66ce1e81-08ee-4fed-81a3-2aaf0fd4b0d3-1714762171
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 18:49:31 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UKrmRGHIEu8%2BrijKQVPzBVpJEch7FM3R0a1p3CSFtung6SJtAop3V4bWr5cJ0oi0vyOU0RFyceWDyHEvd9sXsjAovh0cFzU7iUZhmsJD4yJ%2BS5BFmQE5kLZ5Fnh2KktTv%2FFNl%2B5l7rKq6JM%2B4uza5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129ea90c2d5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 7b0d00104f334b896c6cfe0819bb7e83_medium.jpg
www.candydirect.com/cdn/shop/products/ 7 KB
8 KB 230ms
227ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/7b0d00104f334b896c6cfe0819bb7e83_medium.jpg?v=1571710066

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e71b5974ffe2e85d8ba0c918c6860f353edb174bc67214d5e3f179b353af27

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=384.712, imageryFetch;dur=41.642, imageryProcess;dur=342.221;desc="image", cfRequestDuration;dur=48.000097, ipv6
source-length: 51034
content-length: 6984
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 00beac6a-212d-4aa4-87c3-0c1694b5ac61-1714764745
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 19:32:26 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNrJXoHt5A9gMETf2%2Fn%2BqK86HAtZw%2F1J2Jq9eIZB0JSe7UDPnka245Fdmdv2fQNVRGmQTTRsNj34nfTU90FUfBfNn1RgssU%2B%2FQkYd0x8Fqfdi6kYq0SMVmRd%2BZqA1r6dnkDEvH6W3N4jaYg32TYLoS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059345491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 f31cf523aea21aa060c54984909870ec_medium.jpg
www.candydirect.com/cdn/shop/products/ 7 KB
8 KB 243ms
241ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/f31cf523aea21aa060c54984909870ec_medium.jpg?v=1571710068

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

950b5ef4a751d78b0cebbb8ad6b1cd8dae5660e453246e3e662d06dd2c754e69

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=672.466, imageryFetch;dur=22.745, imageryProcess;dur=648.767;desc="image", cfRequestDuration;dur=51.000118, ipv6
source-length: 39310
content-length: 7548
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 59f71dfe-5377-4919-ba48-4ed455a4570e-1714770956
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 21:15:56 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7XFW%2BQs4%2BMZnzmrRkT17AXUK0c2me7IHFud8HgwNhKMIA0lm%2BCUXoabHBGlkO%2FkgFQ1BNQLkF3FlvDtxNxq4VSoTMl0Q86elrywGV2XC5yEEShoXb66lHqyY2UW0vP%2FW2GOY1iOeTkhruqZqRYo5ZwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb0593e5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 1cb4d356f4af17fcb78ff43525c31f22_medium.jpg
www.candydirect.com/cdn/shop/products/ 17 KB
18 KB 243ms
241ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/1cb4d356f4af17fcb78ff43525c31f22_medium.jpg?v=1571710073

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e1b5f212a1a01c2878cba50132c990d81667726d686361c175014abc0ee56d

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=459.650, imageryFetch;dur=72.400, imageryProcess;dur=381.147;desc="image", cfRequestDuration;dur=49.000025, ipv6
source-length: 85880
content-length: 17312
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 1865dcfd-ef18-48b9-9781-b916adb1c2d7-1714751532
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 15:52:13 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BP5kT2Pwv4pDKeAbLyJUY05YEhfxnRNh40%2F6Xzwywi33B%2Bxg7IH1s801t9FhAh7s%2FY7PkN3Mu7kPiC1iV6zwCemLXLlJdrPZogg2G85V6FrF87%2BhmBWdtapIuMp8cP41Xk6QQApkpziqbVIrtZe8OCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb0593d5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 a7a8e3f525f36621238650864e5e5626_267a6796-ab9a-4166-91ec-3c98e815af64_medium.jpg
www.candydirect.com/cdn/shop/products/ 27 KB
28 KB 148ms
146ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/a7a8e3f525f36621238650864e5e5626_267a6796-ab9a-4166-91ec-3c98e815af64_medium.jpg?v=1571710087

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b63fb740625c29d4631ec22e749812789a97fb882f3c424eb4cd995536a6557

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=1033.253, imageryFetch;dur=92.067, imageryProcess;dur=939.090;desc="image", cfRequestDuration;dur=49.000025, ipv6
source-length: 64976
content-length: 27969
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 4d284aa4-ab28-4fe5-9858-9c5f5904c257-1714749630
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 15:20:32 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WXj%2Fkj9Gej3TS6h%2BZo%2BunqkMkFnuxGNEDhc%2BIdssgYI%2BOOY0KENm0Wa%2F7EDotj18KsT6SN5rOESH%2BPWzPeRdWqlh7Eu%2FxzmRAgIEG%2BWxZ7GaknmcvxvdI%2FDPfVYaqq5zcopZtmGKJXxKX1qgpSOSga0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059315491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 sconza-beans-small-red-boston-baked-wmark_1f82fce9-ffd2-4a1d-9dd2-55141fc64240_medium.jpg
www.candydirect.com/cdn/shop/products/ 18 KB
19 KB 164ms
161ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/sconza-beans-small-red-boston-baked-wmark_1f82fce9-ffd2-4a1d-9dd2-55141fc64240_medium.jpg?v=1592850073

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ddf770b5afe1c715816c97ea16a560ec54b638ca6b1f6ebb86b336af60cb90

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=528.202, imageryFetch;dur=40.899, imageryProcess;dur=463.275;desc="image", cfRequestDuration;dur=53.999901, ipv6
source-length: 126815
content-length: 18580
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 572ba2ee-1d20-44ae-b132-1ea497abac4e-1714773741
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 22:02:22 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZG3QLOK6VFgFMzfoE8gjSYpuJwTvAi15A%2BGRlvRkkhcX1FxJfIpCd%2FTgJImKZ6hKsyYa0Km%2FGuc9tOH80Lac7QAOFtXTy%2Btz2b1iM2vdGPQPzkF%2Bxbr8lyt3AYjV6%2B%2BKehxDmtRGrE9nZd%2B4FEn12gg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059305491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 hot-tamales-bulk_medium.webp
www.candydirect.com/cdn/shop/files/ 15 KB
16 KB 228ms
226ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/files/hot-tamales-bulk_medium.webp?v=1707315071

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9227e35d3e884d7a908d021232b88602f7b5b0f5eb6622f9a75787a3c9461ecc

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/webp
server-timing: imagery;dur=396.548, imageryFetch;dur=76.540, imageryProcess;dur=318.377;desc="image", cfRequestDuration;dur=49.000025, ipv6
source-length: 137100
content-length: 15335
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: f1c3680f-7427-45aa-9fae-127e72e807c7-1714776734
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 22:52:14 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rYL3gOc4dwhv3CJ0WIJuIZBPiYMZD3mdhOC73SdkeLtvGuF3kMSYl7HvzuXaVCSHj3ClN2ZJMxZeEayj4W3CzseZGwIBc2WAidJ2IzOkG3kWxu1c0CwwLXA5TR%2BTsJn7sfvBbmEoT3XmWUug93X0xUw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059325491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 16a53af4afcaa597332c8c5a4fbfd358_medium.jpg
www.candydirect.com/cdn/shop/products/ 6 KB
7 KB 236ms
234ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/16a53af4afcaa597332c8c5a4fbfd358_medium.jpg?v=1571710081

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc07a11e55fdac80b7b1fd01097628a948c4bb0408460b21a605ab14d5f47ec4

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=469.700, imageryFetch;dur=78.919, imageryProcess;dur=389.913;desc="image", cfRequestDuration;dur=50.000191, ipv6
source-length: 58275
content-length: 6604
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: c9f6f213-16b5-4b1a-a3fc-636f44681ce9-1714749747
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 15:22:28 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnwLBFEBwGEro%2FNIvIT0c6ebPo9hFJ50nUFHA9m1f3dshgECGeN6j8N7r8pljpu4UW70X1U0fTs6cJ7sIuJnt06XfKZDGCzcqXz6ppoYwnn5kAvlTmFQGij3upE8%2Fo5nxatw5NgzKggYL1OfshyUoWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059385491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 smarties-5-lb-bag-wmark_medium.jpg
www.candydirect.com/cdn/shop/products/ 13 KB
14 KB 235ms
233ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/smarties-5-lb-bag-wmark_medium.jpg?v=1627594773

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577ef117d51962e42f9709b0fc1e2f59506590d3d7918fc1b878b4058526ec64

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=326.184, imageryFetch;dur=57.956, imageryProcess;dur=267.359;desc="image", cfRequestDuration;dur=53.999901, ipv6
source-length: 190762
content-length: 13572
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 1c00deba-7599-417a-853d-a098d7e20948-1714772096
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 21:34:56 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NjnYRPxlGJFsedfKx33WM8uKIueJn6mtYzlUrVITfiIGQ0Qf0%2FIZm2vDXEYCguLz5mDEx%2B%2F%2BLxTom7sVSklHvRAklIto7OdOuVgCPyt3mhzKqlUOkn3w0j92Vkyk%2F%2BMrT8jgyzmPAyqVklGXG%2FVcq6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059365491-YYZ
x-sorting-hat-podid: 316

GET
H2 200 5b42989c1f0c6c9580d2d5900af76b97_600x.jpg
cdn.shopify.com/s/files/1/0005/4522/6812/products/ 20 KB
20 KB 610ms
238ms Image
image/webp 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0005/4522/6812/products/5b42989c1f0c6c9580d2d5900af76b97_600x.jpg?v=1530059045

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0faa4f2bae50a0e4c9dfd5fe7b68f4b41423997a1f33e7cde44065cc965e3509

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
source-type: image/jpeg
server-timing: imagery;dur=99.580, imageryFetch;dur=62.167, imageryProcess;dur=36.326;desc="image", cfRequestDuration;dur=65.999985, ipv6
source-length: 31273
content-length: 20180
x-xss-protection: 1; mode=block
x-request-id: 4b77904f-cce3-4a2b-98a2-2ec4406bbf62-1714768235
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:30:35 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7KtPPzfHh89hK7ZY5cFHoO6Reyb7ksIAns%2BwDkGT9pukukzx4XwxBPskSEx4%2BIH3GBtPBQKNy%2FJF8%2Fu8B%2BHHZ9NxK6q1rs27qjPTvqtX72OLijzPv07PoHVVbck%2FZPzU8k8wORf8z9mC90W17w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/products/5b42989c1f0c6c9580d2d5900af76b97_600x.jpg>; rel="canonical"
cf-ray: 88129eb2b933ab45-YYZ

GET
H2 200 82e035d69fa15c0bc5bdd2c6a6735f7b_600x.jpg
cdn.shopify.com/s/files/1/0005/4522/6812/products/ 8 KB
8 KB 605ms
231ms Image
image/webp 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0005/4522/6812/products/82e035d69fa15c0bc5bdd2c6a6735f7b_600x.jpg?v=1525248646

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b24b188b4204a1bc381310d6712d8a0569070139e27f6bf03f0ca11bb807ef

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
source-type: image/jpeg
server-timing: imagery;dur=117.846, imageryFetch;dur=81.577, imageryProcess;dur=34.492;desc="image", cfRequestDuration;dur=58.000088, ipv6
source-length: 11798
content-length: 7734
x-xss-protection: 1; mode=block
x-request-id: e1e11fa3-20d5-4d3e-9298-ef0b1aa52e84-1714767640
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:20:40 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60ub7m6gW52593xMngcVeI2Um8h%2FIEqJv4MDx%2FgF4KGjnRVKHf6n00v04HiIH10KSWmeLzkhmYbkiU0JD6hL3862Oe1LAZWiQjPP4S8Z8DfhP%2BO9aBoCneZnD%2FDeKrQGq%2FC7lLSngHPKEr1r1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/products/82e035d69fa15c0bc5bdd2c6a6735f7b_600x.jpg>; rel="canonical"
cf-ray: 88129eb2b93bab45-YYZ

GET
H2 200 jelly-belly-assorted_600x.jpg
cdn.shopify.com/s/files/1/0005/4522/6812/products/ 41 KB
42 KB 529ms
158ms Image
image/webp 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0005/4522/6812/products/jelly-belly-assorted_600x.jpg?v=1529527570

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b218dd072f0d0300382ff8668b64f5c4341c1bb2686325390ea14e70e4231ac1

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
source-type: image/jpeg
server-timing: imagery;dur=105.935, imageryFetch;dur=68.157, imageryProcess;dur=37.054;desc="image", cfRequestDuration;dur=57.000160, ipv6
source-length: 47936
content-length: 41566
x-xss-protection: 1; mode=block
x-request-id: a47313aa-4407-404e-9628-0042791ad5b0-1714753580
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 16:26:20 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoxiU0IeKAFwqqg3GG2fBqhwBsH%2FYEDdrA%2FDODMiuqtv6VKBHD0275ejO3yV9GyC7zNAR6J4FHTy9SkYQQVRP8Xrp1QHFCXXmysxkEpYHTSebaCxVLq4gbvu4TQ4Z7Z6oU6eVx2RwKggQhNeSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/products/jelly-belly-assorted_600x.jpg>; rel="canonical"
cf-ray: 88129eb2b938ab45-YYZ

GET
H3 200 globomenu25541529524481.jpg
www.candydirect.com/cdn/shop/t/15/assets/ 21 KB
22 KB 245ms
243ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/globomenu25541529524481.jpg?v=168682282031109857371611685889

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99d43a93c858eb62593ce5e99583f1b143bc7e3d25b883d320fce97dd9f42ed

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=539.142, imageryFetch;dur=83.778, imageryProcess;dur=433.597;desc="image", cfRequestDuration;dur=50.999880, ipv6
source-length: 24696
content-length: 21667
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 60b6c1f5-4a3f-4af0-81b6-e00b7d6e89f0-1714770634
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 21:10:34 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPiQZx8QvsNlYwSaLDEO0p5LThZeKvwzkFLqlnyc2Lc0vI9RCEyu87ofebeoyPbYYABjBxJaG7sMTUBIlLY7njasXGhntPSbMi4W85hY9AyuClDgksV9WSWKJ98cvc06edcoGTjBD%2FXODfXb%2BAx%2Bv3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059405491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 globomenu25541529524629.jpg
www.candydirect.com/cdn/shop/t/15/assets/ 16 KB
17 KB 264ms
262ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/globomenu25541529524629.jpg?v=101331943805603068961611685890

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1898e77846f786c6d6e359626371e0cc1a22ce0c73574c216d76d6584ec8f31

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=476.790, imageryFetch;dur=63.338, imageryProcess;dur=412.013;desc="image", cfRequestDuration;dur=56.999922, ipv6
source-length: 21281
content-length: 16688
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: bed55d55-7c26-4ee7-ad48-a299f5e1e9ca-1714776139
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 22:42:20 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8RirkiAVVaQEqKaBEn04KARrp%2BQ06Y0vNnaev%2FrANOSJe7iddfG%2FhSAMkZQvJR%2FEn%2F5EzWpYz1s2L8r29vYRTECJKqwnc70mCqMQpLZlP0QT7etYlQyALzLZjBqgdc46NDPcLq%2Fs1fv5qQnUvq1bIt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059425491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 globomenu25541529525088.jpg
www.candydirect.com/cdn/shop/t/15/assets/ 5 KB
5 KB 145ms
142ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/globomenu25541529525088.jpg?v=130564108327640794201611685890

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2451ed27c4c1cd8c7d6c4bba5cc1c5bccf5ee3c5b73e110a2e14b0a8c798b89

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=284.000, imageryFetch;dur=169.099, imageryProcess;dur=114.031;desc="image", cfRequestDuration;dur=41.000128, ipv6
source-length: 6885
content-length: 4637
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: cd0c02af-2651-4666-88c6-4367d860c907-1714749434
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 15:17:14 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Awa5jYIVokhcfzeqXa3b4kfYGvSurII2gJjW61inSMvIh7u%2BShCmvWIcDBItNddJtrIXtNW%2FetSEN732%2BRNulwXUZ1UnJp8kxM2Mnz5A6cCeXhu06ri4xd33x%2Bugoag%2BeaKn6JBMNUc3Q1%2FLeMb5tAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb0593a5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 globomenu25541529525149.jpg
www.candydirect.com/cdn/shop/t/15/assets/ 10 KB
11 KB 229ms
227ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/globomenu25541529525149.jpg?v=46812520295074195251611685891

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2f47871ddd4b065b3348d99b56bd4e77c54baa33813401c66b23e403ce9592

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=352.786, imageryFetch;dur=63.677, imageryProcess;dur=288.256;desc="image", cfRequestDuration;dur=51.000118, ipv6
source-length: 14008
content-length: 10219
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: be5bcbc8-cbee-48c2-a982-00f9e0009d98-1714770956
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 21:15:56 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q5ENE5OniBgGfxLbD5AEQscExF6tu%2BhjW5clqIVS7aidgWFlt%2FdN83%2BdQqCCwltqcJeqfL8jzv7BhBUGZE0kzwOHvj4BnH8uBCn5LA3umsBnoxJDvU8Mhd5cjT188IeTj0Aaq%2FQHa2%2Fe1bYAl376hyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059335491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 globomenu25541529525187.jpg
www.candydirect.com/cdn/shop/t/15/assets/ 7 KB
8 KB 136ms
134ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/globomenu25541529525187.jpg?v=109624594873308479391611685891

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ffa93bde60be95edfabfb1c8d51e1fcf12529a5b2912b660208d3085ceecdb4

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=192.483, imageryFetch;dur=40.057, imageryProcess;dur=151.365;desc="image", cfRequestDuration;dur=34.999847, ipv6
source-length: 11158
content-length: 7618
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: ce5a982d-e343-42a6-b3b9-8241663a8c7f-1714771548
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 21:25:49 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3VmuoGygVul4xGzJSZGLO3hgosrQGd1egOQTDpJzJwvkNC8cztzitOeMi3SdKEGmExSl6grQAKt1wQ14njOMbkKPrx%2BWZwFtJLjarmX7Qh76UpSSy2IxFIIKzgk4kFsxjcEhnZ4c7jCX%2FH%2FjtTED3ZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059415491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 globomenu25541529525227.jpg
www.candydirect.com/cdn/shop/t/15/assets/ 14 KB
15 KB 285ms
283ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/globomenu25541529525227.jpg?v=58790466227694017241611685892

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42634ea8d3fec2fb326cce895004d3c43cab43169d5166794fcf65e78c99707f

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=275.488, imageryFetch;dur=46.040, imageryProcess;dur=228.308;desc="image", cfRequestDuration;dur=44.999838, ipv6
source-length: 17475
content-length: 14368
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 947865bc-3167-4146-8fa2-78bec74a8f89-1714768114
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:28:34 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hzaSBZen7f8ldVFch%2FZUUZWj94GK1CL1BqsdiiV%2Fx%2FF5FQbrIUajoBt43nSKaWUumIwWVLtfrdrhfvtHCBhQivlAcOCzYsejXOGXeD2T%2BZTyO5fv9RfBTPaVvXT4Tt%2F3WolWNPokwrSScCJ96R%2BWZ%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb059435491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 globomenu25541529591899.jpg
www.candydirect.com/cdn/shop/t/15/assets/ 6 KB
7 KB 135ms
133ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/globomenu25541529591899.jpg?v=6886963617024816881611685893

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8bdb2ebceed37a8e08484d7e921836fb6d22128696a913a058e6c6f0f6284da

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=396.574, imageryFetch;dur=57.973, imageryProcess;dur=337.653;desc="image", cfRequestDuration;dur=32.999992, ipv6
source-length: 10287
content-length: 6629
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: f6e1d6aa-8ac7-4b32-8933-f81e7e86295d-1714773741
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 22:02:21 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iu2gRGZCepX7H9dXBni%2F8RkhzTRtNdsfQ8kcg4dw5q6f5spOugOFDpiW3m2Qt%2Fgoj%2FLjXT%2FYkCURjsXUMlvkZqWrkeS5ruseVOtNadimaszP4tkk03%2FCd1A2SCHs0sVl%2BMLgY0aENR%2FjQkqLxdnnyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb0593b5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 globomenu25541529592161.jpg
www.candydirect.com/cdn/shop/t/15/assets/ 6 KB
7 KB 145ms
145ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/t/15/assets/globomenu25541529592161.jpg?v=158702883666226084931611685894

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dbc5ad156d6d9f834f0e7503864bbca0fe81cb5ddd879243fa51b5bd8dcbd1a

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=431.868, imageryFetch;dur=132.692, imageryProcess;dur=239.586;desc="image", cfRequestDuration;dur=42.999983, ipv6
source-length: 8362
content-length: 6625
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: d99c885d-5464-4994-adea-b49a5767310c-1714757415
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 17:30:15 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCXlOb3JznE4PfpTDUqwa2qC1kbJyBg%2FVaSwhKfLRC6G0DpxRF8I8VyZi4RwvVRQpefF4eApzcfL94%2B%2Bfx1mMRPef6IvVoH%2Bdd99NfXlt%2FOh0MhE9nadooB17gYPygGZ95gyfPU%2FH%2FOG5qZFtNXMZag%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb0592e5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 430ms
102ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 4523
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13950624bd04ebf49d7ce3a74740f1ec
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 88129ec71fd0ac7e-YYZ
cdn-requestpullsuccess: True

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 115ms
115ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700|Lato:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 12:54:50 GMT
x-content-type-options: nosniff
age: 94577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 May 2025 12:54:50 GMT

GET
H3 200 7b0d00104f334b896c6cfe0819bb7e83_360x.jpg
www.candydirect.com/cdn/shop/products/ 13 KB
14 KB 276ms
276ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/7b0d00104f334b896c6cfe0819bb7e83_360x.jpg?v=1571710066

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605492fb9c097b643864581ad2e0f08608769e3f5d7841ae7a797a2ffdb04efb

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=118.762, imageryFetch;dur=76.240, imageryProcess;dur=39.768;desc="image", cfRequestDuration;dur=51.999807, ipv6
source-length: 51034
content-length: 13674
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 73c9bf3a-c9b4-491b-ab79-1feb661fa82f-1714760628
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 18:23:48 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHNgIXV6tOrwPMYRTHo2RJkHGZ%2BtjH0JTIyfL9j24qR98el7HHB1FDSIK7iDgZL%2BdRcIPS7CM2vCisOmrWc%2B4WJMHB1sXs1byx34EkjHadhmAKFsoFVgKjRzbcwk6eoJBHNFXG3EWUm6ksK%2BVp9jorc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb0b98d5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 f31cf523aea21aa060c54984909870ec_360x.jpg
www.candydirect.com/cdn/shop/products/ 14 KB
14 KB 274ms
274ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/f31cf523aea21aa060c54984909870ec_360x.jpg?v=1571710068

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e2860cf87fee269870c63775a805a20f4d7e39bba1955e5ecd72775afd59a6

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=107.184, imageryFetch;dur=59.655, imageryProcess;dur=46.858;desc="image", cfRequestDuration;dur=54.000139, ipv6
source-length: 39310
content-length: 13860
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 78868f5e-e3b9-49b2-8288-c4ef09b39c5b-1714759536
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 18:05:36 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYNE%2F5LnEPgFVR0q5JfMAe4FxLlp8Coc8gwMz4KFx5F2kD35EfTYTYnP3J5Zo8wIYFupaqWXqCQLbDEgiUyHfRBgqCmsVra%2FIIWqsWkq7BPgzBLfw1dM5t1i%2F4ekONEuqrdfbYKdlIJ90J8kqj3u0vY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb0b98c5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 1cb4d356f4af17fcb78ff43525c31f22_360x.jpg
www.candydirect.com/cdn/shop/products/ 31 KB
32 KB 278ms
277ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/1cb4d356f4af17fcb78ff43525c31f22_360x.jpg?v=1571710073

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb148dd573ddd28ac38ebf7de9ed04030bfe44d5b60cc5dc1d3919e9dbb437ba

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=116.641, imageryFetch;dur=51.256, imageryProcess;dur=63.002;desc="image", cfRequestDuration;dur=53.999901, ipv6
source-length: 85880
content-length: 32100
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 31a28dd1-75ff-4889-b194-0adb20cfa30c-1714774916
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 22:21:56 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=muFEnIlisDGR%2B0oHiyJYd25BHCT60rMxcxA%2FmbcJl3qkseS6Iimld0LoTJP3PTw4n3YZi0yHVDDguJ9iurvsKKQb8AU8LMEQufpOVvzTsFaG6x0qLpkOlIiy1yuR06PHogImSujgwrR6nf7OBZHWHCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb0b98e5491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 cab49bfa1e62a03c334bd27fae81cf17_360x.jpg
www.candydirect.com/cdn/shop/products/ 34 KB
35 KB 273ms
272ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/products/cab49bfa1e62a03c334bd27fae81cf17_360x.jpg?v=1571710072

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d208d9b9fd372e72dd4e6b50e05a544452683c875e1520c48c5c944efd2b47

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=133.224, imageryFetch;dur=84.851, imageryProcess;dur=47.611;desc="image", cfRequestDuration;dur=55.999994, ipv6
source-length: 125657
content-length: 34704
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: cf37c657-4578-4bf0-b4a7-498136cae4ef-1714766848
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:07:28 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LuLVpWSNsaAMBRjf3klRsBpXlOtb5yTCyEChXxu0R0Mzg45q17%2Bl5YWEPIvv46qifLe%2F%2BADlY9%2BRQn8w0Rth2MlNuh3O4SMd4RDpwxL4AV00MqNh2I8np1Z%2BCbfbnd8E7bRGvALYYMiWCErT4MD%2BSpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb0b98a5491-YYZ
x-sorting-hat-podid: 316

GET
H2 200 fender_analytics.f692ee00c71150d7db91.js Show response
static-tracking.klaviyo.com/onsite/js/ 31 KB
13 KB 365ms
77ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:04 GMT
x-amz-request-id: 41Y2RTP149KA3F25
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12748
x-amz-id-2: mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by: cache-lga21947-LGA, cache-yyz4572-YYZ
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "cb6418619f08d5e582cf68f2d2432438"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 28, 42

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
2 KB 364ms
77ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: pOOHfwEpxidpf1C5y5x2xTnzSKHLx9Qw
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:04 GMT
x-amz-request-id: ENY9D5YSSWTZMA0V
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 1029
x-amz-id-2: 7YTZXjqkIvOweXIi7oeSA0xceDuWnmsMjEiNKqUFwDsP8LixUujiplLZJYiO/I8qfIFeO9cu6W1SD2AsFigCFg==
x-served-by: cache-lga21976-LGA, cache-yyz4572-YYZ
last-modified: Wed, 03 Apr 2024 02:24:08 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a2a09d2f114724cda111ccd8470493362b1982e3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 26, 43

GET
H2 200 runtime.a91162213181c42e98d2.js Show response
static.klaviyo.com/onsite/js/ 20 KB
9 KB 333ms
76ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.a91162213181c42e98d2.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ede84f9c378b9cdb8c4fd1e5f39cde64e7fc52720035aa29397db302a044c051

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: sY52cRL5VUfR3ZrHFKVAAW8jIYKDOmES
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:04 GMT
x-amz-request-id: H1805GKVX2XTA14A
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8242
x-amz-id-2: 9FT7RZtpC5m/t/P8iFjl/YHIdmeAADW3VI37o4cbzV4xifANTTbKK4ux/uLMy2/B65f7yuyqg8c=
x-served-by: cache-lga21925-LGA, cache-yyz4572-YYZ
last-modified: Tue, 07 May 2024 19:44:57 GMT
server: AmazonS3
etag: "1b8e855cd6d6745b7dd187d5c2646e57"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: b4af9e2c326cd71ae62b70689b6ca26370501624
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 110, 42

GET
H2 200 sharedUtils.aaa4a40f3112b6f3f60b.js Show response
static.klaviyo.com/onsite/js/ 48 KB
19 KB 103ms
77ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.aaa4a40f3112b6f3f60b.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f150ec7b0e174584b8735840dca1b41160c8cf9243333e09c4c78fd2a84bc2a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 5Gmn7XXiAcahaVu51t3Nd6fJmKwlnqZ3
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:04 GMT
x-amz-request-id: MXY0KDDXEMVJDQB1
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 19176
x-amz-id-2: 9sxaJXd1fTWj7cXdW3gW1/8j5NHZYvmAd7b/tmWQkXx9J3SFgElFrJU+JZ7hGy3fAAFRFnFdHwU=
x-served-by: cache-lga21959-LGA, cache-yyz4572-YYZ
last-modified: Fri, 03 May 2024 23:34:48 GMT
server: AmazonS3
etag: "497d6ebb34e3a139c6f512cc857e0e6f"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 97dae9ca472066bbdb7b8d052724d82b1c9a5bc8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 117, 40

GET
H2 200 vendors~signup_forms~onsite-triggering.debc264469b0cf11f5f5.js Show response
static.klaviyo.com/onsite/js/ 19 KB
7 KB 103ms
77ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~onsite-triggering.debc264469b0cf11f5f5.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f557e37f47de41ee26a6d4f257a0460e4fd095fd9f31f252c145140fa9d51969

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 7VKaJFHwLu2q.nxWkIGlK19SnMvRdRDE
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:04 GMT
x-amz-request-id: AH76M5V6SWJGJ2H2
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7130
x-amz-id-2: d95pfseYucTrQHL5Y8KjdAod/PeTzyELg0w88kjRj9FTyYEuXgTUkS8JywYGDM+pP3Vjgr+cZoA=
x-served-by: cache-lga21950-LGA, cache-yyz4572-YYZ
last-modified: Wed, 24 Apr 2024 13:42:48 GMT
server: AmazonS3
etag: "0bf92662047ee3a876b751467caa8ce6"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: fcd46c26b694e3e3ab76933ab2d88d3212161c09
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 78, 35

GET
H2 200 vendors~signup_forms.8d18a176cd326e575af9.js Show response
static.klaviyo.com/onsite/js/ 14 KB
5 KB 104ms
78ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.8d18a176cd326e575af9.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75e5306935fa9ed4526275cbc0f83dce2de87359db9761595b877aaa57c869f0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Mhrm3sufsuACrwZt1Gb6K9T.UnEXZW36
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:04 GMT
x-amz-request-id: XJNNPXWAV7SEV7HG
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4967
x-amz-id-2: lzCK33q6udB8b78X9zMxHFkfGc6qh/6G3gr5Y/IIDuhyq5A72Nj1r9kvlPxDmrLeM7t60sI31RAVMNAZek2hyQ==
x-served-by: cache-lga21974-LGA, cache-yyz4572-YYZ
last-modified: Tue, 23 Apr 2024 19:40:26 GMT
server: AmazonS3
etag: "d81ab2c96c9bb291ab7e198e7506ecf4"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1bbe179216ad618d111d56518ca2453a2ec582e8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 4, 30

GET
H2 200 default~signup_forms~onsite-triggering.0df0318a329ba96c7240.js Show response
static.klaviyo.com/onsite/js/ 30 KB
10 KB 81ms
78ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.0df0318a329ba96c7240.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9adddcfcb55982684f6361752a8f77d8d76abf63187d75422f7952b049c4c1e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Hty9BlhXyki5aXDRJALTAUw.0AiDZCfI
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:04 GMT
x-amz-request-id: R49C5MJHMREKP8TT
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9615
x-amz-id-2: 2Z0KRiOwzCIPa10yLwV4+QTR+1HU+/PcTY7ZTsdKb26nRp8+QFpcxK5pVgIHrGIBSZgX4ygx1P8=
x-served-by: cache-lga21968-LGA, cache-yyz4572-YYZ
last-modified: Wed, 24 Apr 2024 18:42:25 GMT
server: AmazonS3
etag: "c50035970898e72dc61eacf0298602ef"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 009bddced435e99dd039664956d6d48d01a49d5d
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 11, 34

GET
H2 200 signup_forms.c4104b5d2371a6fa2260.js Show response
static.klaviyo.com/onsite/js/ 14 KB
6 KB 74ms
73ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.c4104b5d2371a6fa2260.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21aeb0462fca72e1e0425892fe9b0379293c76aeb25b024c0138a6ae3ac1a725

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: lxcdTgIaUfEXk9NNU3H0yyasNJByaW9_
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:05 GMT
x-amz-request-id: C134D5RQNZXV67BS
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5523
x-amz-id-2: WZN2H1hBetJKPlsrH4pTu7qhNLD4MMdWUjg1+opXtWR4nzzMdY64J9loqPCufT2cfJAfgFHF2fI=
x-served-by: cache-lga21966-LGA, cache-yyz4572-YYZ
last-modified: Tue, 30 Apr 2024 20:08:57 GMT
server: AmazonS3
etag: "b27badfbdcaafec430b5bf89a594cb4a"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: e8b0072175ae63226e8d8f90b290019e87682d10
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 10, 35

GET
H2 200 post_identification_sync.c45bc1da7d619d242b74.js Show response
static-tracking.klaviyo.com/onsite/js/ 7 KB
3 KB 76ms
76ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/post_identification_sync.c45bc1da7d619d242b74.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RCkVE7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 920e1736ea49bdb9d6ee3ffaf68ba619094bb41aa118607675e92a3bb64ba320

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: lnC4.nH51ldd_9HmeP4wZUvnrxE5OciH
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:05 GMT
x-amz-request-id: PNJW5WCAZ83YW8FP
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 2959
x-amz-id-2: bn8YZuQgBgaGk206kQR/9+qR3cgGMs/ohR8sUEZ5+LbT1a/F6VjUtfCX5ZMsOFbFYnlitOHcSXg=
x-served-by: cache-lga21964-LGA, cache-yyz4572-YYZ
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "c1a42a7ee79d1073850b10a66eae473a"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 55, 11

GET
H3 200 CandyDirect-home-slideshow-narrow_1080x.jpg
www.candydirect.com/cdn/shop/files/ 53 KB
54 KB 152ms
151ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candydirect.com/cdn/shop/files/CandyDirect-home-slideshow-narrow_1080x.jpg?v=1613734498

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

313a577ef6744c21e3bab1621dc091462c546b0f04ecb67dea4c040b4f12c760

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=173.457, imageryFetch;dur=54.392, imageryProcess;dur=118.315;desc="image", cfRequestDuration;dur=53.000212, ipv6
source-length: 157088
content-length: 54536
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 812900ce-9e76-4ab6-b445-2009e434b1e4-1714766847
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 20:07:27 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fs49N1RCKPmNLPWYYhVJc5V%2BRdf2mST0EFlHXCSCsgB6n3cr2L%2BG5esh6RpBs6HYUVmmt30lE5qCLhT2TkXhij5Bu6BbUikuDpAUCIingeZMbA%2Bwt74m59kdu6pRsw%2BKv6asdm8AcGSXkml56ye0GA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129eb9c8375491-YYZ
x-sorting-hat-podid: 316

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 97ms
96ms Stylesheet
text/css 169.150.236.98
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.236.98 Chicago, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-236-98.bunnyinfra.net
Software: BunnyCDN-IL1-1068 /
Resource Hash: 0d47dbbac748871e5314dc3f196d618bd32e3f102be480b8dc6fdfe2690d676e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:03 GMT
content-encoding: br
cdn-edgestorageid: 1070
perma-cache: HIT
cdn-storageserver: NY-268
cdn-cachedat: 05/09/2024 03:33:41
cdn-pullzone: 293267
last-modified: Mon, 15 Apr 2024 18:02:32 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 388
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"661d6bb8-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 2ffde038a057673fb535342af10c7317
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 401 10649 Show response
api.omappapi.com/v2/embed/ 165 B
594 B 542ms
183ms XHR
application/json 2606:4700:3108::ac42:2af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/10649?d=candydirect.com
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
via: 1.1 bc3e3445494dc5a4f9373d4212505c68.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-cache-config: 0 0
x-amz-cf-pop: YUL62-P1
x-cache: Error from cloudfront
content-length: 165
x-user-agent: standard--
server: cloudflare
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=120, stale-while-revalidate=1800
cf-ray: 88129eb3e985a1ea-YYZ
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: 2hEKuC5-CF6ge5_fguFzWxB5QC6VfF4HYCVSAHHhWyqPM-kbVzu6_A==
expires: Thu, 09 May 2024 15:12:43 GMT

GET
H/1.1 200
OK / Show response
geo.bananastand.io/json/ 224 B
1 KB 487ms
170ms XHR
application/json 54.157.4.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.bananastand.io/json/
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.4.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-4-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ae593a5f8d53cd5562b01aebf1f28f85080c4d1f96fea2fc4f15cd00ec5ac607

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 09 May 2024 15:11:04 GMT
Access-Control-Request-Method: *
Content-Encoding: gzip
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Connection: keep-alive
Content-Length: 173
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1715267464&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=R%2BgX%2FTY6ywHgt5XLRRpxbIu8%2F0Mr7O4XdyXFzzXMMm4%3D
X-Runtime: 0.000338
Server: Cowboy
Etag: W/"c01c93bf16c6948ed419a1d76458436b"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715267464&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=R%2BgX%2FTY6ywHgt5XLRRpxbIu8%2F0Mr7O4XdyXFzzXMMm4%3D"}]}
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS, HEAD
Access-Control-Allow-Origin: *
Content-Type: application/json
Cache-Control: public, max-age=86400
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
104 KB 141ms
139ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S1KTWY4VN3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZVNXG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43f6a54c15a5a393fc5efd300bc0a34b2016da6a1323593283852e0e0675161a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106479
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 May 2024 15:11:05 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 463ms
110ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZVNXG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 09 May 2024 15:11:05 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 913CF96C1C624BB781C54A102A1D1522 Ref B: YTO01EDGE0512 Ref C: 2024-05-09T15:11:05Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

POST
H3 200 produce_batch
www.candydirect.com/.well-known/shopify/monorail/unstable/ 0
803 B 158ms
157ms Ping
text/plain 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/s/trekkie.storefront.dd626a6a6fbdab104f8779acc4331c330134c832.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.999973, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 07b2fbd8-3ae2-4ac5-8f0f-e34c4f86384e
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5isxmruNM8%2B7FleA8Wlig0aph8P2mYYattaN5n4zxNdGNqGhTMpl1O2d03eyjA3hrlzQ1boUK9%2B0Xyly8%2B0xyVQjgZJZoiY7wOiB5KSmlEWIoCm4vRyEAIzitYQhllDQCJKA7X%2FYGuKxeqwsf1uUmMk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 88129ebc9ab45491-YYZ

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 537ms
137ms Script
text/javascript 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/s/trekkie.storefront.dd626a6a6fbdab104f8779acc4331c330134c832.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 May 2024 14:57:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 808
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 09 May 2024 16:57:37 GMT

POST
H3 200 produce_batch
www.candydirect.com/.well-known/shopify/monorail/unstable/ 0
807 B 157ms
156ms Ping
text/plain 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/s/trekkie.storefront.dd626a6a6fbdab104f8779acc4331c330134c832.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=54.000139, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 9194be0f-b86d-4bbb-9818-797495c32939
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hr7og0g7PgoeJjvz7QmBlIK8bPYwD8Gb0aO6meoHj816ASvgy5gZT0QxabuenUOC891jApU%2B49BuDMHmJNuuk%2FVJK01ia0L2%2FVqKwkOWrtbzYZA3NCLzhv9uUY5tGgSp4%2FjIZcC%2FpaiXpGxjE9RTESI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 88129ebc9ab65491-YYZ

POST
H3 200 produce_batch
www.candydirect.com/.well-known/shopify/monorail/unstable/ 0
806 B 152ms
152ms Ping
text/plain 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/s/trekkie.storefront.dd626a6a6fbdab104f8779acc4331c330134c832.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 May 2024 15:11:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.000046, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 8fa7bc38-0b95-4410-a3fa-f4118d11b9ed
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Keg47YVma2F30bHtBVKCaGY4tNhabbU2cVBVPX%2F51EsIpZTYUt2jnpnBV6ZLmXk34WDm%2FsZAFqn5MPM5blrremRQ%2Fft8TJz3jAHmY%2ByZUY1Pez7CSkbCSmt3FQ7OXgEvESmIjCCDQtCCvJFwqvANnU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 88129ec0fe205491-YYZ

POST
H3 200 produce_batch
www.candydirect.com/.well-known/shopify/monorail/unstable/ 0
796 B 153ms
152ms Ping
text/plain 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/s/trekkie.storefront.dd626a6a6fbdab104f8779acc4331c330134c832.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 May 2024 15:11:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=51.000118, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 2fa0eef5-12ae-43bf-ab12-5862212d3223
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9D6Ck38FmKrBk9D2kukA2c6N4witJpqhpDQv9HcrAthvhTgTtQp6dS9tP8Dc6KwGaaKu3imcEMn4xUlubkrReYWOn6FX4qy0Uag7YIZuWL4rBVPiB4Edal5jD3wjrLJe6AmL8BrgFafHAojwVQzakg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 88129ec0fe215491-YYZ

GET
H3 200 / Show response
www.candydirect.com/wpm@a144381aw75357604p183e4578m1913cbd7/custom/web-pixel-shopify-custom-pixel@064/sandbox/modern/ Frame 856D 42 KB
17 KB 206ms
206ms Document
text/html 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/wpm@a144381aw75357604p183e4578m1913cbd7/custom/web-pixel-shopify-custom-pixel@064/sandbox/modern/

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feba9faac953cea584a5d5deb29674614f77f537050276d423922ecf40a22d19

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.candydirect.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: BYPASS
cf-ray: 88129eb57d075491-YYZ
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 15:11:04 GMT
etag: "cacheable:341b47decdf45f761cd0453cb77a4a87"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJSSD%2F4TexVlvfYdWjPGsazsSCP5IZxeGH%2FNRp2onnvD1cl9od6ZWso3x6YMreV0DVAeLTfWZpnccOb7Jn0wVoW3d4wqFzdO4QLwt7Q8PCZSuWaFFDqZwB2tJtdJFiP7rdifCLX4srNDNRrHe7%2F%2FGU0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=26, db;dur=7, asn;desc="577", edge;desc="YYZ", country;desc="CA", theme;desc="83847708732", servedBy;desc="rpm8", requestID;desc="f76d32c6-d86a-423f-b4f1-00d44927937f-1715267464" cfRequestDuration;dur=106.000185 ipv6
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: f76d32c6-d86a-423f-b4f1-00d44927937f-1715267464
x-robots-tag: noindex, nofollow
x-shardid: 316
x-shopid: 545226812
x-sorting-hat-podid: 316
x-sorting-hat-shopid: 545226812
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H3 200 worker.modern.js
www.candydirect.com/wpm@a144381aw75357604p183e4578m1913cbd7/web-pixel-shopify-app-pixel@064/sandbox/ 41 KB
17 KB 188ms
187ms Other
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/wpm@a144381aw75357604p183e4578m1913cbd7/web-pixel-shopify-app-pixel@064/sandbox/worker.modern.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfcf1b8b83e0fe2ecdfe84377e799659728bf22c15ead79e4f663ce7daf4fb4a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=7889238
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
x-cache: hit, server
server-timing: processing;dur=13, db;dur=5, asn;desc="577", edge;desc="YYZ", country;desc="CA", servedBy;desc="tzf4", requestID;desc="4237e000-9ac8-4759-9170-ca2c18a8ad92-1715267464", cfRequestDuration;dur=88.999987, ipv6
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 4237e000-9ac8-4759-9170-ca2c18a8ad92-1715267464
x-shardid: 316
x-storefront-renderer-rendered: 1
server: cloudflare
etag: "cacheable:05768527246947c4426f06262336165d"
x-shopid: 545226812
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/javascript; charset=utf-8
content-language: en
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8enYKhkf%2F5SYecn88z8OztO%2FsQmvRSaIwdrfVRm4Nr8UNqV0iLPv8OrGVIPDka5rpFbaWQNNaKNbfJNwR1oXHrKlz4VADy7uZFJuyik9AoF4BOJb9Mt%2FlFn%2BfY6Dg2edS272nh%2BCddjNGkL3qECxNps%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: max-age=31536000, public
x-robots-tag: noindex, nofollow
cf-ray: 88129eb5ad265491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 content.json Show response
api.fera.ai/v2/public/ 654 B
1 KB 485ms
153ms XHR
application/json 2606:4700:10::ac43:727
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fera.ai/v2/public/content.json?public_key=pk_1e505bbe254a5529e29334b1f2f081835d4283619e8264428276515e1bcb0381&first=true&contexts=%7B%22list%22%3A%5B647987757116%2C648018853948%2C648107753532%2C648075477052%2C648086749244%2C648213299260%2C648094974012%2C648107294780%2C648297676860%2C647990181948%2C648019345468%2C648039039036%2C648417443900%2C648251703356%2C648015839292%2C647936016444%2C648337457212%2C648081965116%2C648154546236%2C647913570364%2C647917600828%2C647895646268%2C647901413436%5D%7D&content_requests_json=%5B%7B%22container_type%22%3A%22global_bottom%22%2C%22container_id%22%3A24%7D%5D&visitor_id=1ddb843c-731d-46d2-8151-7129c840ce67&api_client=fera.js-2.7.14.12&test_mode=false&state_json=%7B%22current_page%22%3A%7B%22url%22%3A%22https%3A%2F%2Fwww.candydirect.com%2F%22%2C%22referrer%22%3A%22%22%2C%22title%22%3A%22CandyDirect.com+-+Oldest+Online+Candy+Store%22%2C%22path%22%3A%22%2F%22%7D%2C%22location%22%3A%7B%22continent%22%3A%22NA%22%2C%22country_code%22%3A%22US%22%2C%22country_name%22%3A%22United+States%22%2C%22region_code%22%3Anull%2C%22region_name%22%3Anull%2C%22city%22%3Anull%2C%22zip_code%22%3Anull%2C%22time_zone%22%3A%22America%2FChicago%22%2C%22latitude%22%3A37.751%2C%22longitude%22%3A-97.822%7D%2C%22customer_id%22%3A%22%22%2C%22interaction_time%22%3A0%2C%22time_since_first_seen%22%3A1%2C%22session_time%22%3A0%2C%22time_on_current_page%22%3A1%2C%22inactive_time_on_current_page%22%3A0%2C%22variant_id%22%3A%227849693577276%22%2C%22cart%22%3A%7B%22item_count%22%3A0%2C%22currency%22%3A%22USD%22%2C%22total%22%3A0%2C%22total_weight%22%3A0%2C%22total_discount%22%3A0%2C%22items%22%3A%5B%5D%2C%22grand_total%22%3A0%7D%7D

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:727 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c389934a00076e755218050be01b5f4f40152a5a754bfe43aab9718b8e76574b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: */*
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
access-control-request-method: *
via: 1.1 vegur
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: DYNAMIC
content-encoding: br
x-cached-result: true
x-ip: 2001:4958:1420:151::110
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1715267465&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=2Ufwy0mvB4Pp1TQVzQcwHlLf0ugjV0WIi4TtJ5%2FHOz4%3D
x-request-id: d23d92e6-7b93-447c-969f-a60d90fb18fe
x-runtime: 0.019430
server: cloudflare
x-loc: Quebec|CA||45.50750|-73.58870|NA
etag: W/"66cac03c300102780de0eebf5b26849b"
access-control-max-age: 7200
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715267465&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=2Ufwy0mvB4Pp1TQVzQcwHlLf0ugjV0WIi4TtJ5%2FHOz4%3D"}]}
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Api-Client-Outdated, X-Fera-Client-Outdated, Total-Count, Server-Time
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding, Origin
cf-ray: 88129eb8b80536b4-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Api-Client, X-Api-Client, Api-Client-Outdated, Total-Count, Server-Time

GET
H2 200 default.css Show response
cdn.equalweb.com/style/ 11 KB
3 KB 111ms
109ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/default.css

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73f15b4f49ab793e521ac0bb242445e36ff3b912e1d3fbbf01e35085dde606a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:04 GMT
content-security-policy: default-src 'self' ;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
age: 74531
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 16:49:52 GMT
server: cloudflare
etag: W/"0b8e0976312da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2B%2BP1vODGpi8baTa537DvV8wW5Z%2B72W1vHF67kRczQdsggZJGTIbMWDM63IAodo0IyhwE56ZvhU7UeA76iiQ%2BHIq%2BrliIoCeaoj0f8GWN%2FrWlIdIbV7pf7UIi%2F0l8oEb3mPcXyW3oupTqZPZluw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: CA
cf-ray: 88129eb83b6cab24-YYZ

GET
H2 200 btncolor.css Show response
cdn.equalweb.com/style/ 105 B
455 B 164ms
163ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/btncolor.css

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
content-security-policy: default-src 'self' ;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
age: 41083
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
server: cloudflare
etag: W/"3f26cd3dfbc1d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSQx6Cw2dGpUxRZABMj%2FKvFXVpKI2PD%2By33uDXjpk2aNC9Nz82X%2BBjKBwThUzW1tZGtj1NpSnMF%2BvkKX9j%2F80ijPFNFEn5ALKXRRkS66AXuAtkZapLan0ul%2F0WMao0198sc39CpdlAUYHcvYop0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: CA
cf-ray: 88129eb83b6eab24-YYZ

GET
H2 200 locale.js Show response
cdn.equalweb.com/assets/scripts/ 29 KB
10 KB 699ms
698ms Fetch
application/javascript 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/scripts/locale.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
content-security-policy: default-src 'self' ;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 07:22:31 GMT
server: cloudflare
etag: W/"80d59982334d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOWJcDXnf7XzEPF50hJZOHCoyDZ9DYnIXos1xsyJ2wXw77ZoAp7PRas3Nyh1kMi8lrSYrd9Ctb1sADnI5wpOvmOUuXbcBZ1fcXq8bYbKkyHJgTFisW8gg%2FGmIqcL9DHKRLhk4P5QmjVpaHN9tQk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: CA
cf-ray: 88129eb83b6fab24-YYZ

POST
H3 200 produce_batch
www.candydirect.com/.well-known/shopify/monorail/unstable/ 0
808 B 148ms
148ms Ping
text/plain 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 May 2024 15:11:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=49.000025, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: b4aa0318-7697-4157-a490-2d36eac739b2
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idFCqjGpNkpjRcHZW0ohvQO56Evcbon9PdNX%2F49U9ZI6j9HA%2BhwHI5jxovk%2BwuQ4CoNZuE6JWqOvytvOWJe9igy5ITBn2%2F4peaVtdNzTpDSjSnaVhdgLxP32ou4SRE9jGrVGABV0mz74QcO%2BD%2Fo23tA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 88129ec0fe235491-YYZ

GET
H3 200 consent-tracking-api.js Show response
www.candydirect.com/cdn/shopifycloud/consent-tracking-api/v0.1/ 12 KB
5 KB 114ms
113ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e540a366e193decfcb551dd5d2eab2b299ca3b58f8c11e19596b82cf4736522a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 889
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=65.121, imageryFetch;dur=25.561, cfRequestDuration;dur=15.000105, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 4089
x-xss-protection: 1; mode=block
x-request-id: 11b6857d-f911-4cee-8d81-301d76479725-1715266554
last-modified: Thu, 09 May 2024 14:55:54 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4E3gVrw%2BCSchTEkjjkNZijAWKZY3ATghdIvWE5s3Nd5GsD96VvDrMxmqF4JBHf5ZBSD7gkv%2BRIED6BR92aiMTgMci2pkcsQfY%2F6nZZNBQznHPcfXs6Ji2JtiOngMiotWBuI6hgez1QPAR11uhWPHpSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
cf-ray: 88129eb90faa5491-YYZ
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 202 e.gif
api0.fera.ai/v2/public/ 0
950 B 487ms
162ms Image
image/gif 2606:4700:10::6816:3466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api0.fera.ai/v2/public/e.gif?type=page_view&visitor_id=1ddb843c-731d-46d2-8151-7129c840ce67&shopper_attributes=&state_json=%7B%22current_page%22%3A%7B%22url%22%3A%22https%3A%2F%2Fwww.candydirect.com%2F%22%2C%22referrer%22%3A%22%22%2C%22title%22%3A%22CandyDirect.com+-+Oldest+Online+Candy+Store%22%2C%22path%22%3A%22%2F%22%7D%2C%22location%22%3A%7B%22continent%22%3A%22NA%22%2C%22country_code%22%3A%22US%22%2C%22country_name%22%3A%22United+States%22%2C%22region_code%22%3Anull%2C%22region_name%22%3Anull%2C%22city%22%3Anull%2C%22zip_code%22%3Anull%2C%22time_zone%22%3A%22America%2FChicago%22%2C%22latitude%22%3A37.751%2C%22longitude%22%3A-97.822%7D%2C%22customer_id%22%3A%22%22%2C%22interaction_time%22%3A0%2C%22time_since_first_seen%22%3A1%2C%22session_time%22%3A0%2C%22time_on_current_page%22%3A1%2C%22inactive_time_on_current_page%22%3A0%2C%22section%22%3A%22home%22%2C%22variant_id%22%3A%227849693577276%22%2C%22cart%22%3A%7B%22item_count%22%3A0%2C%22currency%22%3A%22USD%22%2C%22total%22%3A0%2C%22total_weight%22%3A0%2C%22total_discount%22%3A0%2C%22items%22%3A%5B%5D%2C%22grand_total%22%3A0%7D%7D&api_client=fera.js-2.7.14.12&public_key=pk_1e505bbe254a5529e29334b1f2f081835d4283619e8264428276515e1bcb0381&first=true

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
access-control-request-method: *
via: 1.1 vegur
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: DYNAMIC
x-ip: 2001:4958:1420:151::110
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1715267465&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=7DNat9TNhychj4in2SFCS30qvLTYHti%2Fv0zw6nKP7oU%3D
x-request-id: 248e3254-de4a-4012-8059-062bd2eb95e3
x-runtime: 0.029836
server: cloudflare
x-loc: Quebec|CA||45.50750|-73.58870|NA
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715267465&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=7DNat9TNhychj4in2SFCS30qvLTYHti%2Fv0zw6nKP7oU%3D"}]}
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Api-Client-Outdated, X-Fera-Client-Outdated, Total-Count, Server-Time
cache-control: no-cache
cf-ray: 88129ebc3d8bac9f-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Api-Client, X-Api-Client, Api-Client-Outdated, Total-Count, Server-Time

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 43 B
594 B 407ms
144ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=RCkVE7

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

53a85651866852f33fcaf1ee1eff6e5002e8dfe32e4dd49187007b3a7c1367ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:05 GMT
strict-transport-security: max-age=900
age: 8589850
x-cache: HIT, HIT
content-length: 43
x-served-by: cache-bos4677-BOS, cache-yyz4568-YYZ
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=10
access-control-allow-credentials: true
vary: Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 409, 0

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/RCkVE7/ 22 KB
4 KB 349ms
76ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/RCkVE7/full-forms
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90818acda4b1d39a549b57056d0c6e254f45e33a3dc320eaec03d6e1e4654ac1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Tl30.oAWxZRRpMsZQIv262.akMOTz0W2
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 May 2024 15:11:05 GMT
x-amz-request-id: 8MTEDK7N30F0CH90
age: 48157
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: NA
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/RCkVE7 custom-fonts/RCkVE7
content-length: 3443
x-amz-id-2: MSlc0NZOFqkvKN9ulmcFHpQT2ChMSZlCDtC8jYr8YMxjSx4aQGT3tudc8cBakQUGYKlqIH9LLlU=
x-served-by: cache-yyz4563-YYZ
client-geo-country: CA
last-modified: Thu, 09 May 2024 01:28:55 GMT
server: AmazonS3
x-timer: S1715267466.585767,VS0,VE1
etag: "a73f4f13036a62299985ea2bd028ca6b"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 125ms
125ms Ping
text/plain 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S1KTWY4VN3&gtm=45je4510v9103528807z86491037za200&_p=1715267462534&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&cid=797453991.1715267465&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715267465&sct=1&seg=0&dl=https%3A%2F%2Fwww.candydirect.com%2F&dt=CandyDirect.com%20-%20Oldest%20Online%20Candy%20Store&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4668
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S1KTWY4VN3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 15:11:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.candydirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13.svg Show response
cdn.equalweb.com/assets/images/ 770 B
855 B 693ms
692ms Fetch
image/svg+xml 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/images/13.svg

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

849e732a51bc624ebe86de5a5c50932e5d8c88618c5442e4d881b0f152001052

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:06 GMT
content-security-policy: default-src 'self' ;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Feb 2020 08:42:12 GMT
server: cloudflare
etag: W/"68d35d46ddad51:0"
x-frame-options: deny
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Is8HK7G2rFBaGl6ueL0TLxu%2B70h04K4rYvZAICg0WOjk80C3hIrhpHUJF7C8w8exI9IAVlEkDHM0C5XT%2F31erL%2FiDpE1tN5bcD8qTfkUSK6P0oRdyRCqVCA8qWTC2vS6LzUfDruVTq%2BzzuN1Jyw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
vary: Accept-Encoding
x-client-country: CA
cf-ray: 88129ebc9f8bab24-YYZ

GET
H2 200 custombtnstyle.css Show response
cdn.equalweb.com/style/ 4 KB
1 KB 254ms
254ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/custombtnstyle.css

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:05 GMT
content-security-policy: default-src 'self' ;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Mar 2020 09:11:26 GMT
server: cloudflare
etag: W/"0b350e0bbf6d51:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmiQiZwt9jxQ%2BmQzVQc8UygESZYo31KyCLjX1H61RLkdTWTRh%2B9DoihbeLIjJEarMWH2eSpnxEscCNK2JLyf3ZdK0uzwJJqrM0dhIhxSsm2JKDJPvkFZjy7DsHb8hUer7eVUQYUD2eBoKBQ9H4Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: CA
cf-ray: 88129ebc9f8dab24-YYZ

GET
H2 200 vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js Show response
static.klaviyo.com/onsite/js/ 22 KB
9 KB 75ms
73ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.a91162213181c42e98d2.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hw7SViCzd9aX5jIszRS6I1sx4jGvmnSZ
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:05 GMT
x-amz-request-id: 5KXVKG481Q5746A0
age: 52
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8356
x-amz-id-2: vO5nw9PfIJv0PXqifSwnOls0aGmgAubVn6vfhof8wfDXPBbnFOjsI+/komcD4CqdYKLxYxdfqpg=
x-served-by: cache-lga21937-LGA, cache-yyz4572-YYZ
last-modified: Wed, 03 Apr 2024 02:24:08 GMT
server: AmazonS3
etag: "2f5438508c293a1ad8e8f5b6a6cbd520"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a2a09d2f114724cda111ccd8470493362b1982e3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 54, 15

GET
H2 200 ClientStore.69c48f39bcfd26fe1f53.js Show response
static.klaviyo.com/onsite/js/ 66 KB
21 KB 74ms
74ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/ClientStore.69c48f39bcfd26fe1f53.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.a91162213181c42e98d2.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c883c84e383e4ed19d5f5791e48fd3250d934ba9e7e87af82586d189a6a7210

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vxrQcb_c7xwUJUdXYH8K.RBWzaYwKog2
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:05 GMT
x-amz-request-id: XJAJW56MT45TN8K9
age: 52
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 20785
x-amz-id-2: zLKEi5ZRWL+MGNCsz2/wuiVysuMgC7OVYjDV+DWXOyOqtyJW8m++KOMpgjxJ91Ztje5WdFhT30Y=
x-served-by: cache-lga21959-LGA, cache-yyz4572-YYZ
last-modified: Thu, 25 Apr 2024 12:20:03 GMT
server: AmazonS3
etag: "741055d7adb8af8b1b2f9fd463e77217"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 7f7437191fddf212d031909e064273482916d61f
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 23, 16

GET
H2 204 4017689.js Show response
bat.bing.com/p/action/ 0
118 B 110ms
109ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4017689.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 09 May 2024 15:11:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2EFD52ED2F34638BF1A8759A528BF8F Ref B: YTO01EDGE0512 Ref C: 2024-05-09T15:11:06Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 208ms
208ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4017689&tm=gtm002&Ver=2&mid=ec0011a1-1b10-472a-934b-317662831cb6&sid=5b6048500e1611ef9f81f57bde148af2&vid=5b6075500e1611efb55c85b0ca99a5bc&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=CandyDirect.com%20-%20Oldest%20Online%20Candy%20Store&p=https%3A%2F%2Fwww.candydirect.com%2F&r=&lt=2890&evt=pageLoad&sv=1&rn=454022

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 May 2024 15:11:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E8A6573AFB084F36BA47533B7AD3955C Ref B: YTO01EDGE0512 Ref C: 2024-05-09T15:11:06Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 135ms
134ms XHR
text/plain 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=389104792&t=pageview&_s=1&dl=https%3A%2F%2Fwww.candydirect.com%2F&dp=%2F&ul=en-ca&de=UTF-8&dt=CandyDirect.com%20-%20Oldest%20Online%20Candy%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABBAAAACgCIAB~&jid=1143475285&gjid=586252881&cid=797453991.1715267465&tid=UA-6437984-1&_gid=1806392196.1715267466&_slc=1&did=BwiEti&z=1715631552

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 May 2024 15:11:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.candydirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 603ms
203ms XHR
text/plain 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6437984-1&cid=797453991.1715267465&jid=1143475285&gjid=586252881&_gid=1806392196.1715267466&_u=YCDAgEABBAAAAGgCIAD~&z=921117088

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 May 2024 15:11:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.candydirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 532.76ff6511d9161a1d3428.css
static.klaviyo.com/onsite/js/ 70 KB
9 KB 74ms
74ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/532.76ff6511d9161a1d3428.css
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.a91162213181c42e98d2.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbcbe5d1492e2efb05151c2c83d94545a51945a6a19c5a7cd41571bbf6201f53

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: aWYUGPKiUXjFqWhKyiB1ui.Z44G9RDyi
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:06 GMT
x-amz-request-id: MJ7S6GSFV9N87E88
age: 52
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9297
x-amz-id-2: 0BFzEDzhqm+tywsEdu+JPWaOLYj+hRznU3Z/WPtTCRGTQwxsUxdCza19tpZLvJt0fbKYdZ0Gl7Y=
x-served-by: cache-lga21922-LGA, cache-yyz4572-YYZ
last-modified: Thu, 18 Apr 2024 19:04:30 GMT
server: AmazonS3
etag: "f1b15b2e8c4f17a0171d60fdff0dbedb"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: fcf55ac125e820d660e5bfea13d0c3ecf259891b
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 28, 15

GET
H2 200 styles.ccf9eb43fb94f6b4efde.js Show response
static.klaviyo.com/onsite/js/ 13 KB
4 KB 78ms
78ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/styles.ccf9eb43fb94f6b4efde.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.a91162213181c42e98d2.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: u4YOvN.DBhziRupMNLHlSlohoVjRmp1y
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:06 GMT
x-amz-request-id: EEGXP0XW5HRRBVY3
age: 52
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4092
x-amz-id-2: uuuLX3jxbT5jsxJejSDwGq8C5/2Zi1Magv6m4goQvJr8BDlHFmYqf92WbJAQXkSF5HoqBJ41b6Y=
x-served-by: cache-lga21931-LGA, cache-yyz4572-YYZ
last-modified: Wed, 03 Apr 2024 02:24:08 GMT
server: AmazonS3
etag: "c6c30853a63ebd4a4189fa8dcd359f29"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a2a09d2f114724cda111ccd8470493362b1982e3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 0, 14

GET
H2 200 vendors~Render.17e69248498a31b75f43.js Show response
static.klaviyo.com/onsite/js/ 12 KB
4 KB 76ms
74ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~Render.17e69248498a31b75f43.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.a91162213181c42e98d2.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb2dbdb316742cbcfe3896917218500775bbe6291a077efac20da890072a0efc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: dGCBo7ejJ0EYYCH.Zt8BmmnASbsiCNfl
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:06 GMT
x-amz-request-id: 5KXZP7J4TJBF43B7
age: 52
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4235
x-amz-id-2: xfFzND1hpiNwh16ZGNss1Qyp8SCgzz2WEpaBUAOhENsBBixHGYGfcCipuS1Vbr+n9BUhnAClyQE=
x-served-by: cache-lga21935-LGA, cache-yyz4572-YYZ
last-modified: Wed, 03 Apr 2024 02:24:08 GMT
server: AmazonS3
etag: "88f918f93d174ae883fc6a975f68365b"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a2a09d2f114724cda111ccd8470493362b1982e3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 67708, 15

GET
H2 200 Render.8bd5a59b5a446646ab21.js Show response
static.klaviyo.com/onsite/js/ 119 KB
34 KB 74ms
74ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/Render.8bd5a59b5a446646ab21.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.a91162213181c42e98d2.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26b5cc4dac832a65e469a8fb454b8ea03967dad318c66c8e08b64a994e38d511

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: D1f.t05PiTxwY9K9WlT83u1IT3PsVTw7
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 May 2024 15:11:06 GMT
x-amz-request-id: 8PBHRJX89396NBNQ
age: 52
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 34274
x-amz-id-2: /VXtbs94z+L9vVlOKlCiMNxBdEGATNTiYy8FOzl3PA8N68DkpSXvqLeGp5byeYMsEGZgPSVxam0=
x-served-by: cache-lga21926-LGA, cache-yyz4572-YYZ
last-modified: Thu, 25 Apr 2024 19:08:24 GMT
server: AmazonS3
etag: "853ef519817e1d17788f0a6c23a07425"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 5445fd237a382cb2f028d208b3cd68d92596431a
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 53, 15

GET
H2 200 client.js Show response
cdn.shopify.com/shopifycloud/shop-js/ 800 KB
181 KB 115ms
113ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shop-js/client.js

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/ClientStore.69c48f39bcfd26fe1f53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

103944b82c4063fc7c44b330fa550414c30b6f7733a923457a6b159ac6b72c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 758
server-timing: imagery;dur=84.481, imageryFetch;dur=47.160, cfRequestDuration;dur=15.000105, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 184443
x-xss-protection: 1; mode=block
x-request-id: 393c25b7-ef09-434a-971b-b3c6e2896b6d-1715265865
last-modified: Thu, 09 May 2024 14:44:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zR7uGXpg390a4RGKl5MeyYzyd12xkoqbFep4BBk4%2F%2FWQp6v3c8y7P7y3GaxWNGZv6NCE2kZg0aX7jmcVBOaPK7T13XsAJXoPYft0RFLoVqB%2BRad3jJaEkayzG7RWiyYUzxkBd8I8YOLl1uUJOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shop-js/client.js>; rel="canonical"
cf-ray: 88129ec0ff8aab45-YYZ

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ Frame 0
0 582ms
186ms Preflight
text/html 2606:4700:4400::6812:2889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=RCkVE7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2889 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.candydirect.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 88129ec3fcbfa1f9-YYZ
content-encoding: gzip
content-language: en-us
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 15:11:06 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
386 B 153ms
152ms XHR
application/json 2606:4700:4400::6812:2889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=RCkVE7

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2889 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
accept: application/json
Referer: https://www.candydirect.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
access-control-allow-methods: POST
content-type: application/json
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 88129ec52de3a1f9-YYZ
access-control-allow-headers
x-robots-tag: noindex, nofollow

GET
H2

200

sdk-authorize
pay.shopify.com/pay/ Frame 43BA
Redirect Chain

https://www.candydirect.com/services/login_with_shop/authorize?target_origin=https%3A%2F%2Fwww.candydirect.com&api_key=5edd9000b933a8fa88c152d1e498531f&flow=discount&flow_version=EMAIL_CAPTURE&loca...
https://shop.app/pay/sdk-session?target_origin=https%3A%2F%2Fwww.candydirect.com&flow=discount&flow_version=EMAIL_CAPTURE&locale=en&analytics_trace_id=b5592925-1039-4544-b886-e9cd5182cfe0&phone_cap...
https://pay.shopify.com/pay/sdk-authorize?target_origin=https%3A%2F%2Fwww.candydirect.com&flow=discount&flow_version=EMAIL_CAPTURE&locale=en&analytics_trace_id=b5592925-1039-4544-b886-e9cd5182cfe0&...

0
0

638ms
259ms

Document
text/html

2620:127:f00f:ff00::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.shopify.com/pay/sdk-authorize?target_origin=https%3A%2F%2Fwww.candydirect.com&flow=discount&flow_version=EMAIL_CAPTURE&locale=en&analytics_trace_id=b5592925-1039-4544-b886-e9cd5182cfe0&phone_capture=false&save_discount_at=authorize-success&response_mode=form_post&scope=openid+pay%3Asession_token+email+phone%3Averified&response_type=id_token&client_id=00aecd32-5037-4c17-a42f-eeadc8759770&redirect_uri=https%3A%2F%2Fwww.candydirect.com%2Fservices%2Flogin_with_shop%2Fcallback&state=TTBFTFBId09TeXZoalltQ1NFb0w1YmZBRWNCMWhRTHZ6a1RtbzNudnJFbWhpbGsybGkzeFovdE5RcEQrSkdLU0NHWGMzMmlzVUwzZ1JKK0ZZZllnYkVBWWpNNFZjaGJlK2FVWGJtNk4zYUhGUDlXaVRjQlJDZlA2TnA4UXBHOEFoTzBUNm1mbXdLY3NDQjNvbTNmUGcrb0tqSnFKMnRKdWVuL2doaFE5bTNPVDJQY1dBa3V2T05FdXkxeUQzOXVxQXBWaHlHazNyOFhlaG4rU2FONjhtN2MrUnpsZjRLOENZTG4zRjI0a1labFU2TTNjc0d5WWFETEZDUmMwUTc3TUF5TnRnVUszQXU3d1prUStJQUppNzI2bloyMjdRMWNMekJUbDR1UWZGcGJaR0JnTmY4V21hOFB4LzNkSkVKRElHb3BRWDgrVkdaUVpmWTRuckoxaVA2bUFRaU9ua0RLMGNGSXlEVkpwcHhFRXg2V2xLazhwZGtxTDErTy81NlRCdXM5U0J3b0FucXhJeTJtRU95OTIwaFBUNFJ6T2hwR2daS2xqdm9mQ0N5Um1QSUJmd3ZGc1Z6QitLOHAweEFRZjZNQkoxWEpFRlZMalprNU9VWlVIRHc9PS0tc3ZqSU8zTk00Y2VDUEU2M1d1VHdMUT09--89d44c48b2462dd6451f02f2ba163a11f6e572c6&require_verification=false&uniq_token=74bda804-2a40-49a7-9e05-0bff7bd15e4b&visit_token=d64e59db-2a9c-42a7-a686-4f8d658e604b&nonce=TKrMcFtJAJMfp4VN-HUMFNxL

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shop-js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff00:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://.hcaptcha.com; frame-ancestors https://candydirect.myshopify.com https://candydirect.com https://www.candydirect.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com https://shop.app
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.candydirect.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: BYPASS
cf-ray: 88129ec9bbbb39e7-YYZ
content-encoding: br
content-security-policy: default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors https://candydirect.myshopify.com https://candydirect.com https://www.candydirect.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com https://shop.app
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 15:11:07 GMT
etag: W/"397fcbd43d1516c3193d61c22af161f0"
link: <https://cdn.shopify.com/shopifycloud/arrive-server/vite/assets/payAuthorizeDiscount-80b4b31c.js>; rel=modulepreload; as=script; crossorigin=anonymous; nopush,<https://cdn.shopify.com/shopifycloud/arrive-server/vite/assets/index-9484b7c6.css>; rel=preload; as=style; nopush,<https://cdn.shopify.com/shopifycloud/arrive-server/vite/assets/TranslationProvider-0c734f1f.css>; rel=preload; as=style; nopush,<https://cdn.shopify.com/shopifycloud/arrive-server/vite/assets/index-9207d787.css>; rel=preload; as=style; nopush,<https://cdn.shopify.com/shopifycloud/arrive-server/vite/assets/AuthorizeWithConsent-5f55e74b.css>; rel=preload; as=style; nopush,<https://cdn.shopify.com/shopifycloud/arrive-server/vite/assets/useAuthorizeTexts-b891c8fe.css>; rel=preload; as=style; nopush,<https://cdn.shopify.com/shopifycloud/arrive-server/vite/assets/useEscapeKeypress-b7509cdf.css>; rel=preload; as=style; nopush
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3S2onfRsUJkVjoYwns06c3zk3AzWuXADI6eGGku3RXXLQLDgkhSt2T3ub6wMDi%2FNRv4cnUngy0enspLx8cQ8oy4q9pSODC3TtwyeEvHzhk0QpMu3vYGEl1h2I6PKKsVJzFF4nSTElxwYceErQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=34, socket_queue;dur=2.645, util;dur=0.0 cfRequestDuration;dur=159.999847 ipv6
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dc: gcp-us-central1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: e0fed949-1fe2-4d4a-879a-0d0a778f68b5-1715267467
x-runtime: 0.033459
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: BYPASS
cf-ray: 88129ec61a2da228-YYZ
content-length: 0
content-security-policy: default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 15:11:07 GMT
location: //pay.shopify.com/pay/sdk-authorize?target_origin=https%3A%2F%2Fwww.candydirect.com&flow=discount&flow_version=EMAIL_CAPTURE&locale=en&analytics_trace_id=b5592925-1039-4544-b886-e9cd5182cfe0&phone_capture=false&save_discount_at=authorize-success&response_mode=form_post&scope=openid+pay%3Asession_token+email+phone%3Averified&response_type=id_token&client_id=00aecd32-5037-4c17-a42f-eeadc8759770&redirect_uri=https%3A%2F%2Fwww.candydirect.com%2Fservices%2Flogin_with_shop%2Fcallback&state=TTBFTFBId09TeXZoalltQ1NFb0w1YmZBRWNCMWhRTHZ6a1RtbzNudnJFbWhpbGsybGkzeFovdE5RcEQrSkdLU0NHWGMzMmlzVUwzZ1JKK0ZZZllnYkVBWWpNNFZjaGJlK2FVWGJtNk4zYUhGUDlXaVRjQlJDZlA2TnA4UXBHOEFoTzBUNm1mbXdLY3NDQjNvbTNmUGcrb0tqSnFKMnRKdWVuL2doaFE5bTNPVDJQY1dBa3V2T05FdXkxeUQzOXVxQXBWaHlHazNyOFhlaG4rU2FONjhtN2MrUnpsZjRLOENZTG4zRjI0a1labFU2TTNjc0d5WWFETEZDUmMwUTc3TUF5TnRnVUszQXU3d1prUStJQUppNzI2bloyMjdRMWNMekJUbDR1UWZGcGJaR0JnTmY4V21hOFB4LzNkSkVKRElHb3BRWDgrVkdaUVpmWTRuckoxaVA2bUFRaU9ua0RLMGNGSXlEVkpwcHhFRXg2V2xLazhwZGtxTDErTy81NlRCdXM5U0J3b0FucXhJeTJtRU95OTIwaFBUNFJ6T2hwR2daS2xqdm9mQ0N5Um1QSUJmd3ZGc1Z6QitLOHAweEFRZjZNQkoxWEpFRlZMalprNU9VWlVIRHc9PS0tc3ZqSU8zTk00Y2VDUEU2M1d1VHdMUT09--89d44c48b2462dd6451f02f2ba163a11f6e572c6&require_verification=false&uniq_token=74bda804-2a40-49a7-9e05-0bff7bd15e4b&visit_token=d64e59db-2a9c-42a7-a686-4f8d658e604b&nonce=TKrMcFtJAJMfp4VN-HUMFNxL
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qObc978ZRbqruN9Rgj88d6LxBlcfknTF8jBkFQIfApfJ%2FNZ0%2FWLuqzmsomy2FUtWZwLxd7H0OlSnUChGhKgvxdWrkcUbjajSe8Mr%2BA4X3WQLlS%2FIQ5y7Z5GfK0Ay6uWUuEEe7I1j"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfRequestDuration;dur=105.999947 ipv6
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dc: gcp-us-central1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 6a9d2c06-b5e8-46c5-918e-e1f764d53558-1715267467
x-runtime: 0.007287
x-sorting-hat-podid: -1
x-xss-protection: 1; mode=block

OPTIONS
H2 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 390ms
140ms Preflight 34.111.94.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monorail-edge.shopifysvc.com/v1/produce
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.94.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.94.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Access-Control-Request-Method: POST
Origin: https://www.candydirect.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.candydirect.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 09 May 2024 15:11:06 GMT
via: 1.1 google

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 107ms
106ms Fetch 34.111.94.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monorail-edge.shopifysvc.com/v1/produce
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.94.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.94.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://www.candydirect.com/
X-Monorail-Edge-Event-Created-At-Ms: 1715267466621
X-Monorail-Edge-Event-Sent-At-Ms: 1715267466621
X-Monorail-Edge-Client-Message-Id: 6fd123a2-1d85-4cf5-b470-456c2e5f2a12
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:07 GMT
via: 1.1 google
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: baf00357-5df8-4827-a4c5-29dc21427891

GET
H3 200 meta.json Show response
www.candydirect.com/ 660 B
2 KB 172ms
172ms Fetch
application/json 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/meta.json

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a283cdf9c8726a6cfcab1606ff9aafac8dff1e82ebd6ea6cee9d0f9b87a59c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=7889238
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
x-cache: miss
server-timing: processing;dur=26, db;dur=14, asn;desc="577", edge;desc="YYZ", country;desc="CA", servedBy;desc="84hh", requestID;desc="64298523-4ed8-47c5-b89d-8e7bc0c123a4-1715267466", cfRequestDuration;dur=66.999912, ipv6
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 64298523-4ed8-47c5-b89d-8e7bc0c123a4-1715267466
x-shardid: 316
x-storefront-renderer-rendered: 1
server: cloudflare
etag: "cacheable:92ea18c2ea85da44c1ac2be275ee3c35"
x-shopid: 545226812
x-frame-options: DENY
vary: Accept
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQpXhm44HHuDoop68cLYbXy8JzeAlAqUo%2BfZNvka11TCg%2BwyDdBXtYzCD%2Fa4wn2%2BPLIXXlp2PNVOOKEnOI5OenSdamHmSwES%2BEtfES%2B57eT5kzel4IOmH4t9EfVPSUZ7FIQ%2BvsFWBt9Yx1jvvIPVH58%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 88129ec2af845491-YYZ
x-sorting-hat-podid: 316

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 107ms
106ms Fetch 34.111.94.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monorail-edge.shopifysvc.com/v1/produce
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.94.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.94.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://www.candydirect.com/
X-Monorail-Edge-Event-Created-At-Ms: 1715267466622
X-Monorail-Edge-Event-Sent-At-Ms: 1715267466622
X-Monorail-Edge-Client-Message-Id: 8d2e7a9e-6004-489a-bf34-2820bf4ed2ff
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:07 GMT
via: 1.1 google
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: dc49f079-f19f-4e18-833d-1a6dd2988534

OPTIONS
H2 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 390ms
141ms Preflight 34.111.94.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monorail-edge.shopifysvc.com/v1/produce
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.94.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.94.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Access-Control-Request-Method: POST
Origin: https://www.candydirect.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.candydirect.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 09 May 2024 15:11:06 GMT
via: 1.1 google

GET
H/1.1 200
OK 3867d8994e399b98b07b4cf34.js Show response
chimpstatic.com/mcjs-connected/js/users/0002d44c08cca4058378d27c0/ 50 B
579 B 507ms
130ms Script
application/javascript 23.205.33.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/0002d44c08cca4058378d27c0/3867d8994e399b98b07b4cf34.js?shop=candydirect.myshopify.com
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.33.42 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-33-42.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-EdgeConnect-Origin-MEX-Latency: 16
Date: Thu, 09 May 2024 15:11:09 GMT
Last-Modified: Tue, 05 Mar 2019 16:45:01 GMT
Server: AmazonS3
x-amz-request-id: BMAT0HHJDNFAEVFJ
X-EdgeConnect-MidMile-RTT: 1
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=1224
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: Ph+y7FDbHVFIjugp1MPwIGjCNPUJiqjeUkGphxSx8zfc1dVnMtX2dJ70gNcan6N8Ttudi1j5msI=
Expires: Thu, 09 May 2024 15:31:33 GMT

GET
H3 200 globomenu_init.js Show response
cdn.shopify.com/s/files/1/0005/4522/6812/t/3/assets/ 24 B
915 B 155ms
154ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0005/4522/6812/t/3/assets/globomenu_init.js?shop=candydirect.myshopify.com

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0771422e1078b8f1cf5b4e978782d0acfaf8e252fc1163d67f84bf94490a981

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
server-timing: imagery;dur=121.838, imageryFetch;dur=98.999, cfRequestDuration;dur=55.000067, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 26
x-xss-protection: 1; mode=block
x-request-id: 72878b80-46aa-4b98-9215-7745b4cb90f8-1714764922
last-modified: Fri, 03 May 2024 19:35:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDNTRjF8wqkZLVMzir4qW%2ByK5Lh2hiqFz%2B5pjqWrgaAI3fp3AFWY8KmuZ8Ndmzkqs68oLimMoM5jerhNd4RQmFQsb%2BdiMoplmrbZfuyIBdJw7CmP90mS1x6DExQNlIZ4i9wq0vdpMAv6KRL%2Fzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0005/4522/6812/t/3/assets/globomenu_init.js>; rel="canonical"
cf-ray: 88129ed0fbe3ab8d-YYZ

GET
H3

200

main-js Show response
www.candydirect.com/apps/litefy/js/
Redirect Chain

https://candydirect.myshopify.com/apps/litefy/js/main-js?shop=candydirect.myshopify.com
https://www.candydirect.com/apps/litefy/js/main-js?shop=candydirect.myshopify.com

14 KB
5 KB

429ms
428ms

Script
application/javascript

2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/apps/litefy/js/main-js?shop=candydirect.myshopify.com

Protocol

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d43e2542b9f0757f12ccaf9fe7a5f5d737c6e24b9d2e313d39a1383a7a8bf92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.candydirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-amz-cf-pop: YUL62-P1
x-amzn-requestid: 1ce0e472-6325-4ce8-9cf5-0f9076ccf26d
x-cache: Miss from cloudfront
server-timing: cfRequestDuration;dur=251.000166, cfRequestDuration;dur=329.999924, ipv6
x-amz-apigw-id: XgkeLHY6oAMEc3A=
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0fe9319b-d5cd-4a2a-86ab-62f0d3c3d507-1715267469
server: cloudflare
x-amzn-trace-id: Root=1-663ce78d-7a48d2016e225e655ab7bc91;Parent=1367bcba1de1dee7;Sampled=0;lineage=11918aa2:0
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJIfDaKPQoJYoAd6EnGRJemItCxvmhie7x%2BzMK5GXh2rmLLxPT6Evyu2RGYjm80CZrm5%2FFaYh5CLemQO5B82ae7oAPhld8al2IDq%2BKYMkzU%2BseGcJDrEvlbKWEjEf8K5K%2FXv%2Fp9M%2B3cz2pQo6WNA27w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 88129ed48c3c5491-YYZ
x-amz-cf-id: Wl8IOTGmMsVAW8zJlc4BeexEz1yDMlEk7MUKCmtscc33UGXKLcu3Pg==

Redirect headers

date: Thu, 09 May 2024 15:11:09 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
server-timing: processing;dur=6, db;dur=2, asn;desc="577", edge;desc="YYZ", country;desc="CA", servedBy;desc="grmh", requestID;desc="eba8ce8d-5642-487c-a443-caf2705531a4-1715267469", cfRequestDuration;dur=54.999828, ipv6, cfRequestDuration;dur=79.999924, ipv6
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: eba8ce8d-5642-487c-a443-caf2705531a4-1715267469
x-sorting-hat-shopid: 545226812
x-shardid: 316
x-redirect-reason: primary_domain_redirection
x-storefront-renderer-rendered: 1
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=utf-8
location: https://www.candydirect.com/apps/litefy/js/main-js?shop=candydirect.myshopify.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8yOGz%2BGOEsnsEe9v3G%2B5kF7hOExtkiNo9Yr1WJ6DlUmaEdviFAKt5ALFPzUWv5PZTLhm4breROf8uKUbOJlDrtIsUkMIvriub2mtEGAsm47zHN2qnbpXFLYu7uAKiaeCAsItt5ugPJXmTKt6V6x3emx6aApRHo%3D"}],"group":"cf-nel","max_age":604800}
x-shopid: 545226812
cf-ray: 88129ed35f15aab6-YYZ
x-sorting-hat-podid: 316

GET
H2 200 fera.placeholder.js Show response
cdn.fera.ai/js/ 311 B
965 B 798ms
139ms Script
text/javascript 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fera.ai/js/fera.placeholder.js?shop=candydirect.myshopify.com
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 930afc05366d42830315fad580588774ca9ac13aeb7af1f2b040f350438ab20f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
content-encoding: br
cdn-edgestorageid: 925
cdn-cachedat: 05/01/2024 17:11:53
cdn-pullzone: 1548962
last-modified: Wed, 28 Dec 2022 19:21:55 GMT
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"c3a84b86413333e4b8533eea2892f967"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a4c88a4a-0c95-4e94-951a-df19ca9d982a
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ac02d2ed216c932d38bbfab9b3566a6f
cf-ray: 87d162c5cd52d2b1-CDG
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 quickannouncementbar.js Show response
cdn.hextom.com/js/ 59 KB
14 KB 554ms
140ms Script
text/javascript 2600:9000:2191:dc00:1:427b:a440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hextom.com/js/quickannouncementbar.js?shop=candydirect.myshopify.com
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:dc00:1:427b:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b96cb9e99498815ad206ca36704d8909716b785cd7c9893b0be1d8456fd2c839

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 01:27:16 GMT
content-encoding: gzip
via: 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
last-modified: Tue, 23 Apr 2024 18:07:40 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C1
age: 49434
etag: "fbc52177a1cb7906e893ca16a7e31ff3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13427
x-amz-cf-id: K7cpByyS0ksfA4EOpN1MPE5_nwadsPCUq02p3F7FhqMoPP3sz9iEFA==

GET
H2 200 redirect-app.js Show response
d23dclunsivw3h.cloudfront.net/ 856 B
1 KB 613ms
152ms Script
application/javascript 2600:9000:269f:2600:3:6639:8f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d23dclunsivw3h.cloudfront.net/redirect-app.js?shop=candydirect.myshopify.com
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:2600:3:6639:8f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96925912485399570512eb697967206778f1d79682b47284d0decd88883de6b8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: outaiqf6CuNBNxYfNpnGTg_LyO65oStE
date: Thu, 09 May 2024 11:44:01 GMT
via: 1.1 421f55bf919c48fdb315cf78c5d6e1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 12429
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 856
last-modified: Wed, 27 Mar 2024 05:43:21 GMT
server: AmazonS3
etag: "53d74ef1b231d70fe6ab3164bcc7e30e"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: BQoh5yZFUj-d_uy9WrZa4K3k6c13_gKmWBQVc6l8AtsgbQKM0Vx43A==

GET
H2 200 client_script_min.js Show response
d3ox8tdk614ykk.cloudfront.net/ 3 KB
3 KB 564ms
134ms Script
application/javascript 2600:9000:24f5:fe00:2:6020:4100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ox8tdk614ykk.cloudfront.net/client_script_min.js?shop=candydirect.myshopify.com
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f5:fe00:2:6020:4100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: deb29fbadaac8354ad90df00165944019dbbe0f51421df636a96d16d5054c5ce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 06:09:52 GMT
via: 1.1 e71ab653feb8332f51edf19089ecf9fc.cloudfront.net (CloudFront)
last-modified: Wed, 05 Apr 2023 11:49:14 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P4
age: 32478
x-amz-server-side-encryption: AES256
etag: "76bd5942a4a7b520539f9ac9e7323298"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2801
x-amz-cf-id: oCyqTtFGxs4IFytKzyBsStV7S9fIy5FzhQGyk7pOu6EO4ToK7HeYuQ==

GET
H3 200 runtime.latest.en.3ee485dea4553f5023f7.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
4 KB 449ms
138ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.3ee485dea4553f5023f7.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
server-timing: imagery;dur=62.143, imageryFetch;dur=25.108, cfRequestDuration;dur=42.000055, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 3061
x-xss-protection: 1; mode=block
x-request-id: 187799b4-3ce9-474a-95a4-55bf962632dd-1715249233
last-modified: Thu, 09 May 2024 10:07:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Or2%2BkfQJfJcEFoVB9xopP7uD1ddiKJGRr%2Bj6ZctWuFrQD8p9tiCoFJBQOdIsc%2BGpLDR2tHhBRWSbewCp8VuwFqsZtx3%2BjuYyuRG19KtBNyj6hyoJbDX1HSpfooEJ4gOcp4N%2BOzwIsfLttDMg5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.3ee485dea4553f5023f7.js>; rel="canonical"
cf-ray: 88129ed2d946ac82-YYZ

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 108ms
107ms Fetch 34.111.94.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monorail-edge.shopifysvc.com/v1/produce
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.94.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.94.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://www.candydirect.com/
X-Monorail-Edge-Event-Created-At-Ms: 1715267469034
X-Monorail-Edge-Event-Sent-At-Ms: 1715267469034
X-Monorail-Edge-Client-Message-Id: cc890bd3-8248-40a2-b138-448ac994bf4a
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
via: 1.1 google
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 779a8d98-0d46-4805-913d-1cfa47b1cbe1

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 106ms
106ms Fetch 34.111.94.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monorail-edge.shopifysvc.com/v1/produce
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.94.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.94.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://www.candydirect.com/
X-Monorail-Edge-Event-Created-At-Ms: 1715267469034
X-Monorail-Edge-Event-Sent-At-Ms: 1715267469035
X-Monorail-Edge-Client-Message-Id: 3cca16ba-14f2-4a06-90e7-b07965a13cb8
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
via: 1.1 google
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: d21263bf-08fa-4319-809b-d3f6ffcbc0f6

POST
H3 200 produce
www.candydirect.com/.well-known/shopify/monorail/v1/ 0
809 B 156ms
155ms Ping
text/plain 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/.well-known/shopify/monorail/v1/produce

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=55.000067, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: b09c354e-b498-4f02-82c8-e5b623269cd8
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iClm6fHJOCn77LhPejzB%2B%2Fa4lr6tOk68HhcCyTdToRoNPbxXflFxXi%2BkAKpdeWgweX2kBiHk6LmfkDb5iO%2BfKKmlu1b7VASRWc0ngf12dVEn%2FlyAXE68rAPX8yA%2Bf%2FW1J%2BlcYcroqueFWCipsaZjLG0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.candydirect.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 88129ed26a985491-YYZ

GET
H3 200 favicon_32x32.jpg
www.candydirect.com/cdn/shop/files/ 1 KB
2 KB 133ms
132ms Other
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candydirect.com/cdn/shop/files/favicon_32x32.jpg?v=1613733879

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05baae2badf27ae7b94b5c8d4083ba3a4f86648642bb51c853cfc802e49cfb67

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
source-type: image/jpeg
server-timing: imagery;dur=80.648, imageryFetch;dur=48.649, imageryProcess;dur=31.252;desc="image", cfRequestDuration;dur=33.999920, ipv6
source-length: 23200
content-length: 1420
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 545226812
x-request-id: 1eb38509-57ac-4b5c-a5ba-9baf24893ba0-1714750741
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 May 2024 15:39:01 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gS0ATI2zHAfM%2Bw03Pc%2FX4CDCVkhjmHZo%2FMrmwDGsJca0eODKO0menY7TqHpEDoiwHpGr6iE68Zrzvp17XtJcGlDIwRIS6wTRcd9x1tkWi1GjAi7pvdRSIpsCk4cai%2FbBfSycsH7oRN%2FA0JsVgOrxLeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88129ed2daf05491-YYZ
x-sorting-hat-podid: 316

GET
H3 200 329.latest.en.1c7aae4401df0f1b91dc.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
83 KB 137ms
136ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/329.latest.en.1c7aae4401df0f1b91dc.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
server-timing: imagery;dur=53.278, imageryFetch;dur=26.275, cfRequestDuration;dur=40.999889, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 84655
x-xss-protection: 1; mode=block
x-request-id: 878d0032-6294-4876-bff5-3ca7f7b1f06f-1715114233
last-modified: Tue, 07 May 2024 20:37:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WRZj9bkIBjEc0BgjQj%2FHhKKGP%2BjNvN8i8881cdz%2B8H6Q7wJXAnjYC0jLWMraASZEuPx9ln63FomHsXEXrCMxoc6sPm8SoYO9258%2F%2BlcheoRe1WGc1rbDyinBenHFIAFZFpNf81AZTKWKH2TbUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/329.latest.en.1c7aae4401df0f1b91dc.js>; rel="canonical"
cf-ray: 88129ed3da56ac82-YYZ

GET
H2 200 qab_get_bars Show response
qab.hextom.com/ 50 B
248 B 560ms
191ms XHR
application/json 174.129.35.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qab.hextom.com/qab_get_bars?shop=candydirect.myshopify.com
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.35.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-35-13.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6f9472ea93d4c8d4128ceba92c3c91994b5e509554090896796b02f574c54edb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
server: nginx
vary: Accept-Language, Origin, Cookie
content-language: en
access-control-allow-origin: https://www.candydirect.com
content-type: application/json
access-control-allow-credentials: true
content-length: 50

GET
H/1.1 200
OK get_preferences Show response
poboxblocker.herokuapp.com/api/ 654 B
1 KB 107ms
105ms XHR
application/json 18.208.60.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://poboxblocker.herokuapp.com/api/get_preferences?shop=candydirect.myshopify.com
Requested by: Host: www.candydirect.com
URL: https://www.candydirect.com/cdn/wpm/ba144381aw75357604p183e4578m1913cbd7m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.60.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-60-216.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: a5be5cd5790533ef20b838769380fc11c616db8af93af2792f0bf8c2dee992ae

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.candydirect.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 09 May 2024 15:11:10 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
X-Powered-By: Express
Etag: W/"28e-Az4llp8IwEXnkL3sfox6RRQniX0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715267470&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=NW5qSDiqkxnbjpLmi2xN9aLztDmQt%2FUGc8majp%2BTstM%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 654
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1715267470&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=NW5qSDiqkxnbjpLmi2xN9aLztDmQt%2FUGc8majp%2BTstM%3D

OPTIONS
H/1.1 204
No Content get_preferences
poboxblocker.herokuapp.com/api/ Frame 0
0 558ms
105ms Preflight 18.208.60.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://poboxblocker.herokuapp.com/api/get_preferences?shop=candydirect.myshopify.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.60.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-60-216.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.candydirect.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Thu, 09 May 2024 15:11:09 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715267469&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Wqr1XMreBVCMstjoVMgi9jW5mfzJ48LUyFFTGfxSwgs%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1715267469&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Wqr1XMreBVCMstjoVMgi9jW5mfzJ48LUyFFTGfxSwgs%3D
Server: Cowboy
Vary: Access-Control-Request-Headers
Via: 1.1 vegur
X-Powered-By: Express

GET
H3 200 49.latest.en.e09a5108f509ef00751b.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
46 KB 148ms
148ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/49.latest.en.e09a5108f509ef00751b.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
server-timing: imagery;dur=53.663, imageryFetch;dur=25.570, cfRequestDuration;dur=46.000004, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 46406
x-xss-protection: 1; mode=block
x-request-id: 026d5823-bc4a-486e-9da9-8870183ec429-1715175074
last-modified: Wed, 08 May 2024 13:31:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vkmodl7Err4BmTYbyxDKK1OCqxN2%2FoOEiyTX1M8NfgTga%2Bwda%2B7VuWdIVodtbmFLhBPv%2ByMbGYyS7kA7jMdzhJ4a%2BjoDulqzBqclmeLYhBsCw%2BSxu10KeAI21UP63jeHEm5Is0QDRFiG%2FG1x1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/49.latest.en.e09a5108f509ef00751b.js>; rel="canonical"
cf-ray: 88129ed68d31ac82-YYZ

GET
H3 200 180.latest.en.76349392f2a7bbeb2c64.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
19 KB 140ms
136ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/180.latest.en.76349392f2a7bbeb2c64.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
server-timing: imagery;dur=219.167, imageryFetch;dur=28.529, cfRequestDuration;dur=42.000055, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 19139
x-xss-protection: 1; mode=block
x-request-id: 8d23a7bc-deb2-45a6-ad71-a57a370110e2-1715114234
last-modified: Tue, 07 May 2024 20:37:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ex%2F1zIFtTA8C71G343bGW8RT4EU%2Bpt7CWQIvB%2F3LNciY%2FSd2SMvYJVckVqc%2FFPuFf%2BvfQE6PfCgAeIWb%2FEk9MV4srHgCM%2FhaowqBZ30HYaP0FaytZ7IjDPzHLdl2LxuaS%2Fa9qtwrWstUgCstmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/180.latest.en.76349392f2a7bbeb2c64.js>; rel="canonical"
cf-ray: 88129ed94ff5ac82-YYZ

GET
H3 200 app.latest.en.c4b0e71d0facf8124ffd.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
271 KB 129ms
128ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.c4b0e71d0facf8124ffd.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
server-timing: imagery;dur=60.874, imageryFetch;dur=32.529, cfRequestDuration;dur=33.999920, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 276203
x-xss-protection: 1; mode=block
x-request-id: 0bc75d05-0794-4954-9142-9565d63aea6b-1715249234
last-modified: Thu, 09 May 2024 10:07:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5kc87dfrHEK53f1B5lwDLqM8o%2BMpqmbqYYrmJpRDDNPV60mtt3TlYRj%2Bywpg1DwSINBwS2UUrCXEwRXTXGqrolQgY4Jwde1x0RGTuFdK7KgtcI4YRfPtc2EN2xmcRPbxVCjQ7%2BAPP1QB1tDeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.c4b0e71d0facf8124ffd.js>; rel="canonical"
cf-ray: 88129eda38f2ac82-YYZ

GET
H3 200 912.latest.en.41a63345ce3b8fab9650.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
975 B 138ms
137ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/912.latest.en.41a63345ce3b8fab9650.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
server-timing: imagery;dur=26.680, imageryFetch;dur=18.111, cfRequestDuration;dur=40.999889, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 190
x-xss-protection: 1; mode=block
x-request-id: e3f574e4-326e-4154-8825-41f674d61bcf-1715114235
last-modified: Tue, 07 May 2024 20:37:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ooj6D7%2B0get5bEgcBLLvMhsy7bb0SHYmXAaXZxIGorsG0Mfb6MFcRS1BucjZSg0YxnMCMWeMqyL%2FyY6sNkctG4COvyH5Ml%2FeaBshG3K%2F03OurWsEX12Zzb1qkEmCKE4IYBJ%2BbAVhz4mLxv0kyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/912.latest.en.41a63345ce3b8fab9650.js>; rel="canonical"
cf-ray: 88129edd2c05ac82-YYZ

GET
H3 200 467.latest.en.8bd2a8c5bb4f59bdf84a.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
4 KB 133ms
131ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/467.latest.en.8bd2a8c5bb4f59bdf84a.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
server-timing: imagery;dur=55.933, imageryFetch;dur=45.052, cfRequestDuration;dur=37.000179, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 2901
x-xss-protection: 1; mode=block
x-request-id: dd29f84e-8c6b-4f5d-87ae-6bb7dadb7f3b-1715114235
last-modified: Tue, 07 May 2024 20:37:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPu7tgnjMjX8kNWtiCpt6mwLb53vDIE386ZRGKKoD45kPl1hCN%2BPyJsvm86%2FYIp%2F7zXMiHtF6ECuo69GhyUPVNTQon7a%2FMloppj7b7BIKTPA3Ccwna%2B8pwOizgqtR6kvZEhA7xiNBoENP6sZow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/467.latest.en.8bd2a8c5bb4f59bdf84a.js>; rel="canonical"
cf-ray: 88129ede0d17ac82-YYZ

GET
H3 200 598.latest.en.a026ef31c29fb326ed90.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
32 KB 137ms
136ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/598.latest.en.a026ef31c29fb326ed90.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
server-timing: imagery;dur=39.009, imageryFetch;dur=20.274, cfRequestDuration;dur=39.000034, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 32392
x-xss-protection: 1; mode=block
x-request-id: c7328f07-358d-47ca-a7e4-4dbb40468ba5-1715114235
last-modified: Tue, 07 May 2024 20:37:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSfICPxS6SePteHBFAz%2BtLrziJ6Y%2BL54oJqaB8G3XHmuFNSgUwRz%2F7GW08BpWeuralIRSwy15rSz01ayQj60UFLS5VZjQy1QpCy%2BVJj99S%2Bq6cTWxmKvD5lHIdxI6UxQGA304L1hHGQHHMLAmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/598.latest.en.a026ef31c29fb326ed90.js>; rel="canonical"
cf-ray: 88129edf7e80ac82-YYZ

GET
H3 200 766.latest.en.0362c7314cf59cfee7d4.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
940 B 145ms
142ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/766.latest.en.0362c7314cf59cfee7d4.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
server-timing: imagery;dur=24.894, imageryFetch;dur=16.195, cfRequestDuration;dur=36.999941, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 159
x-xss-protection: 1; mode=block
x-request-id: 391d9852-0c30-4c32-a8bf-d7296be9c86b-1715114235
last-modified: Tue, 07 May 2024 20:37:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMDoaCHqBAD1K%2BNjVBJryQBdABC0Y5vZy9NKoEs8DryUBxQIlpsA0MblxdzVV9aaKzPA5xFA0B4VXWW9vuf71t6bGbJqnXuH1jFUkifQcia1byBd0klOVbaxT1nsZc25aGui4gE2vOLj2mc2Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/766.latest.en.0362c7314cf59cfee7d4.js>; rel="canonical"
cf-ray: 88129ee06f6aac82-YYZ

GET
H3 200 128.latest.en.156edc4543e0eee48595.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
40 KB 148ms
145ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/128.latest.en.156edc4543e0eee48595.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
server-timing: imagery;dur=37.869, imageryFetch;dur=21.829, cfRequestDuration;dur=44.999838, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 39971
x-xss-protection: 1; mode=block
x-request-id: 94a4bb06-f046-4c91-920d-37c1bde62a21-1715249234
last-modified: Thu, 09 May 2024 10:07:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aeBP96OBsyEqcCeqmM8tvN7ACoVyS7qwOPMt%2BM9Lo2ed3jdwkR%2BN5fi0iee9nQc1Rfp7kEIX%2FvjLRn62Vtd0UzSVVK1EqpnXQW6zHTQEPKdoth6961F%2BBdza3MnfyLZWkHnPBF4XBe7t%2F7av3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/128.latest.en.156edc4543e0eee48595.js>; rel="canonical"
cf-ray: 88129ee16898ac82-YYZ

GET
H3 200 660.latest.en.6527d18163cebcbea26e.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
6 KB 142ms
141ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/660.latest.en.6527d18163cebcbea26e.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
server-timing: imagery;dur=63.385, imageryFetch;dur=34.557, cfRequestDuration;dur=46.000004, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 5106
x-xss-protection: 1; mode=block
x-request-id: 1194bfeb-0140-4c00-acfe-3bae3ea8bb36-1715189565
last-modified: Wed, 08 May 2024 17:32:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2B1FtVQpZ2JLITXDQ1lvivpr79kbRHtpuHWl88bU54OwtAN7qBWbjKVROexOZT%2FiNy36K2NpuHgc6bPxNOw5xuAWLUkgqVPThrtNOQSqUsZ57awqm9eAvPLY1nD7ktj9RvkoTR4M0yPAXJ1uAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/660.latest.en.6527d18163cebcbea26e.js>; rel="canonical"
cf-ray: 88129ee3fb83ac82-YYZ

GET
H3 200 OnePage.latest.en.7b9dd748eba323f72f19.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
158 KB 148ms
148ms Other
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.7b9dd748eba323f72f19.js

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
server-timing: imagery;dur=73.440, imageryFetch;dur=31.794, cfRequestDuration;dur=52.999973, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 161379
x-xss-protection: 1; mode=block
x-request-id: 09eea99f-6e4c-4c8f-8920-6d2a3d9d8450-1715249235
last-modified: Thu, 09 May 2024 10:07:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OjFCftffN9xFXHHLONOhLwkrYfqLdb3Aam4dbajDq8SezoquQmMpnn15cpXCp92%2FB9iRioixgfsI%2F8QR5t%2BSDe6%2Fq505zhAHUp%2FPTlgpBFayPF6QQhpm0ZY7Gw3ESpaX%2FhPqeDUuu34b3yrFRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.7b9dd748eba323f72f19.js>; rel="canonical"
cf-ray: 88129ee4dc80ac82-YYZ

GET
H3 200 329.latest.en.984415a5e42e39e1440c.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
25 KB 147ms
146ms Other
text/css 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/329.latest.en.984415a5e42e39e1440c.css

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
server-timing: imagery;dur=41.391, imageryFetch;dur=21.488, cfRequestDuration;dur=52.000046, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 24823
x-xss-protection: 1; mode=block
x-request-id: 1e7c2743-fb3e-4331-a328-bd6c074d4746-1715114236
last-modified: Tue, 07 May 2024 20:37:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Ca2Kvkwl7ha2mqSqGAlw6W0MYjqu7M%2FbqZEO8AlQH%2FNYP5cIyPgRxwbw1w1ee5OmVEw17Fm2Jf37lQ7JBmOwQ8vqggngijI1OLghPY2ByLSTQxKH1WjUXbd%2BdVslttR2jIEQBdzFPLstiivdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/329.latest.en.984415a5e42e39e1440c.css>; rel="canonical"
cf-ray: 88129ee70f16ac82-YYZ

GET
H3 200 app.latest.en.7cb816443ebc83362061.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
4 KB 107ms
107ms Other
text/css 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.7cb816443ebc83362061.css

Requested by

Host: www.candydirect.com
URL: https://www.candydirect.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.candydirect.com/
Origin: https://www.candydirect.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 15:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 76795
server-timing: imagery;dur=60.358, imageryFetch;dur=20.892, cfRequestDuration;dur=13.000011, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 3540
x-xss-protection: 1; mode=block
x-request-id: 841e30ed-fdcc-4e6a-b4d3-87f2d548e51c-1714753933
last-modified: Fri, 03 May 2024 16:32:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ut3Uy385M50z4jJd%2FSOAijDTmgBtAl2%2Fb9CfFWTWT0DgH5Gr6Y%2FMyvwa3QSgFQgP9P4Et3uCIH8axZqINrKA1EoHKqPS3Zymd5eGmM7%2FJVXd9zBe0mcm2ocEB%2BQiLL1AU5uiD2hK00Ttiy355Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.7cb816443ebc83362061.css>; rel="canonical"
cf-ray: 88129ee8a8cfac82-YYZ

GET 268.latest.en.6726c98a717980c43e79.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-meteor.heliumdev.com
URL: https://cdn-meteor.heliumdev.com/embed/3.2.0/meteor.js?api_key=28c92c4ae96e94fce8b81dfcc05e15ecf0ac85206285f3f67cd7df3c097bd2a8

Domain: cdn-meteor.heliumdev.com
URL: https://cdn-meteor.heliumdev.com/embed/3.2.0/meteor.css?api_key=28c92c4ae96e94fce8b81dfcc05e15ecf0ac85206285f3f67cd7df3c097bd2a8

Domain: cdn-meteor.heliumdev.com
URL: https://cdn-meteor.heliumdev.com/embed/3.2.0/meteor.css?api_key=28c92c4ae96e94fce8b81dfcc05e15ecf0ac85206285f3f67cd7df3c097bd2a8

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/checkout-web/assets/268.latest.en.6726c98a717980c43e79.css

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.candydirect.com/	1970-01-21 05:13:23	Name: secure_customer_sig Value:
www.candydirect.com/	1970-01-21 05:13:23	Name: localization Value: CA
www.candydirect.com/	1970-01-20 20:47:57	Name: cart_currency Value: USD
.candydirect.com/	1970-01-20 20:29:13	Name: _cmp_a Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.candydirect.com/	1970-01-21 05:13:23	Name: _tracking_consent Value: %7B%22region%22%3A%22CAQC%22%2C%22reg%22%3A%22%22%2C%22con%22%3A%7B%22CMP%22%3A%7B%22p%22%3A%22%22%2C%22s%22%3A%22%22%2C%22m%22%3A%22%22%2C%22a%22%3A%22%22%7D%7D%2C%22v%22%3A%222.1%22%7D
.candydirect.com/	1970-01-21 05:13:23	Name: _shopify_y Value: 74bda804-2a40-49a7-9e05-0bff7bd15e4b
.candydirect.com/	1970-01-20 20:47:57	Name: _orig_referrer Value:
.candydirect.com/	1970-01-20 20:47:57	Name: _landing_page Value: %2F
www.candydirect.com/	1969-12-31 23:59:59	Name: receive-cookie-deprecation Value: 1
www.candydirect.com/	1970-01-21 06:03:47	Name: _omappvp Value: Txbmbm8xSr8uT33m8La5pfcIrCpfOW3MP2TudHCbD6ADh6K7HqRll3fYB0idY1kL3Im8lSjj5wDnjlJWqgF9GMlGLrxBdg7E
www.candydirect.com/	1970-01-20 20:27:48	Name: _omappvs Value: 1715267463909
www.candydirect.com/	1970-01-20 20:27:51	Name: shopify_pay_redirect Value: pending
.candydirect.com/	1970-01-20 22:37:23	Name: _gcl_au Value: 1.1.735826616.1715267464
.candydirect.com/	1970-01-20 20:27:49	Name: _shopify_s Value: d64e59db-2a9c-42a7-a686-4f8d658e604b
.candydirect.com/	1970-01-20 20:27:49	Name: _shopify_sa_t Value: 2024-05-09T15%3A11%3A04.484Z
.candydirect.com/	1970-01-20 20:27:49	Name: _shopify_sa_p Value:
www.candydirect.com/	1970-01-20 21:10:59	Name: Fera.Api.ServerNum Value: 1
www.candydirect.com/	1970-01-21 06:03:47	Name: banana_stand_visitor_id Value: 1ddb843c-731d-46d2-8151-7129c840ce67
www.candydirect.com/	1970-01-21 06:03:47	Name: __kla_id Value: eyJjaWQiOiJPREEzTmpjMk1qSXRZak0wWXkwMFlUUmxMV0psTldFdFpqTmpOMlF6TnpJNFpqVmwiLCIkcmVmZXJyZXIiOnsidHMiOjE3MTUyNjc0NjUsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmNhbmR5ZGlyZWN0LmNvbS8ifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MTUyNjc0NjUsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmNhbmR5ZGlyZWN0LmNvbS8ifX0=
.candydirect.com/	1970-01-21 06:03:47	Name: _ga_S1KTWY4VN3 Value: GS1.1.1715267465.1.0.1715267465.0.0.0
.candydirect.com/	1970-01-20 20:29:13	Name: _uetsid Value: 5b6048500e1611ef9f81f57bde148af2
.candydirect.com/	1970-01-21 05:49:23	Name: _uetvid Value: 5b6075500e1611efb55c85b0ca99a5bc
.candydirect.com/	1970-01-21 06:03:47	Name: _ga Value: GA1.2.797453991.1715267465
.candydirect.com/	1970-01-20 20:29:13	Name: _gid Value: GA1.2.1806392196.1715267466
.candydirect.com/	1970-01-20 20:27:47	Name: _gat Value: 1
.bing.com/	1970-01-21 05:49:23	Name: MUID Value: 29E1B8A59B18696C13F8ACDF9AB26810
.bat.bing.com/	1970-01-20 20:37:52	Name: MR Value: 0
www.candydirect.com/	1969-12-31 23:59:59	Name: qab_previous_pathname Value: /
www.candydirect.com/	1970-01-20 20:27:49	Name: keep_alive Value: 83cf81ff-33fc-4c42-a870-06dcc9df9e61

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://www.candydirect.com/(Line 4809) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
intervention	info	URL: https://www.candydirect.com/(Line 4809) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
intervention	info	URL: https://www.candydirect.com/(Line 4809) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
intervention	info	URL: https://www.candydirect.com/(Line 4809) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
intervention	info	URL: https://www.candydirect.com/ Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.candydirect.com/cdn/shop/t/15/assets/icons.woff?v=159737922959752215011611685899
intervention	info	URL: https://www.candydirect.com/ Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
intervention	info	URL: https://www.candydirect.com/ Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
network	error	URL: https://api.omappapi.com/v2/embed/10649?d=candydirect.com Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://www.candydirect.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.candydirect.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
a.omappapi.com
api.fera.ai
api.omappapi.com
api0.fera.ai
apis.google.com
bat.bing.com
candydirect.myshopify.com
cdn-meteor.heliumdev.com
cdn.equalweb.com
cdn.fera.ai
cdn.hextom.com
cdn.shopify.com
cdnjs.cloudflare.com
chimpstatic.com
d23dclunsivw3h.cloudfront.net
d3ox8tdk614ykk.cloudfront.net
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
geo.bananastand.io
maxcdn.bootstrapcdn.com
monorail-edge.shopifysvc.com
pay.shopify.com
poboxblocker.herokuapp.com
qab.hextom.com
shop.app
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
www.candydirect.com
www.google-analytics.com
www.googletagmanager.com
cdn-meteor.heliumdev.com
cdn.shopify.com
151.101.194.133
151.101.2.133
151.101.66.133
169.150.236.98
174.129.35.13
18.208.60.216
23.205.33.42
2600:9000:2191:dc00:1:427b:a440:93a1
2600:9000:24f5:fe00:2:6020:4100:21
2600:9000:269f:2600:3:6639:8f40:93a1
2606:4700:10::6816:3466
2606:4700:10::ac43:727
2606:4700:20::681a:c5f
2606:4700:3108::ac42:2af8
2606:4700:4400::6812:2889
2606:4700::6811:180e
2606:4700::6812:acf
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c07::65
2607:f8b0:4004:c19::61
2607:f8b0:4004:c19::9c
2607:f8b0:4004:c1b::65
2607:f8b0:4004:c21::5e
2620:127:f00f:e::
2620:127:f00f:ff00::
2620:127:f00f:ff01::
2620:1ec:c11::237
34.111.94.218
37.19.207.34
54.157.4.65
05baae2badf27ae7b94b5c8d4083ba3a4f86648642bb51c853cfc802e49cfb67
07c9e3146263834e2eb82ad31480b9efbd6e9e5228326492295ac4b021ef0b40
0a5f4bc9369dcc8dea6b49803e6c7d3a11c507b8c0b8b4a6f7a6047592d6e2ca
0b161bff030bb7d9d7128fd5902566ab087e590bc341fa81ff07205ae6d31b21
0b63fb740625c29d4631ec22e749812789a97fb882f3c424eb4cd995536a6557
0d47dbbac748871e5314dc3f196d618bd32e3f102be480b8dc6fdfe2690d676e
0faa4f2bae50a0e4c9dfd5fe7b68f4b41423997a1f33e7cde44065cc965e3509
103944b82c4063fc7c44b330fa550414c30b6f7733a923457a6b159ac6b72c66
1150d4271819752a2517079db4634dda7e034359c1691af25a55c8a3a54294e1
179ee11fc7f6f5855fe4af60c4ea2788e029a8b827ea1b2d2a0fae7a9276e6db
181332276dd0c0bd527c598cbc42dc34a6d0be9120b37e615d3b9202e25f95e9
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
18e71b5974ffe2e85d8ba0c918c6860f353edb174bc67214d5e3f179b353af27
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21aeb0462fca72e1e0425892fe9b0379293c76aeb25b024c0138a6ae3ac1a725
268dc7e887fee1abf2441f4acf2f253f6b3f657dffecd555b2dca4f01baab352
26b5cc4dac832a65e469a8fb454b8ea03967dad318c66c8e08b64a994e38d511
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ffa93bde60be95edfabfb1c8d51e1fcf12529a5b2912b660208d3085ceecdb4
313a577ef6744c21e3bab1621dc091462c546b0f04ecb67dea4c040b4f12c760
31ccef9236a21b8c7fa5bd45028b27e8f67a9ba0cb1620d2c8113f51fb5ccab7
32bdd920f4c76736a77c4e2493b7a8a1586adf891f6b22aef65a9f550b3c9100
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
3e27aa13441d103329a705eb4f349942bead5855f75b92a4c91572175ccddde8
42634ea8d3fec2fb326cce895004d3c43cab43169d5166794fcf65e78c99707f
43c44b167b1dfb5874df43cc90b4e035a7b1f89e7642e705d0424fc0bbd5d8c6
43d03e3a26f3e486d60a35e6902123f372c5402f035995d665f73eabdf2a8813
43f6a54c15a5a393fc5efd300bc0a34b2016da6a1323593283852e0e0675161a
454ecc2332c60e9894a0cff210dd421e3e0b663dbe85373399362f077069853e
456bc140b3800bfa8705990bec075ebbf1c795e6c54d4678e597f6fb1988c76e
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
47b24b188b4204a1bc381310d6712d8a0569070139e27f6bf03f0ca11bb807ef
4e12e39ba64ffd82047d353b8c00a647717d78823b6681d23b7a9e069fa6c42b
50e1b5f212a1a01c2878cba50132c990d81667726d686361c175014abc0ee56d
53a85651866852f33fcaf1ee1eff6e5002e8dfe32e4dd49187007b3a7c1367ea
575c2b6df776713764435cbd2dba53ef88ec7d463ffcac05c78210aa6d91b458
577ef117d51962e42f9709b0fc1e2f59506590d3d7918fc1b878b4058526ec64
605492fb9c097b643864581ad2e0f08608769e3f5d7841ae7a797a2ffdb04efb
61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626
6236a7410710599bc88dae7964063a20bf36c16882b313d29fe1d332cd5ef88a
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c883c84e383e4ed19d5f5791e48fd3250d934ba9e7e87af82586d189a6a7210
6d541333555955c914fb9f228f4197c17125749e875b1dbd7b4db2163f64b1b4
6f9472ea93d4c8d4128ceba92c3c91994b5e509554090896796b02f574c54edb
73f15b4f49ab793e521ac0bb242445e36ff3b912e1d3fbbf01e35085dde606a1
74039bad28b87a629ad9b93724257f59183cdd2daf42eeab7abe1152e1e20cf9
7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b
75e5306935fa9ed4526275cbc0f83dce2de87359db9761595b877aaa57c869f0
77a283cdf9c8726a6cfcab1606ff9aafac8dff1e82ebd6ea6cee9d0f9b87a59c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f150ec7b0e174584b8735840dca1b41160c8cf9243333e09c4c78fd2a84bc2a
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
849e732a51bc624ebe86de5a5c50932e5d8c88618c5442e4d881b0f152001052
899f135ac7737be1e96189440a75632cc6e7bcacfed3bb5e5363e5a27aac21a7
8c77455d85a5950a2725c3bb8c34f4144a3b1f7f70ab3055d2639f191f127ab6
90818acda4b1d39a549b57056d0c6e254f45e33a3dc320eaec03d6e1e4654ac1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91aa9f564a3406a538e30f33cb38d95562b4a74e61a682f2872300841981d482
920e1736ea49bdb9d6ee3ffaf68ba619094bb41aa118607675e92a3bb64ba320
9227e35d3e884d7a908d021232b88602f7b5b0f5eb6622f9a75787a3c9461ecc
930afc05366d42830315fad580588774ca9ac13aeb7af1f2b040f350438ab20f
93ddf770b5afe1c715816c97ea16a560ec54b638ca6b1f6ebb86b336af60cb90
950b5ef4a751d78b0cebbb8ad6b1cd8dae5660e453246e3e662d06dd2c754e69
96925912485399570512eb697967206778f1d79682b47284d0decd88883de6b8
99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d
99ea9363eb16a7f9360d1f3c0fbba87d4467a5f8724a959d720f9e070070590a
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9dbc5ad156d6d9f834f0e7503864bbca0fe81cb5ddd879243fa51b5bd8dcbd1a
9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6
a5be5cd5790533ef20b838769380fc11c616db8af93af2792f0bf8c2dee992ae
a99d43a93c858eb62593ce5e99583f1b143bc7e3d25b883d320fce97dd9f42ed
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca
ac819b1c3df4313aec897cc8380fcca3e2a0b5552ef5e33ee01a5e8747d15141
ad8b63e4394588fe755da2f3d6b247c17f36009f00d31dca6b77e9bca3893af7
ae593a5f8d53cd5562b01aebf1f28f85080c4d1f96fea2fc4f15cd00ec5ac607
b0e7ca8e8fd251886b1f1f561b4a3a5879bd908b95b6a0182df0a44f3e1ca5d9
b218dd072f0d0300382ff8668b64f5c4341c1bb2686325390ea14e70e4231ac1
b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a
b4e544b010077ceacf159dfdf566b37d06f8ab3c151e9561720e392b8f1ea38e
b8bdb2ebceed37a8e08484d7e921836fb6d22128696a913a058e6c6f0f6284da
b8d208d9b9fd372e72dd4e6b50e05a544452683c875e1520c48c5c944efd2b47
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe
b96cb9e99498815ad206ca36704d8909716b785cd7c9893b0be1d8456fd2c839
bb148dd573ddd28ac38ebf7de9ed04030bfe44d5b60cc5dc1d3919e9dbb437ba
bb71883e245fc15c8cdef6af65cf3e9583a702a19b5e1a5a391d7390bd9dcc69
bf2f47871ddd4b065b3348d99b56bd4e77c54baa33813401c66b23e403ce9592
bfcf1b8b83e0fe2ecdfe84377e799659728bf22c15ead79e4f663ce7daf4fb4a
c00f534747c0a86072f771a7dfbd2cac81168981431c34a43275805b58d98c04
c1a8f2c0d50bdfa9becf079c24add122000c3fd1f727923d17a361497086fef6
c2451ed27c4c1cd8c7d6c4bba5cc1c5bccf5ee3c5b73e110a2e14b0a8c798b89
c389934a00076e755218050be01b5f4f40152a5a754bfe43aab9718b8e76574b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
c73f179788585447ec4a0a9d21da2882424b6c5d00d2649d96257f2e38c44845
c9adddcfcb55982684f6361752a8f77d8d76abf63187d75422f7952b049c4c1e
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
d0771422e1078b8f1cf5b4e978782d0acfaf8e252fc1163d67f84bf94490a981
d43e2542b9f0757f12ccaf9fe7a5f5d737c6e24b9d2e313d39a1383a7a8bf92f
d4e2860cf87fee269870c63775a805a20f4d7e39bba1955e5ecd72775afd59a6
d58fd319b63d6d79955e2942a91772cd946d06e454639b05f8576a4285c202db
daf9a96bfe750f334b9e4ac991922c2cc6fbd3cbeeceb47e8db52fd07d43bfdf
dbcbe5d1492e2efb05151c2c83d94545a51945a6a19c5a7cd41571bbf6201f53
dc07a11e55fdac80b7b1fd01097628a948c4bb0408460b21a605ab14d5f47ec4
dcd8d3f8ffadcc1c14443eb2cd1f7cf25670330115d3ef04f27154ffaffc5cbe
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb29fbadaac8354ad90df00165944019dbbe0f51421df636a96d16d5054c5ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e540a366e193decfcb551dd5d2eab2b299ca3b58f8c11e19596b82cf4736522a
e881d2b255ce09773d13b13427d5990b4eff960e7ef8b7f4fcc9e4f334829772
ede84f9c378b9cdb8c4fd1e5f39cde64e7fc52720035aa29397db302a044c051
f1898e77846f786c6d6e359626371e0cc1a22ce0c73574c216d76d6584ec8f31
f557e37f47de41ee26a6d4f257a0460e4fd095fd9f31f252c145140fa9d51969
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
fb2dbdb316742cbcfe3896917218500775bbe6291a077efac20da890072a0efc
feba9faac953cea584a5d5deb29674614f77f537050276d423922ecf40a22d19

www.candydirect.com Open in urlscan Pro 2620:127:f00f:e:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

97 %HTTPS

67 %IPv6

24 Domains

34 Subdomains

31 IPs

2 Countries

2678 kBTransfer

4969 kBSize

29 Cookies

1 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.candydirect.com Open in urlscan Pro
2620:127:f00f:e:: Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

97 %
HTTPS

67 %
IPv6

24
Domains

34
Subdomains

31
IPs

2
Countries

2678 kB
Transfer

4969 kB
Size

29
Cookies

158 HTTP transactions
3 data transactions