www.candyindustry.com Open in urlscan Pro
208.91.60.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.candyindustry.com/ext/resources/everyday/2020/plma-logo_web-2.jpg?1611768828
Effective URL:
https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-l...
Submission Tags: falconsandbox
Submission: On September 23 via api (September 23rd 2022, 7:04:25 pm UTC) from US — Scanned from DE

Summary HTTP 335 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 78 IPs in 13 countries across 63 domains to perform 335 HTTP transactions. The main IP is 208.91.60.92, located in United States and belongs to AS-NSI-GLOBAL, US. The main domain is www.candyindustry.com. The Cisco Umbrella rank of the primary domain is 599213.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 6th 2022. Valid for: a year.

This is the only time www.candyindustry.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	208.91.60.92 208.91.60.92	14244 (AS-NSI-GL...) (AS-NSI-GLOBAL)
6	2.20.72.124 2.20.72.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2.18.69.141 2.18.69.141	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
8	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2 10	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	18.66.123.144 18.66.123.144	16509 (AMAZON-02) (AMAZON-02)
1 3	142.251.39.70 142.251.39.70	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
8	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
11	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	151.101.2.27 151.101.2.27	54113 (FASTLY) (FASTLY)
1	35.84.93.102 35.84.93.102	16509 (AMAZON-02) (AMAZON-02)
3	172.64.137.32 172.64.137.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	52.222.149.91 52.222.149.91	16509 (AMAZON-02) (AMAZON-02)
3	52.40.56.16 52.40.56.16	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
7	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
15	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
9	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
2	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
5	63.33.112.133 63.33.112.133	16509 (AMAZON-02) (AMAZON-02)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
30	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
2 11	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	54.194.233.195 54.194.233.195	16509 (AMAZON-02) (AMAZON-02)
4	18.156.156.238 18.156.156.238	16509 (AMAZON-02) (AMAZON-02)
1	69.166.1.14 69.166.1.14	27630 (AS-XFERNET) (AS-XFERNET)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1 8	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.64.103.68 18.64.103.68	16509 (AMAZON-02) (AMAZON-02)
5	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 8	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.51.9.34 184.51.9.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223c:d800:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	103.229.206.241 103.229.206.241	() ()
1 1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
6 9	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 7	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.66.143.217 3.66.143.217	16509 (AMAZON-02) (AMAZON-02)
5 5	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	18.66.97.18 18.66.97.18	16509 (AMAZON-02) (AMAZON-02)
2 6	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	80.77.87.162 80.77.87.162	46636 (NATCOWEB) (NATCOWEB)
1	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	34.242.116.160 34.242.116.160	16509 (AMAZON-02) (AMAZON-02)
1	2.18.168.242 2.18.168.242	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	79.125.33.106 79.125.33.106	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2a05:d018:d29... 2a05:d018:d29:3601:ebd:fba0:5325:a4e6	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 7	52.46.155.104 52.46.155.104	() ()
1 1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	18.157.93.190 18.157.93.190	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	34.95.81.168 34.95.81.168	15169 (GOOGLE) (GOOGLE)
1 1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1	2606:4700::68... 2606:4700::6812:d4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
335	78

41 208.91.60.92 (United States) 1 redirects

ASN14244 (AS-NSI-GLOBAL, US)
PTR: candyindustry.com

www.candyindustry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.20.72.124 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-72-124.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.69.141 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-141.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.123.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-123-144.fra60.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.39.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f6.1e100.net

5120040.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 204.180.130.159 (Rolling Meadows, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.hbmp.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.getadcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.hbmp.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.84.93.102 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-93-102.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.137.32 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-91.cdg52.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.40.56.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-56-16.us-west-2.compute.amazonaws.com

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fb459d357ed2995bc03e8368aa7eb22d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.180.130.165 (Rolling Meadows, United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.42 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 63.33.112.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-112-133.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.233.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-233-195.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.156.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-156-238.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.103.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-68.txl50.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.75.86.98 (Istanbul, Turkey)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d800:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.241 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.75.240.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.143.217 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-143-217.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.56.137 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-18.fra56.r.cloudfront.net

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.116.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-116-160.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.168.242 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-242.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.33.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-33-106.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:ebd:fba0:5325:a4e6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.46.155.104 (None, ) 4 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.157.93.190 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-93-190.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	yahoo.com 6 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 858 c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 953 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	5 KB
41	candyindustry.com 1 redirects www.candyindustry.com — Cisco Umbrella Rank: 599213	1 MB
24	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 466 eus.rubiconproject.com — Cisco Umbrella Rank: 564 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910 pixel.rubiconproject.com — Cisco Umbrella Rank: 335 token.rubiconproject.com — Cisco Umbrella Rank: 667	34 KB
23	doubleclick.net 7 redirects 5120040.fls.doubleclick.net — Cisco Umbrella Rank: 579258 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	174 KB
18	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 479 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 dsum.casalemedia.com	15 KB
17	googlesyndication.com fb459d357ed2995bc03e8368aa7eb22d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	165 KB
16	criteo.com 4 redirects bidder.criteo.com — Cisco Umbrella Rank: 761 gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com — Cisco Umbrella Rank: 2876	18 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	648 KB
12	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 75	47 KB
10	amazon-adsystem.com 6 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232 s.amazon-adsystem.com	7 KB
10	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228 acdn.adnxs.com — Cisco Umbrella Rank: 611 secure.adnxs.com — Cisco Umbrella Rank: 432	24 KB
10	omeda.com olytics.omeda.com — Cisco Umbrella Rank: 22747 oqs.omeda.com — Cisco Umbrella Rank: 25632	78 KB
10	adsrvr.org 2 redirects insight.adsrvr.org — Cisco Umbrella Rank: 624 match.adsrvr.org — Cisco Umbrella Rank: 342	2 KB
9	adtelligent.com sync.adtelligent.com — Cisco Umbrella Rank: 4320 player.adtelligent.com — Cisco Umbrella Rank: 5896 ghb.adtelligent.com — Cisco Umbrella Rank: 5717	96 KB
9	mediafuse.com player.mediafuse.com — Cisco Umbrella Rank: 46295 player.hbmp.mediafuse.com — Cisco Umbrella Rank: 29250 ghb.hbmp.mediafuse.com — Cisco Umbrella Rank: 42852	182 KB
7	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 25383 eu-u.openx.net — Cisco Umbrella Rank: 1768 us-u.openx.net — Cisco Umbrella Rank: 396	2 KB
6	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433 ads.pubmatic.com — Cisco Umbrella Rank: 462 image8.pubmatic.com — Cisco Umbrella Rank: 607 image6.pubmatic.com — Cisco Umbrella Rank: 648	12 KB
5	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 754	1 KB
5	undertone.com hb.undertone.com — Cisco Umbrella Rank: 3371 cdn.undertone.com — Cisco Umbrella Rank: 6404 usr.undertone.com — Cisco Umbrella Rank: 3804	4 KB
5	360yield.com ad.360yield.com — Cisco Umbrella Rank: 683	2 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1571 m.addthis.com — Cisco Umbrella Rank: 1521 cw.addthis.com — Cisco Umbrella Rank: 2827	217 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 739	3 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 673	114 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	131 KB
4	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 3891 c1.adform.net — Cisco Umbrella Rank: 637	1 KB
4	creativecdn.com prebid-us.creativecdn.com — Cisco Umbrella Rank: 12794 prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6489	711 B
4	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 991	649 B
4	ad.gt a.ad.gt — Cisco Umbrella Rank: 3831 id.hadron.ad.gt — Cisco Umbrella Rank: 4243	7 KB
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 6903	7 KB
3	google.de 1 redirects adservice.google.de — Cisco Umbrella Rank: 9081	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 615 cdn.indexww.com — Cisco Umbrella Rank: 1381	2 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 463	1 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1006	416 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1065 contextual.media.net — Cisco Umbrella Rank: 559	9 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 831	169 B
2	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 5020	6 KB
2	getadcdn.com p.getadcdn.com — Cisco Umbrella Rank: 27574	27 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1652	32 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	1 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 833	623 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 3509	268 B
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 2448	181 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 728	759 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 394	708 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 513	338 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 331	98 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 511	434 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 593	191 B
1	admanmedia.com cs.admanmedia.com — Cisco Umbrella Rank: 1522	20 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 1099	191 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 423	494 B
1	mathtag.com 1 redirects sync.mathtag.com	643 B
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1504	938 B
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 658	230 B
1	boltdns.net cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 4940	37 KB
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9079	259 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1765	995 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	51 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 403	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
0	adxpremium.services Failed rtb.adxpremium.services Failed
335	63

	Domain	Requested by
41	www.candyindustry.com	1 redirects www.candyindustry.com
30	c2shb.pubgw.yahoo.com	player.hbmp.mediafuse.com
15	c2shb.ssp.yahoo.com	player.hbmp.mediafuse.com
11	securepubads.g.doubleclick.net	www.candyindustry.com securepubads.g.doubleclick.net www.googletagservices.com
10	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
9	cm.g.doubleclick.net	6 redirects eu-u.openx.net
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
9	fastlane.rubiconproject.com	player.hbmp.mediafuse.com
9	www.google.com	www.candyindustry.com www.gstatic.com www.google.com tpc.googlesyndication.com securepubads.g.doubleclick.net
8	gum.criteo.com	4 redirects static.criteo.net
8	ib.adnxs.com	1 redirects player.hbmp.mediafuse.com player.adtelligent.com cdn.undertone.com acdn.adnxs.com
8	olytics.omeda.com	www.googletagmanager.com www.candyindustry.com olytics.omeda.com
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	s.amazon-adsystem.com	4 redirects ssum-sec.casalemedia.com
7	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	www.gstatic.com	www.google.com www.gstatic.com
6	pixel.rubiconproject.com	2 redirects cdn.undertone.com eus.rubiconproject.com
6	ssum-sec.casalemedia.com	2 redirects cdn.undertone.com js-sec.indexww.com ssum-sec.casalemedia.com
6	mug.criteo.com
6	ghb.hbmp.mediafuse.com	player.hbmp.mediafuse.com
5	ups.analytics.yahoo.com	5 redirects
5	match.adsrvr.org	eu-u.openx.net cdn.undertone.com ssum-sec.casalemedia.com
5	onetag-sys.com	player.hbmp.mediafuse.com player.adtelligent.com
5	ad.360yield.com	player.hbmp.mediafuse.com
5	ghb.adtelligent.com	p.getadcdn.com player.hbmp.mediafuse.com
5	insight.adsrvr.org	2 redirects d1eoo1tco6rr5e.cloudfront.net 5120040.fls.doubleclick.net
4	pm.w55c.net	4 redirects
4	token.rubiconproject.com	4 redirects
4	eus.rubiconproject.com	player.hbmp.mediafuse.com eus.rubiconproject.com cdn.undertone.com
4	static.criteo.net	player.adtelligent.com player.hbmp.mediafuse.com static.criteo.net
4	www.googletagservices.com	olytics.omeda.com securepubads.g.doubleclick.net
4	btlr.sharethrough.com	player.hbmp.mediafuse.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	usr.undertone.com	cdn.undertone.com ssum-sec.casalemedia.com
3	us-u.openx.net	eu-u.openx.net cdn.undertone.com
3	eu-u.openx.net	player.hbmp.mediafuse.com eu-u.openx.net
3	prebid-eu.creativecdn.com	player.adtelligent.com
3	id.hadron.ad.gt	player.hbmp.mediafuse.com id.hadron.ad.gt
3	player.adtelligent.com	p.getadcdn.com player.hbmp.mediafuse.com player.adtelligent.com
3	api.fouanalytics.com	player.hbmp.mediafuse.com www.candyindustry.com api.fouanalytics.com
3	adservice.google.de	1 redirects securepubads.g.doubleclick.net
3	adservice.google.com	5120040.fls.doubleclick.net securepubads.g.doubleclick.net
3	5120040.fls.doubleclick.net	1 redirects www.candyindustry.com adservice.google.com
3	s7.addthis.com	www.candyindustry.com s7.addthis.com
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	dpm.demdex.net	1 redirects cdn.undertone.com
2	c1.adform.net	2 redirects
2	ads.pubmatic.com	player.hbmp.mediafuse.com
2	id5-sync.com	player.adtelligent.com player.hbmp.mediafuse.com
2	adx.adform.net	player.adtelligent.com
2	bidder.criteo.com	player.hbmp.mediafuse.com player.adtelligent.com
2	prebid.a-mo.net	player.hbmp.mediafuse.com
2	hbopenbid.pubmatic.com	player.hbmp.mediafuse.com
2	targeting.unrulymedia.com	player.hbmp.mediafuse.com
2	oqs.omeda.com	olytics.omeda.com
2	edge.api.brightcove.com	www.candyindustry.com
2	p.getadcdn.com	player.hbmp.mediafuse.com p.getadcdn.com
2	player.hbmp.mediafuse.com	player.mediafuse.com
2	ml314.com	www.candyindustry.com ml314.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	d1eoo1tco6rr5e.cloudfront.net	www.candyindustry.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	um.simpli.fi	1 redirects
1	euexchangesync.digitaleast.mobi	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	p.rfihub.com	1 redirects
1	secure.adnxs.com	1 redirects
1	px.ads.linkedin.com
1	image6.pubmatic.com	ads.pubmatic.com
1	beacon.krxd.net	cdn.undertone.com
1	idsync.rlcdn.com	cdn.undertone.com
1	tags.bluekai.com	cdn.undertone.com
1	cw.addthis.com	cdn.undertone.com
1	pixel-sync.sitescout.com	cdn.undertone.com
1	image8.pubmatic.com	cdn.undertone.com
1	cs.admanmedia.com	cdn.undertone.com
1	pixel.advertising.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	js-sec.indexww.com	player.hbmp.mediafuse.com
1	cdn.undertone.com	player.hbmp.mediafuse.com
1	acdn.adnxs.com	player.hbmp.mediafuse.com
1	contextual.media.net	player.hbmp.mediafuse.com
1	hb.undertone.com	player.hbmp.mediafuse.com
1	prebid-us.creativecdn.com	player.hbmp.mediafuse.com
1	apex.go.sonobi.com	player.hbmp.mediafuse.com
1	ads.yieldmo.com	player.hbmp.mediafuse.com
1	adtelligent-d.openx.net	player.hbmp.mediafuse.com
1	htlb.casalemedia.com	player.hbmp.mediafuse.com
1	prebid.media.net	player.hbmp.mediafuse.com
1	fb459d357ed2995bc03e8368aa7eb22d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cf-images.us-east-1.prod.boltdns.net	www.candyindustry.com
1	sync.adtelligent.com	www.candyindustry.com
1	a4p.adpartner.pro	1 redirects
1	a.ad.gt	player.hbmp.mediafuse.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	player.mediafuse.com	www.candyindustry.com
1	www.googletagmanager.com	www.candyindustry.com
1	z.moatads.com	s7.addthis.com
1	fonts.googleapis.com	www.candyindustry.com
0	rtb.adxpremium.services Failed	player.adtelligent.com
335	104

This site contains links to these domains. Also see Links.

Domain
bnp.dragonforms.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
bnpengage.com
www.clearseasresearch.com
www.dragonforms.com
www.myclearopinionpanel.com
www.bnpmedia.com
www.epublishing.com

Subject Issuer	Validity	Valid
candyindustry.com Go Daddy Secure Certificate Authority - G2	`2022-05-06` - `2023-05-06`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
player.mediafuse.com R3	`2022-09-17` - `2022-12-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
ml314.com GTS CA 1D4	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2022-06-24` - `2023-06-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
player.hbmp.mediafuse.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
ghb.hbmp.mediafuse.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
p.getadcdn.com R3	`2022-08-14` - `2022-11-12`	3 months	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-09` - `2022-11-08`	a year	crt.sh
player.adtelligent.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
id.hadron.ad.gt Amazon	`2022-08-24` - `2023-09-22`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.undertone.com Amazon	`2022-09-03` - `2023-10-01`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2022-04-21` - `2023-05-23`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
Frame ID: 59A26C0389EDAFB2D643C32DB001E36A
Requests: 164 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe
Frame ID: 1D042CD6B31A5BE0EDBD6856784376F0
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/9wnvf1m/iframe
Frame ID: 2C8CD12C0FA355A6FFB991127666EEBD
Requests: 2 HTTP requests in this frame

Frame: https://5120040.fls.doubleclick.net/activityi;dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168
Frame ID: ECEE4E511B50474D185766328E35B4B7
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 419599414CF7EB6A5970A822A1284948
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7B308EC30B05179ACC7154BEE1AB4572
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfz3doaAAAAAObCaLbv46XzjeK5RBJUFeJWmuRd&co=aHR0cHM6Ly93d3cuY2FuZHlpbmR1c3RyeS5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=jbj12l7wo9lg
Frame ID: B65ABE67F201404510E8BD06DD3158B0
Requests: 7 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/
Frame ID: A515C6CB97CFB25C606C0A7683F180FE
Requests: 1 HTTP requests in this frame

Frame: https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/
Frame ID: 861D38888CAE6492D0B93A0D35B98769
Requests: 2 HTTP requests in this frame

Frame: https://p.getadcdn.com/prebidlink/19258/j.html?i=11601
Frame ID: F963394D845B0D4F8376FA8F9044BE9C
Requests: 26 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfz3doaAAAAAObCaLbv46XzjeK5RBJUFeJWmuRd&co=aHR0cHM6Ly93d3cuY2FuZHlpbmR1c3RyeS5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=jbj12l7wo9lg
Frame ID: DB4B0F8B3FBCDB9BDB31B88F262FD2F6
Requests: 7 HTTP requests in this frame

Frame: https://fb459d357ed2995bc03e8368aa7eb22d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE2D72D1BE69303899D2E6006E02B7C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1A98682EE2C5B1B26952B5EDC3EB804C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8F85B587BFBBA63C5CBB76C0D1DB99C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Frame ID: 03E305C836F9042DA15C4D421354D9C6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Frame ID: 7D938F214B20F84624D7A6FF8F0D6B7B
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Frame ID: 6EF3ACA1278470719AAB5E1C085BC2DE
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.candyindustry.com
Frame ID: CA8D1B0DC9728403189132417A56E2C2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.candyindustry.com
Frame ID: 1449F8121EC68DE21D383A552AC255E5
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Frame ID: C429076E82F6AA195ACCEBCF45A653DF
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2I9ST&prvid=2034%2C173%2C294%2C251%2C175%2C178%2C255%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C337%2C338%2C70%2C97%2C55%2C99%2C77%2C2022%2C3012%2C182%2C3010%2C141%2C186%2C222%2C244%2C201%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 100735B65300B7B4EC0AB51363813D79
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663959858977&gdpr=0
Frame ID: EA3FF7465F6C1A2932D3C8514067311D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: 8B1912F63C83D881E50702B60D45B81A
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7E97487833B6B17AE2314B8C3949D2F0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: E7B117E67D5239A45E30CCC8ED528FE2
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: F01EBE6674A28596550E46F8E3BE31D7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Frame ID: 60FA8598A1E1475A9A317F0DA77073AE
Requests: 15 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6910A1A668D5E5B389EEF264762EBAB7
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: E37772BD3C3F73866DB79F45C1BDE7AD
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: B6692406EB3087662DD87F55819E6625
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 43380CC0B35835B80793A5E6A3D817CB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

| Candy IndustryCandy Industry logoCandy Industry logoCandy Industry logoCandy Industry logoCandy Industry logo

Page URL History Show full URLs

https://www.candyindustry.com/ext/resources/everyday/2020/plma-logo_web-2.jpg?1611768828 HTTP 302
https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Fever... Page URL

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

335
Requests

89 %
HTTPS

25 %
IPv6

63
Domains

104
Subdomains

78
IPs

13
Countries

3567 kB
Transfer

8439 kB
Size

71
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://bnp.dragonforms.com/init.do?pk=RSIGN&returnurl=https://www.candyindustry.com/user/postlogin?redirect=https://www.candyindustry.com/&omedasite=BNP7261_CANDYI528login
Title: Sign In

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/init.do?pk=RREGI&returnurl=https://www.candyindustry.com/user/postlogin?redirect=https://www.candyindustry.com/&omedasite=BNP7261_CANDYI528create
Title: Create Account

Search URL Search Domain Scan URL

URL: http://www.facebook.com/CandyIndustry
Title: facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/CandyIndustry
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/candy-industry
Title: linkedin

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/CandyIndustryMag
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/candyindustrymag

Search URL Search Domain Scan URL

URL: https://bnpengage.com/?oly_enc_id=
Title: Custom Content & Marketing Services

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/loading.do?pk=X.W.ENEWS&omedasite=CNDYeNews
Title: eNewsletters

Search URL Search Domain Scan URL

URL: https://www.clearseasresearch.com/
Title: Market Research

Search URL Search Domain Scan URL

URL: https://www.dragonforms.com/BNP7261_CANDYI528create
Title: Online Registration

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/loading.do?pk=X.W.ENEWS&_ga=2.247317316.1326165347.1623759322-1015507331.1559141011&omedasite=CNDYeNews
Title: SUBSCRIBE TODAY!

Search URL Search Domain Scan URL

URL: http://www.myclearopinionpanel.com/contact-us/
Title: Survey And Sample

Search URL Search Domain Scan URL

URL: http://www.bnpmedia.com/privacy?oly_enc_id=
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: http://www.bnpmedia.com/terms?oly_enc_id=
Title: TERMS & CONDITIONS

Search URL Search Domain Scan URL

URL: http://www.bnpmedia.com/do-not-sell?oly_enc_id=
Title: DO NOT SELL MY PERSONAL INFORMATION

Search URL Search Domain Scan URL

URL: http://www.bnpmedia.com/data-request?oly_enc_id=
Title: PRIVACY REQUEST

Search URL Search Domain Scan URL

URL: http://www.bnpmedia.com/accessibility?oly_enc_id=
Title: ACCESSIBILITY

Search URL Search Domain Scan URL

URL: http://www.epublishing.com/
Title: ePublishing

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.candyindustry.com/ext/resources/everyday/2020/plma-logo_web-2.jpg?1611768828 HTTP 302
https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://insight.adsrvr.org/tags/h83y0ff/v79hgpl/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe

Request Chain 37

https://insight.adsrvr.org/tags/h83y0ff/9wnvf1m/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/9wnvf1m/iframe

Request Chain 38

https://5120040.fls.doubleclick.net/activityi;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168 HTTP 302
https://5120040.fls.doubleclick.net/activityi;dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168

Request Chain 73

https://adservice.google.de/ddm/fls/i/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/ HTTP 302
https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/

Request Chain 91

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f69be05f-a27f-44d7-82d7-84e4a2c78b73

Request Chain 259

https://gum.criteo.com/sid/json?origin=publishertag&domain=candyindustry.com&sn=ChromeSyncframe&so=0&topUrl=www.candyindustry.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=auWusXxGR2IvMXQ3U0FVOEpVNko2U09vODBYbWxyK1ZhVU95Y2RmWnU2NEJsbEVwaDNDbFY0OW9aUW1TZERwQnRzUExXV3orcnRibjBGeWZiQ09aaFhaOE8wQnkxTC9mZ2x3OUhWZXhwWXpTSVVjTXJpNFh1L1RKdWQ0NHF2bjB6U0xDbjBROEF1MkRIRVlBdlh5d05Ta3dTUEs2cnhkZGE1VGlNRnEvU3ZHYVcvOGd3OVMrM3lGeUxKSGpOaWMwRzZjR01rM3J3UWJWcWcxL0dpQ1pHUGp2RUZJU3JhZS8xSm1LMlJDU2ZDMlVzK29WRDNKUXEzY0RReFJRVklZN04vYnBOSTczdVdsakIvWUJjQWZkWHZXNTgwK295akFYbEhJcWE4dlR3bWlqT3hYST18&cppv=2

Request Chain 260

https://gum.criteo.com/sid/json?origin=publishertag&domain=p.getadcdn.com&sn=ChromeSyncframe&so=0&topUrl=www.candyindustry.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XXTCE3xMRmpMMVJZQjNWc3JCcU1HNDc1REYzbkU4VUFETWU4TTNzdk5uZUs0UHZ0M2VmWW5GZFd6bEl5cHMwRjZzUGN6Y1VRdExQd3JqcnJGSFQyRW1NbVR6Q29iSkZNalVFeFU4eGNHN29LSmx2STZBK1NHeTgyb0JBUm54QUpKRkI0Vmd6NnBNY21PNVBQanUzRVNsT1FQY1hGVzdIOHBVQkxlVG11MEFzaWVrdVlueElvdXRGbFNVS1VzbnphVWc1UmdHUElaTmhlU21VdUM5aW1md05zS0ZwVmlxVEhMOEtCblBUSGpRa1FnM1VzYm1PQ1FhTWhrT0RlVWtpay9DQlhwTnM5UXB3blVIcklJUGxiZ3dTMjhhYmx2UzZmNVVMWUU1ak5ucGhvYlFpTT18&cppv=2

Request Chain 266

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.getadcdn.com%2F&domain=p.getadcdn.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ynR5HXxNbVphUUxxOGVLeTdlYnlEVmwyMEwyVkdleEdWNzE2OGdrdHNNMUw4TkJCMFNKcjRmRWN5NlQ5QUljWWhZa205YngvNGxMMFJvN25KUjdGakEwd3IwbWNjbW5MdG5ZV2tkQjBDT3kyUTBCOWNqeFBpZnlwTDRlazJNdGNaOWRmSnVSUmtGR1dwTXR5VU9kRFljaXVpOHV1aWlNcEp2N2tTSTRFdnhxVXVSSFJOUU9hb3hKOSt6Lzc3ODVsTy9yazhoeXYzZmJTdld2ZUljZmoxVjJ2Z1dBZDk2TzBVQTFRY21PWG9tQWwrRXlMWHpNS215dEZqYTEyejk4ditEWVIxNUtIRXNGNWRDU1lDNkZBeSs3VVNpMDk2clZ5eWtBN3AxM2VOT2ZZUmNJWT18&cppv=2

Request Chain 269

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.candyindustry.com%2F&domain=www.candyindustry.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=e79GjnxJVzh1cDltUGtMS0ErOWZVT0pnbjI1Sko1MHNxZWIxMU5NRTlGRU4yUGxlTzRrb2xVc3NENFBzRFhYYTd0TUh2UWU4L1l5VXhJeGVXMmxVVDUySjFvZ3VCSG9xYjRhMnJ0SEsxY0V5MzlFbFJydjB2QXAzVUtNMnFmZkplMjJXUk1uWGljUU1LbjYySlAzWFlwZ0lVV3V5WmRUZjNOY3FDN2pJcDR3cHlreVpHanlCSDlwTHpZaGh0aTFrY1NWZkZCU1cwSjlMS1NuZEdXUzJ3MHVlL1Fpb3NVSTV2OG1qRkJONkJHbkdqRkVXRU5VTEVDODRwSlBxNDkzTjhBU1RZR055ZElrZjFlWG9ZSVlzVVU4dWJGaXFXa1dxSWsycFJ4OUs0dzZvcndaYz18&cppv=2

Request Chain 280

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=81a2632e-0338-4100-a0fd-aa37e6fbf271

Request Chain 281

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=JhWAWiAVgQg9QIAJcUCfCyIThw89FNRacUfM8QLy

Request Chain 282

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1108591201733623016

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAbPPpGhs_poKyURXJCNTuU&google_cver=1

Request Chain 289

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 290

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 293

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-drEKiG5E2uF6CVb8iYYEnuxci3ap2asX~A

Request Chain 299

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yvJHLYNE2uEx0Fbw1OdJ9Yjoz_lEY7s2MmUDb7g-~A

Request Chain 301

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=asontlnljbj3s5izoq5bhzvxg HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=asontlnljbj3s5izoq5bhzvxg

Request Chain 305

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 306

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 309

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/cJe_uU3Ygtvad8lwX-G-X8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6598955516285035331

Request Chain 310

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPb94tIl5Ic0AT_yLlR4KdE&google_cver=1

Request Chain 311

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFVVFLQjgtMVctRVY0OA==&gdpr=0

Request Chain 312

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lwmS6bxiSr2z971Ls-cI5A&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lwmS6bxiSr2z971Ls-cI5A&gdpr=0

Request Chain 313

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EUQKB8-1W-EV48&gdpr=0

Request Chain 314

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRlOTE4ZjcwYTI0YmY4Y2JhNGEwYTJjZjg1NTEwYzBiYTYyYmUwZA&gdpr=0

Request Chain 315

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=k0kX0LySQYOTze2U7PVGhg&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=k0kX0LySQYOTze2U7PVGhg&gdpr=0

Request Chain 318

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB&dcc=t

Request Chain 319

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy4DOAKc9ifQEdetEb4mXQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEnjcKmv3xZawUJ4iBYWZ9E&google_cver=1

Request Chain 321

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAkrbJ-_tWIMitTH4vmE_1w&google_cver=1

Request Chain 322

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB

Request Chain 323

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4808211311686009560

Request Chain 324

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Uqo7oJra1OBNYk5

Request Chain 325

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322323187493404

Request Chain 328

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4DOAKc9ifQEdetEb4mXQAABH4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAkrbJ-_tWIMitTH4vmE_1w&google_cver=1

Request Chain 329

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOAKc9ifQEdetEb4mXQAABH4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOAKc9ifQEdetEb4mXQAABH4AAAAB&dcc=t

Request Chain 330

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy4DOAKc9ifQEdetEb4mXQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEnjcKmv3xZawUJ4iBYWZ9E&google_cver=1

Request Chain 331

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Uqo7oJra1OBNYk5

Request Chain 332

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664046264

Request Chain 333

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0c020316-ab1a-42c1-9f7b-4e9a845d192a

Request Chain 334

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EF42CBEC28B64BB1BB2998FA381B607F

335 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request gdpr-policy Show response
www.candyindustry.com/
Redirect Chain

https://www.candyindustry.com/ext/resources/everyday/2020/plma-logo_web-2.jpg?1611768828
https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

62 KB
15 KB

398ms
398ms

Document
text/html

208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

3e26ec3e47b10ffe85115534ae4c998b312945eff6bb8ca1f139570c54973569

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Allow-Ranges: bytes
Cache-Control: max-age=0, private, must-revalidate, private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 13480
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Sep 2022 19:04:13 GMT
ETag: W/"e63d493f425f529456672fc2dc062693"
Server: nginx
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
Via: 1.1 varnish
X-Cache: MISS
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Age: 0
Allow-Ranges: bytes
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 218
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Sep 2022 19:04:13 GMT
Location: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
Server: nginx
Strict-Transport-Security: max-age=31536000
Vary: User-Agent
Via: 1.1 varnish
X-Cache: MISS
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 1021ms
51ms Script
application/javascript 2.20.72.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.72.124 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-72-124.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 23 Sep 2022 19:04:15 GMT
x-host: s7.addthis.com
content-length: 116360

GET
H/1.1 200
OK application-v2.css
www.candyindustry.com/stylesheets/ 613 KB
85 KB 260ms
258ms Stylesheet
text/css 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/stylesheets/application-v2.css

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

a92186a3c971971a15650c67623f0e462a5b15a7d54abbd2c5963dad963bdd02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:14 GMT
Content-Encoding: gzip
Age: 872
X-Cache: HIT
Connection: keep-alive
Content-Length: 85993
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-995cb"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 206ms
74ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08f9e8e286ed0564d725061f60574e3e76f098f89751d0aad0de98301da6d857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 19:04:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 19:04:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 19:04:14 GMT

GET
H/1.1 200
OK candyindustry.css
www.candyindustry.com/ext/resources/ 212 B
766 B 130ms
126ms Stylesheet
text/css 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/ext/resources/candyindustry.css

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

375f8594a1eea3979e37ed1a4e61f2239c57ca767a019cdff65d4af52b98ce79

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:14 GMT
Via: 1.1 varnish
Age: 873
X-Cache: HIT
Content-Disposition: inline; filename="candyindustry.css"
Connection: keep-alive
Content-Length: 212
Last-Modified: Mon, 15 Apr 2019 19:19:51 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "5cb4d957-d4"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: text/css
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK jade.default.min.js Show response
www.candyindustry.com/javascripts/ 210 KB
71 KB 402ms
272ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/jade.default.min.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

353c29529b467e7e8efa556d7c03ae568f0771dbcde742b9b13999e725e3a3a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:14 GMT
Content-Encoding: gzip
Age: 872
X-Cache: HIT
Connection: keep-alive
Content-Length: 72027
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-349ea"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK application.js Show response
www.candyindustry.com/javascripts/ 13 KB
5 KB 366ms
122ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/application.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

5d5390021b664527475db46a22c7b5ef3f8de17386eadb46315978aa5c90954e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:14 GMT
Content-Encoding: gzip
Age: 718
X-Cache: HIT
Connection: keep-alive
Content-Length: 4332
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-34d3"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK CIN_ProductOfWeek_360-1.jpg
www.candyindustry.com/ext/resources/Static_Pages/custom-content/ 54 KB
54 KB 128ms
127ms Image
image/jpeg 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candyindustry.com/ext/resources/Static_Pages/custom-content/CIN_ProductOfWeek_360-1.jpg

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

f9f9a8bdccac44021ea79deaf42d67e0fb390c397db2584a7f4fce78e479f9dd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Via: 1.1 varnish
Age: 785
X-Cache: HIT
Content-Disposition: inline; filename="CIN_ProductOfWeek_360-1.jpg"
Connection: keep-alive
Content-Length: 55069
Last-Modified: Mon, 01 Jun 2015 20:27:52 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "556cc048-d71d"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/jpeg
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK EuropeList_360x184.png
www.candyindustry.com/ext/resources/Static_Pages/custom-content/ 97 KB
98 KB 159ms
159ms Image
image/png 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candyindustry.com/ext/resources/Static_Pages/custom-content/EuropeList_360x184.png

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

decc786f75e1141080763ea5cc20ea91a54590b215b08f2e44c2aad886e42241

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Via: 1.1 varnish
Age: 786
X-Cache: HIT
Content-Disposition: inline; filename="EuropeList_360x184.png"
Connection: keep-alive
Content-Length: 99765
Last-Modified: Mon, 06 Dec 2021 08:27:08 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "61adc95c-185b5"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/png
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK RFP-logo-notag-%282%29.png
www.candyindustry.com/ext/resources/Static_Pages/custom-content/ 17 KB
17 KB 250ms
249ms Image
image/png 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candyindustry.com/ext/resources/Static_Pages/custom-content/RFP-logo-notag-%282%29.png

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

a9ba6ec345921e872849636f3eb0931dddf65aaede90e939f7b68dbbff771e8e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Via: 1.1 varnish
Age: 786
X-Cache: HIT
Content-Disposition: inline; filename="RFP-logo-notag-(2).png"
Connection: keep-alive
Content-Length: 17033
Last-Modified: Mon, 21 Mar 2022 18:13:57 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "6238c065-4289"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/png
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
999 B 135ms
52ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lfz3doaAAAAAObCaLbv46XzjeK5RBJUFeJWmuRd

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aeffb7940a0b363ba72ec2b3f2cc5353e43aa6aad82d0e7344616877c9d08e31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 19:04:14 GMT

GET
H/1.1 200
OK CIN_ProductSubmissions_360.jpg
www.candyindustry.com/ext/resources/Static_Pages/custom-content/ 56 KB
56 KB 254ms
253ms Image
image/jpeg 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candyindustry.com/ext/resources/Static_Pages/custom-content/CIN_ProductSubmissions_360.jpg

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

c437b408d8c243c1910dde0d61a491db2f57e9be038fba1560648ba743d71634

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Via: 1.1 varnish
Age: 786
X-Cache: HIT
Content-Disposition: inline; filename="CIN_ProductSubmissions_360.jpg"
Connection: keep-alive
Content-Length: 57255
Last-Modified: Wed, 29 Jul 2015 19:45:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "55b92d4c-dfa7"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/jpeg
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 163ms
45ms Script
application/x-javascript 2.18.69.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-141.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:15 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=21969
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H/1.1 200
OK print.css
www.candyindustry.com/stylesheets/ 526 KB
74 KB 256ms
255ms Stylesheet
text/css 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/stylesheets/print.css

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

084ad72c56179326ac3f118964f5067663cd3e99353c41d0a2269c474a662fbe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 101
X-Cache: HIT
Connection: keep-alive
Content-Length: 75696
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-83831"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 143 KB
51 KB 136ms
53ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PV6W748

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5298b8c236032f5861c80c5e03f103c4463c055c499277f2fe3adeaf12999ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51787
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Sep 2022 19:04:15 GMT

GET
H2 200 wrapper_hb_302826_5902.js Show response
player.mediafuse.com/prebidlink/462211/ 2 KB
1 KB 699ms
320ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.mediafuse.com/prebidlink/462211/wrapper_hb_302826_5902.js
Requested by: Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 6dc1547411c270882ca329ebbb8676437acf8513670509d619e4306965e50493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:16 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 19:02:53 GMT
server: nginx
etag: W/"632e02dd-6e6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 25 Sep 2022 19:04:16 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 139ms
49ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.candyindustry.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:45:06 GMT
x-content-type-options: nosniff
age: 209949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:45:06 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.candyindustry.com/fonts/ 82 KB
82 KB 285ms
145ms Font
application/font-woff 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/fonts/fontawesome-webfont.woff?v=4.1.0

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/stylesheets/application-v2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.candyindustry.com/stylesheets/application-v2.css
Origin: https://www.candyindustry.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Via: 1.1 varnish
Age: 78404
X-Cache: HIT
Connection: keep-alive
Content-Length: 83760
Last-Modified: Tue, 20 Sep 2022 05:25:15 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "63294ebb-14730"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: application/font-woff
Cache-Control: public, max-age=31536000
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK add-this-toolbox.js Show response
www.candyindustry.com/javascripts/app/components/ 3 KB
2 KB 320ms
124ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/components/add-this-toolbox.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

4fda3ee207f446d23c68553d5cc01858cdaab99c03aa6aa9dc5d5de5568f34fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 171
X-Cache: HIT
Connection: keep-alive
Content-Length: 1022
Last-Modified: Tue, 20 Sep 2022 05:25:15 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebb-a4b"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK mobile-nav.js Show response
www.candyindustry.com/javascripts/app/ 3 KB
2 KB 240ms
126ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/mobile-nav.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

08853164eedfa60c07f77bb8d7162d0c8724eb87fde8333ed00876c9cba315ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 648
X-Cache: HIT
Connection: keep-alive
Content-Length: 1036
Last-Modified: Tue, 20 Sep 2022 05:25:15 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebb-caf"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK nav-quick-return.js Show response
www.candyindustry.com/javascripts/app/ 2 KB
1 KB 175ms
124ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/nav-quick-return.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

4b8985f4d14549d9b4f926bcd5e7834c70eeea6462c8557981bb61acb35bc545

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 32
X-Cache: HIT
Connection: keep-alive
Content-Length: 858
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-861"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK quick-search.js Show response
www.candyindustry.com/javascripts/app/ 2 KB
1 KB 130ms
130ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/quick-search.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

9a6bf0a6e2eb1b64d0823e7a6b41430390a384de43380f44a10e03f296bf5b93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 846
X-Cache: HIT
Connection: keep-alive
Content-Length: 792
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-75b"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK user-actions.js Show response
www.candyindustry.com/javascripts/app/ 1 KB
882 B 140ms
139ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/user-actions.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

ed809fc9518b8f5164e45e3da013e15feea32f290b91c5cff5c92cf61cbf0ce9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 723
X-Cache: HIT
Connection: keep-alive
Content-Length: 329
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-410"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK follow-scroll.js Show response
www.candyindustry.com/javascripts/app/ 10 KB
3 KB 139ms
139ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/follow-scroll.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

00fba0f0699a539ababcbfdbf562c25e809dbf5a78c02d5f7db18e691ae61785

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 538
X-Cache: HIT
Connection: keep-alive
Content-Length: 2385
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-263c"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK sponsored-content-help.js Show response
www.candyindustry.com/javascripts/app/ 2 KB
1 KB 125ms
125ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/sponsored-content-help.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

52aba7c806ca9e6af714856641bf87ebb2a715ef06200f6fb94085546320a8e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 880
X-Cache: HIT
Connection: keep-alive
Content-Length: 675
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-780"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK scrolldepth.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 5 KB
2 KB 123ms
122ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/scrolldepth.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

971895a58696405aa74aa2ae124dce6246ec181a7069f0eb1c5b11a47834a81f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 648
X-Cache: HIT
Connection: keep-alive
Content-Length: 1898
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-14a4"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK olytics-dfp.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 82 KB
23 KB 124ms
124ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/olytics-dfp.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

09c11d6e17eaddde5d9ab2f6a1b7ab5ca64560725300ba3289683d35d7cfb486

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Age: 880
X-Cache: HIT
Connection: keep-alive
Content-Length: 23296
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-147f0"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK dfp-ads.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 78 KB
22 KB 249ms
249ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/dfp-ads.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

a41ffe41c8b4dd417897c6692ea51d4f71e19354a6ac76345020e350ad0df7b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 84
X-Cache: HIT
Connection: keep-alive
Content-Length: 21812
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-13784"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK modify-dfp-targeting.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 4 KB
2 KB 124ms
123ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/modify-dfp-targeting.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

3f2d8877e2ff84854fa6ca7769bd070296adf7d21a8c0fc8856a54f97be536d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 83
X-Cache: HIT
Connection: keep-alive
Content-Length: 1699
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-f8b"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 153ms
82ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.candyindustry.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:47:36 GMT
x-content-type-options: nosniff
age: 209799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:47:36 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
18 KB 101ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.candyindustry.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:45:13 GMT
x-content-type-options: nosniff
age: 353942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17324
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 16:45:13 GMT

GET
H/1.1 200
OK selectize.min.js Show response
www.candyindustry.com/javascripts/vendor/ 41 KB
14 KB 132ms
131ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/vendor/selectize.min.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

0d63b07cee205cb37fa26cd0768764c2207c1e8eb9a2f194df10f303192f665f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 588
X-Cache: HIT
Connection: keep-alive
Content-Length: 13760
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-a551"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ 391 KB
157 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfz3doaAAAAAObCaLbv46XzjeK5RBJUFeJWmuRd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.candyindustry.com/
Origin: https://www.candyindustry.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 11:27:23 GMT

GET
H/1.1 200
OK full.png
www.candyindustry.com/ext/resources/Static_Pages/custom-content/ 126 KB
126 KB 125ms
125ms Image
image/png 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candyindustry.com/ext/resources/Static_Pages/custom-content/full.png

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

f865146d0eb8e5f82cdbbc9af70864ba0fcc75ec76806bdc5d97d23669a80aee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Via: 1.1 varnish
Age: 676
X-Cache: HIT
Content-Disposition: inline; filename="full.png"
Connection: keep-alive
Content-Length: 128923
Last-Modified: Mon, 21 Mar 2022 18:14:11 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "6238c073-1f79b"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/png
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK cin_imageoverlay_cin_overlay-1_1.jpg
www.candyindustry.com/ext/resources/2020/11/25/ 481 KB
482 KB 126ms
125ms Image
image/jpeg 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candyindustry.com/ext/resources/2020/11/25/cin_imageoverlay_cin_overlay-1_1.jpg?1606316250

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

5687b089ad967f96d68c56553b5b3d248056d8113db5011e8002707606e7d74d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Via: 1.1 varnish
Age: 78401
X-Cache: HIT
Content-Disposition: inline; filename="cin_imageoverlay_cin_overlay-1_1.jpg"
Connection: keep-alive
Content-Length: 492665
Last-Modified: Wed, 25 Nov 2020 14:57:30 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "5fbe70da-78479"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/jpeg
Cache-Control: max-age=86400, public
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes
Expires: Fri, 23 Sep 2022 21:17:35 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 148ms
95ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.candyindustry.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:04:57 GMT
x-content-type-options: nosniff
age: 359958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 15:04:57 GMT

GET
H/1.1 200
OK natural-food.jpg
www.candyindustry.com/ext/resources/images/2019/thumb/ 44 KB
44 KB 245ms
245ms Image
image/jpeg 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candyindustry.com/ext/resources/images/2019/thumb/natural-food.jpg?1553181875

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

add12b8d5a57c99cb51768e0272128c84e2f6eb2ea73de6a813dba4243ab36a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Via: 1.1 varnish
Age: 78365
X-Cache: HIT
Content-Disposition: inline; filename="natural-food.jpg"
Connection: keep-alive
Content-Length: 44956
Last-Modified: Thu, 21 Mar 2019 15:24:35 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "5c93acb3-af9c"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/jpeg
Cache-Control: max-age=86400, public
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes
Expires: Fri, 23 Sep 2022 21:18:10 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/ Frame 1D04
Redirect Chain

https://insight.adsrvr.org/tags/h83y0ff/v79hgpl/iframe
https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe

133 B
663 B

129ms
39ms

Document
text/html

18.66.123.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe
Requested by: Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.123.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-123-144.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8132a9d2e685a073675485064e57fd21ef1f6c6d04ab456d992e5bff7782567

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 48807
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 133
Content-Type: text/html
Date: Fri, 23 Sep 2022 05:30:49 GMT
ETag: "f1538c2bff150b29cbb7724d0ad1bd54"
Last-Modified: Sat, 02 Oct 2021 00:04:48 GMT
Server: AmazonS3
Via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
X-Amz-Cf-Id: fm0MVLqrykE54YScNQK1Mk2STgimv3iqGX2_U9tOwdocA7y_M3slAw==
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:04:15 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/h83y0ff/9wnvf1m/ Frame 2C8C
Redirect Chain

https://insight.adsrvr.org/tags/h83y0ff/9wnvf1m/iframe
https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/9wnvf1m/iframe

138 B
668 B

128ms
38ms

Document
text/html

18.66.123.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/9wnvf1m/iframe
Requested by: Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.123.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-123-144.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4dad7543ce7e0d43663c42300d4f6bce21025680bcb2096eefcf5376fc0554c2

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 79229
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Thu, 22 Sep 2022 21:03:47 GMT
ETag: "86dac02fedb6b6996edfc1a160360449"
Last-Modified: Sat, 02 Oct 2021 00:04:48 GMT
Server: AmazonS3
Via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
X-Amz-Cf-Id: bE9d3A6D8VS-YQnCw1-SrM7_T5S6LgQKCAy0FBBlS2KIm7ahzOMm6w==
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:04:15 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/9wnvf1m/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2

200

activityi;dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168 Show response
5120040.fls.doubleclick.net/ Frame ECEE
Redirect Chain

https://5120040.fls.doubleclick.net/activityi;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168?
https://5120040.fls.doubleclick.net/activityi;dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168?

442 B
523 B

86ms
85ms

Document
text/html

142.251.39.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5120040.fls.doubleclick.net/activityi;dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168?

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f6.1e100.net

Software

cafe /

Resource Hash

17d9be910edf270f5a65d075e0e14c01fe022593834f700aa209cbb32827f4b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 346
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5120040.fls.doubleclick.net/activityi;dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5159f27a1160d2b2/ 3 KB
995 B 219ms
205ms Script
application/javascript 2.20.72.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5159f27a1160d2b2/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.72.124 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-72-124.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 33c453b4d5ac93638542995f61f958e8d5a5d084308bb7c38faf3690328fc918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:15 GMT
content-encoding: gzip
etag: -1392009058--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=12, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 818

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 264ms
243ms Script
application/javascript 2.20.72.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=632e032fcb676fbb&bkl=0&bl=1&pdt=1456&sid=632e032fcb676fbb&pub=ra-5159f27a1160d2b2&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.candyindustry.com&fp=gdpr-policy&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Candy%2Cconfectionery%2Cchocolate%2Ccocoa%2Cnews%2Ctrends%2Cgummy%2Cgum%2Cstarch%2Csnacks%2Csugar-free%2Cnovelty%2Cnatural%2Cflavors%2Ccolors%2Ccaramel%2Cingredients%2Cretail%2Cmanufacturing%2Cequipment%2Cinternational%2CMars%2CHershey%2CNestle&colc=1663959855532&jsl=1&uvs=632e032f61bb0039000&skipb=1&callback=addthis.cbs.jsonp__189806788159881720
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.72.124 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-72-124.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8b3b285ca9dc492ec8c9d4d3e90eb5677069a1bdd1f88f433ad87dec95856ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:15 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4195 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 7B30 71 KB
26 KB 55ms
55ms Document
text/html 2.20.72.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.72.124 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-72-124.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Fri, 23 Sep 2022 19:04:15 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK main.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 114 KB
34 KB 130ms
130ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/main.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

7ae3dca8b680bdd991f410b8162ac490009310c2ce2caf6b449f762448b42bac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 812
X-Cache: HIT
Connection: keep-alive
Content-Length: 34351
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-1c922"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-cookie.js Show response
www.candyindustry.com/javascripts/ 2 KB
1 KB 127ms
127ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/jquery-cookie.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

fe109b9d05e617669a7d867b3e7c757f909f32afaf06355ab838e60773c71cf6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 16
X-Cache: HIT
Connection: keep-alive
Content-Length: 858
Last-Modified: Tue, 20 Sep 2022 05:25:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebc-88e"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK tabs.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 9 KB
4 KB 127ms
127ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/tabs.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

bb09cfbd137611eb5310ed5f7b74b8bbb566e0e51d63e9e736cb02089044c5f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 163
X-Cache: HIT
Connection: keep-alive
Content-Length: 3432
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-24dc"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK brightcove-video-list.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 62 KB
18 KB 128ms
128ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/brightcove-video-list.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

d97a7bae1d07f7300d7878626b41a182725274f43aeecb0d348cc6041865ec63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 647
X-Cache: HIT
Connection: keep-alive
Content-Length: 17630
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-f723"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK recaptcha.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 2 KB
1 KB 183ms
183ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/recaptcha.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

35cec44b5cd7bfaf8c9cec5b5d49affb89aa8aee4baf8d82cd0f575ed5fd81a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 404
X-Cache: HIT
Connection: keep-alive
Content-Length: 793
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-6bb"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 174ms
52ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV6W748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 2202
date: Fri, 23 Sep 2022 18:27:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 20:27:33 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
32 KB 126ms
43ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?238
Requested by: Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:08:22 GMT
age: 3353
x-guploader-uploadid: ADPycdsRkOedKGeu1KKWe3M5uD1utU8edZYMkFpN34mdx1ewmCiqa1SQ7rP7CtcRHCOmqJFgvaHShqiU56Hm6ilsdY5aAKkpms8j
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32025
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "fe36d3317b1b052708eb2260e253aa63"
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
x-goog-generation: 1660081747697868
cache-id: FRA-1209ea83
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 928ms
143ms Stylesheet
text/css 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV6W748

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 27 Aug 2021 04:05:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: W/"28820-1630037128000"
vary: accept-encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Accept-Ranges: bytes
Keep-Alive: timeout=5
Expires: Sat, 24 Sep 2022 01:04:16 GMT

GET
H/1.1 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 267 KB
73 KB 913ms
146ms Script
application/javascript 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

59aa4a2e8bd5605bfec48b4f02b0a7ca522c2cd2a137dff4c5c4933d737287a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 04 Aug 2022 14:47:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: W/"273536-1659624456000"
vary: accept-encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Accept-Ranges: bytes
Keep-Alive: timeout=5
Expires: Sat, 24 Sep 2022 01:04:16 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B65A 42 KB
22 KB 60ms
59ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfz3doaAAAAAObCaLbv46XzjeK5RBJUFeJWmuRd&co=aHR0cHM6Ly93d3cuY2FuZHlpbmR1c3RyeS5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=jbj12l7wo9lg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64719d7d5246e68e98787bb819ed9ffe8087c9893e66c200e8eee9fc97762aa6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mtptlauDPzqmnHO94QILGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22566
content-security-policy: script-src 'report-sample' 'nonce-mtptlauDPzqmnHO94QILGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 55ms
55ms Script
application/javascript 2.20.72.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.72.124 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-72-124.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 23 Sep 2022 19:04:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77619

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame B65A 52 KB
24 KB 115ms
38ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfz3doaAAAAAObCaLbv46XzjeK5RBJUFeJWmuRd&co=aHR0cHM6Ly93d3cuY2FuZHlpbmR1c3RyeS5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=jbj12l7wo9lg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 11:27:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame B65A 391 KB
156 KB 134ms
57ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 11:27:23 GMT

GET
H/1.1 200
OK headroom.min.js Show response
www.candyindustry.com/javascripts/vendor/ 4 KB
2 KB 134ms
134ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/vendor/headroom.min.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

402459ba2ba22075416d1aa09518df58ab0138095ff2d304ada984264a9d4bd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 676
X-Cache: HIT
Connection: keep-alive
Content-Length: 1399
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-f1b"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK enquire.min.js Show response
www.candyindustry.com/javascripts/vendor/ 2 KB
2 KB 128ms
128ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/vendor/enquire.min.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 161
X-Cache: HIT
Connection: keep-alive
Content-Length: 1006
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-8ce"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.mmenu.min.js Show response
www.candyindustry.com/javascripts/vendor/ 11 KB
4 KB 142ms
141ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/vendor/jquery.mmenu.min.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

5aea0d1d89aba77c45ee34479a9668ca395cf3c10855b71ab6cfe9ec513901bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Length: 3645
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-2bca"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 2C8C 70 B
260 B 56ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=h83y0ff&ct=0:9wnvf1m&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/9wnvf1m/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame 1D04 70 B
260 B 56ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=h83y0ff&ct=0:v79hgpl&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 178ms
73ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1275415690&t=pageview&_s=1&dl=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&ul=en-us&de=UTF-8&dt=%7C%20Candy%20Industry&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=74797754&gjid=1327423758&cid=383833372.1663959856&tid=UA-2806739-12&_gid=535521149.1663959856&_r=1&gtm=2wg9l0PV6W748&cd5=default&cd12=0&cd13=0&cd14=&cd16=0%2C0&cd18=0&cd19=&cd20=&z=785780716

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.candyindustry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 utsync.ashx Show response
ml314.com/ 62 B
81 B 144ms
67ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=67120&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&pv=1663959855893_bwijeknqh&bl=en-us&cb=5925262&return=&ht=&d=&dc=&si=1663959855893_bwijeknqh&cid=&s=1600x1200&rp=&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?238
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:15 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/ Frame A515 441 B
814 B 239ms
80ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/

Requested by

Host: 5120040.fls.doubleclick.net
URL: https://5120040.fls.doubleclick.net/activityi;dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a16877d432df97949a092e489a478b531a8e04667252abedc4fac1f0705e9480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5120040.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 345
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK modernizr.csstransitions.js Show response
www.candyindustry.com/javascripts/vendor/ 2 KB
2 KB 127ms
127ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/vendor/modernizr.csstransitions.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

4dd2c080c446c1f37ccd43a687fb824c9a53a5fac513e9c1703be1a279920863

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 838
X-Cache: HIT
Connection: keep-alive
Content-Length: 996
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-7d9"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B65A 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 259468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Sep 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B65A 15 KB
15 KB 117ms
37ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 287171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B65A 15 KB
15 KB 122ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 259468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B65A 102 B
133 B 46ms
46ms Other
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfz3doaAAAAAObCaLbv46XzjeK5RBJUFeJWmuRd&co=aHR0cHM6Ly93d3cuY2FuZHlpbmR1c3RyeS5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=jbj12l7wo9lg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 19:04:16 GMT

GET
H/1.1 200
OK logger.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 54 KB
18 KB 127ms
127ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/logger.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

56a6583f8ccf7c2b6e5caa9f07ac6a88844811ab535164a359dd9ddc8969cd4c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 591
X-Cache: HIT
Connection: keep-alive
Content-Length: 17917
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-d8b3"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 hbw_master_302826_5902.js Show response
player.hbmp.mediafuse.com/prebidlink/x462211/ 137 KB
42 KB 249ms
163ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hbmp.mediafuse.com/prebidlink/x462211/hbw_master_302826_5902.js
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/462211/wrapper_hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: b234ef8a535169f0adab1cf20bf3cd49a58501c5324ff1934741feb49645baac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:16 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 19:02:53 GMT
server: nginx
etag: W/"632e02dd-22211"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 25 Sep 2022 19:04:16 GMT

GET
H2 200 hb_302826_5902.js Show response
player.hbmp.mediafuse.com/prebidlink/x19258/ 450 KB
137 KB 125ms
39ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/462211/wrapper_hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: db1eb9b1c2422dde9bbbbaf5a4a901b306a1120056d72a7fae30b92eb6b81a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:16 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 13:48:58 GMT
server: nginx
etag: W/"63208a4a-708e3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 25 Sep 2022 19:04:16 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 161ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15aebc88e2d40791aafa03407088d4a5cc9839ab402bc482e9a76622b1adca84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27812
x-xss-protection: 0
server: sffe
etag: "1343 / 242 of 1000 / last-modified: 1663931308"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Sep 2022 19:04:16 GMT

GET
H3

200

/ Show response
5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/ Frame 861D
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/
https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/

326 B
293 B

87ms
87ms

Document
text/html

142.251.39.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f6.1e100.net

Software

cafe /

Resource Hash

0508a40d1540b2002570f0da01d0520aec55db7f7ce92c08dd53d701c8b9fa64

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:16 GMT
expires: Fri, 23 Sep 2022 19:04:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022091901.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131339
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 08:34:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Sep 2023 10:32:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 82 B
103 B 121ms
46ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.candyindustry.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46ea47f183c2b382fa98d006e62a523b60bf0c1fd7e79a7d9eeec8854f247114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78
x-xss-protection: 0
expires: Fri, 23 Sep 2022 19:04:16 GMT

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame 861D 70 B
260 B 56ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=h83y0ff&ct=0:jhksazjx&fmt=3
Requested by: Host: 5120040.fls.doubleclick.net
URL: https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CL2-_cDNq_oCFUK5mgodx50AQw;src=5120040;type=ip1590;cat=candy0;ord=9056476011738.168;~oref=https://www.candyindustry.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5120040.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK / Show response
ghb.hbmp.mediafuse.com/geo/ 139 B
416 B 224ms
45ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/geo/
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x462211/hbw_master_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: cdd136e36bcf38f0a7fa2eb8e3856efcdc034d868ba5096b00a201f854066dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.candyindustry.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 139

GET
H/1.1 200
OK tracking Show response
ghb.hbmp.mediafuse.com/adunit/ 43 B
441 B 224ms
46ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/adunit/tracking?event=11&type=0&client_id=302826&site_id=5902&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&adid=euqifg.3i&features=147488&vpbv=N087&lifecycle_tte=3875
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x462211/hbw_master_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.candyindustry.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 j.html Show response
p.getadcdn.com/prebidlink/19258/ Frame F963 1 KB
888 B 183ms
38ms Document
text/html 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://p.getadcdn.com/prebidlink/19258/j.html?i=11601
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=172800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 19:04:16 GMT
etag: W/"620bee41-43d"
expires: Sun, 25 Sep 2022 19:04:16 GMT
last-modified: Tue, 15 Feb 2022 18:17:37 GMT
server: nginx

GET
H/1.1 200
OK jquery.mmenu.fixedelements.min.js Show response
www.candyindustry.com/javascripts/vendor/ 682 B
928 B 128ms
127ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/vendor/jquery.mmenu.fixedelements.min.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

31d7a86266ba3fbaea29718b1261abcd93ef1e56faeb5d4069f94e9e90dc9cda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 738
X-Cache: HIT
Connection: keep-alive
Content-Length: 375
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebe-2aa"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 1464969984001 Show response
edge.api.brightcove.com/playback/v1/accounts/599585967001/playlists/ 5 KB
6 KB 253ms
252ms XHR
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/599585967001/playlists/1464969984001?limit=1&json
Requested by: Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 296c963015eaf5e94a3af8b3b77d996d7df158dca6a0d30689714a4f3de5ac21

Request headers

Accept: application/json;pk=BCpkADawqM1CSLkNMXl4noZnUFKfkqq30qsaWUzd5MZ8UFUmwKL7KzrYLM-Z9C_5OJG351h5c1ZBtJFULAf6Jp_hmftcuqTx93AFdiL1lNh6YaeVgKAS5unUTZ0
Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:17 GMT
powered-from: eu-central-1b
bcov-request-id: acb695df-fce5-474e-9aa5-de43f5fb3467
age: 0
policy-key-accountid: 599585967001
x-cache: MISS
powered-by: BC
content-length: 5515
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
policy-key-raw: BCpkADawqM1CSLkNMXl4noZnUFKfkqq30qsaWUzd5MZ8UFUmwKL7KzrYLM-Z9C_5OJG351h5c1ZBtJFULAf6Jp_hmftcuqTx93AFdiL1lNh6YaeVgKAS5unUTZ0
x-timer: S1663959857.822611,VS0,VE215
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 0

OPTIONS
H2 200 1464969984001
edge.api.brightcove.com/playback/v1/accounts/599585967001/playlists/ Frame 0
0 147ms
37ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/599585967001/playlists/1464969984001?limit=1&json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Fri, 23 Sep 2022 19:04:16 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4040-HHN
x-timer: S1663959857.783199,VS0,VE0

GET
H/1.1 200
OK 5.5.bundle.js Show response
www.candyindustry.com/javascripts/app/bundle/ 538 B
926 B 129ms
128ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/bundle/5.5.bundle.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/app/bundle/main.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

1009e21403771b1ebcbcd107fce78f1aa6977d3bd4a0bb253f7d234f72463d32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Content-Encoding: gzip
Age: 833
X-Cache: HIT
Connection: keep-alive
Content-Length: 373
Last-Modified: Tue, 20 Sep 2022 05:26:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294f20-21a"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DB4B 42 KB
22 KB 60ms
59ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

104ca99c1d8681ef31502560237df84f64c0da7af7c48667c2d77292237a2ee8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6ao07t0F7lmPTuMzc_y-mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22222
content-security-policy: script-src 'report-sample' 'nonce-6ao07t0F7lmPTuMzc_y-mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 hbw_master_307825_11601.js Show response
p.getadcdn.com/prebidlink/y19258/ Frame F963 79 KB
26 KB 57ms
56ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://p.getadcdn.com/prebidlink/y19258/hbw_master_307825_11601.js
Requested by: Host: p.getadcdn.com
URL: https://p.getadcdn.com/prebidlink/19258/j.html?i=11601
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: b438715684b182fe22e0b892c134710e808af8dac53be4501cb979f93318205b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.getadcdn.com/prebidlink/19258/j.html?i=11601
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:16 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:55:37 GMT
server: nginx
etag: W/"631a3aa9-13cd7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 25 Sep 2022 19:04:16 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame DB4B 52 KB
24 KB 38ms
37ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 11:27:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame DB4B 391 KB
156 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 11:27:23 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.hbmp.mediafuse.com/ 223 B
524 B 45ms
45ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/csyncs?aid1=484206
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x462211/hbw_master_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8fadfcb9537680d26d5b6c7d7eb16ed58276e0927e4dd2a46eab6506adebfbed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:15 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.candyindustry.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 208

GET
H2 200 170 Show response
a.ad.gt/api/v1/u/matches/ 10 KB
4 KB 610ms
204ms Script
application/javascript 35.84.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/170
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x462211/hbw_master_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.93.102 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-93-102.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: df02c2949cbc9ac456f455575c6a4d7a4054d0e0d887ee19befe5dce0da2253a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 19:04:17 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET
H2 200 init-1016mnvd6jvjr44ajs9g.js Show response
api.fouanalytics.com/api/ 460 B
856 B 608ms
210ms Script
text/javascript 172.64.137.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1016mnvd6jvjr44ajs9g.js
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x462211/hbw_master_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b007484b495c6bd52b9e268153b59e8c97f3658c125057351f7446747fa69b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TZWMaiYtPaBMZiLXukOAD%2FubaGXWJCGRavgENL%2BJu6KR8wpbBUq8xPx1%2FreNGipbRDc%2FbSmLb1u56cu0sb9qxWNryRlsjw30Mu83R4EzuZivGWpYknBvyXk4mLsI9PHbLxoifN0jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 74f58b93c9ec995c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f69be05f-a27f-44d7-82d7-84e4a2c78b73

0
404 B

442ms
166ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f69be05f-a27f-44d7-82d7-84e4a2c78b73
Requested by: Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:17 GMT
Server: Adtelligent
Etag: 84deb345be02d918
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f69be05f-a27f-44d7-82d7-84e4a2c78b73
date: Fri, 23 Sep 2022 19:04:17 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DB4B 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 259468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Sep 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB4B 15 KB
15 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 287171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB4B 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 259468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 18:59:48 GMT

GET
H2 200 hb_307825_11601.js Show response
player.adtelligent.com/prebidlink/ex19259/ Frame F963 286 KB
89 KB 210ms
42ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js
Requested by: Host: p.getadcdn.com
URL: https://p.getadcdn.com/prebidlink/y19258/hbw_master_307825_11601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: d3f5d2edb1d7efe3e24417b3a48999d2090f8b7cab6a0f773e4075b33122de03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.getadcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:17 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 20:18:51 GMT
server: nginx
etag: W/"62fe9eab-47661"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 25 Sep 2022 19:04:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DB4B 102 B
133 B 45ms
45ms Other
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfz3doaAAAAAObCaLbv46XzjeK5RBJUFeJWmuRd&co=aHR0cHM6Ly93d3cuY2FuZHlpbmR1c3RyeS5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=jbj12l7wo9lg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 19:04:16 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ Frame F963 139 B
409 B 216ms
45ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: p.getadcdn.com
URL: https://p.getadcdn.com/prebidlink/y19258/hbw_master_307825_11601.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: cdd136e36bcf38f0a7fa2eb8e3856efcdc034d868ba5096b00a201f854066dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.getadcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://p.getadcdn.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 139

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ Frame F963 43 B
431 B 216ms
46ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11601&full_page_url=https%3A%2F%2Fwww.candyindustry.com&adid=euqiot.x5&features=16416&vpbv=N082&lifecycle_tte=346
Requested by: Host: p.getadcdn.com
URL: https://p.getadcdn.com/prebidlink/y19258/hbw_master_307825_11601.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.getadcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:16 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://p.getadcdn.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H/1.1 200
OK video-play.png
www.candyindustry.com/images/video/ 5 KB
5 KB 124ms
124ms Image
image/png 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.candyindustry.com/images/video/video-play.png

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/stylesheets/application-v2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

a041651fc88210ebdd9d35c3edc954ac0137b4ed6217c3eef15a4d86785ffe7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/stylesheets/application-v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:17 GMT
Via: 1.1 varnish
Age: 787
X-Cache: HIT
Connection: keep-alive
Content-Length: 4792
Last-Modified: Tue, 20 Sep 2022 05:25:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "63294ebe-12b8"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/png
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/beeebdd2-3b46-4f43-ac3f-50cbc6b85869/8218699f-e240-414a-ab13-aeda1d525500/360x203/match/ 36 KB
37 KB 221ms
63ms Image
image/jpeg 52.222.149.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/beeebdd2-3b46-4f43-ac3f-50cbc6b85869/8218699f-e240-414a-ab13-aeda1d525500/360x203/match/image.jpg
Requested by: Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-91.cdg52.r.cloudfront.net
Software: / BC
Resource Hash: ac0b052a1261929b8bcbd7bff9461357b18308cb9509596cb72bdb1dfe163436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 03:50:43 GMT
Via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 6880414
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: CDG52-P1
X-Amz-Cf-Id: PAwifEFlPhI1KKtJgmH9ax1YLJmkruqJfbjmGx_7oEPRuRZWe3tyFg==
Expires: Thu, 06 Jul 2023 03:50:43 GMT

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 349ms
48ms Script
text/javascript 172.64.137.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Sep 2022 14:43:36 GMT
server: cloudflare
age: 5940
etag: W/"631f4598-3bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9OdKVtHOVLfNHAC7aECH22tADwna31WBE9dPU0dMnw7A%2FtamGjoyACYsFsqPxhzExJR3wRhhflMq9jjVXRbSd91ctHQZNwPJPSODMOC3XRXokdqNrD%2FwXgWBIE9SmpvgODb666PAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74f58b96f898995c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 x Show response
api.fouanalytics.com/api/ 0
456 B 908ms
226ms XHR
text/plain 172.64.137.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x?4PGwvJ3vdPVvFu52$dXJsJDAkaHR0cHM6Ly93d3cuY2FuZHlpbmR1c3RyeS5jb20vZ2Rwci1wb2xpY3k_dXJsPWh0dHBzJTNBJTJGJTJGd3d3LmNhbmR5aW5kdXN0cnkuY29tJTJGZXh0JTJGcmVzb3VyY2VzJTJGZXZlcnlkYXklMkYyMDIwJTJGcGxtYS1sb2dvX3dlYi0yLmpwZyUzRjE2MTE3Njg4MjgiLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDAkMSIsImlubmVyJDAkMTYwMHgxMjAwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCQxIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQwJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMCR0cnVlIiwiZGV2aWNlTWVtb3J5JDAkOCIsImRvTm90VHJhY2skMCQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDEkNCIsImxhbmd1YWdlJDEkZW4tVVMiLCJwbGF0Zm9ybSQxJFdpbjMyIiwicHJvZHVjdCQxJEdlY2tvIiwicHJvZHVjdFN1YiQxJDIwMDMwMTA3IiwidXNlckFnZW50JDEkTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsIndlYmRyaXZlciQxJGZhbHNlIiwibmF2aWdhdG9yLWhhc2gkNSQ0YzZiMWZhMSIsIm5hdmlnYXRvci10aW1lJDUkNC43Iiwic2VuZEJlYWNvbiQ1JDEiLCJmb250cmVuZGVyJDgkMSIsInRpbWUkOCQxNjYzOTU5ODU3Nzk3IiwidGltZXpvbmUkOCQwIiwicGx1Z2lucy10aW1lJDgkMCIsInBsdWdpbnMkOCRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkOCQzNS4xIiwibWVtLXVzZWRKU0hlYXBTaXplJDgkMjcuNiIsIm1lbS1qc0hlYXBTaXplTGltaXQkOCQzNzYwIiwidGltZS1yZWRpcmVjdEVuZCQ4JDEwNDIiLCJ0aW1lLWZldGNoU3RhcnQkOCQxMDQyIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ4JDEwNDIiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQ5JDEwNDIiLCJ0aW1lLWNvbm5lY3RTdGFydCQ5JDEwNDIiLCJ0aW1lLWNvbm5lY3RFbmQkOSQxMDQyIiwidGltZS1yZXF1ZXN0U3RhcnQkOSQxMDQyIiwidGltZS1yZXNwb25zZVN0YXJ0JDkkMTQ0MCIsInRpbWUtcmVzcG9uc2VFbmQkOSQxNDQzIiwidGltZS1kb21Mb2FkaW5nJDkkMTQ1MCIsInRpbWUtZG9tSW50ZXJhY3RpdmUkOSQyODA1IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQ5JDI4MDUiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQ5JDI4MTciLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkOSQxIiwibmF2aWdhdGlvbi10eXBlJDkkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkMTckMC40IiwiZ2xvYmFscyQxOCQ1MTU5ZjczYyIsImRvY3VtZW50LXRpbWUkMjYkMC42IiwiZG9jdW1lbnQkMjYkNzk1OTYwN2EiLCJjb25uZWN0aW9uJDI3JCIsImRvd25saW5rTWF4JDI3JCIsImdldFVzZXJNZWRpYSQyNyQyIiwicGFnZS1mcmFtZS1jb3VudCQyOCQ3IiwicGFnZS1mcmFtZS1saXN0JDI4JDB4MCNzNy5hZGR0aGlzLmNvbSAyNTZ4NjAjd3d3Lmdvb2dsZS5jb20gMHgwIyAweDAjaW5zaWdodC5hZHNydnIub3JnIDB4MCNpbnNpZ2h0LmFkc3J2ci5vcmcgMHgwIzUxMjAwNDAuZmxzLmRvdWJsZWNsaWNrLm5ldCAweDAjcC5nZXRhZGNkbi5jb20iLCJwYWdlLWhhc2gtdGltZSQzMiQ0LjEiLCJwYWdlLWhhc2gkMzIkMzY0YmE3YWYiLCJmb250JDQ4JDEwMDAwMDAiLCJzdHlsZS1oYXNoJDQ5JGY0ZGVkMTVjIiwic3R5bGUtdGltZSQ0OSQwLjciLCJhdWRpby1jb2RlYyQ0OSQyMjIxMiIsInZpZGVvLWNvZGVjJDQ5JDIyMjAwMCIsImNsb2NrJDU1JDM4ODgiLCJzb3J0JDcxJDE1LjkiLCJzdGFjayQ3MyQxMzk1NSIsInN0YWNrLWVycm9yJDczJFJhbmdlRXJyb3I6IE1heGltdW0gY2FsbCBzdGFjayBzaXplIGV4Y2VlZGVkIiwic3RhY2stdGltZSQ3MyQxLjciLCJ3ZWJnbCQ4MCQxIiwid2ViZ2wyJDgwJDEiLCJ3ZWJnbC12ZW5kb3IkODAkSW50ZWwgSW5jLiIsIndlYmdsLXJlbmRlcmVyJDgwJEludGVsIElyaXMgT3BlbkdMIEVuZ2luZSIsIndlYmdsLWV4dGVuc2lvbnMkODAkNDQ5NTM5NjUiLCJ3ZWJnbC10aW1lJDgwJDYuOSIsImJhdHRlcnkkODIkMSAxIDAgSW5maW5pdHkiLCJwZXJtaXNzaW9uLWdlb2xvY2F0aW9uJDgyJHByb21wdCIsImF1ZGlvY29udGV4dCQ4MiRmN2U3MTJkOSIsImF1ZGlvY29udGV4dC10aW1lJDgyJDMxLjYiLCJpbnRlcnNlY3Rpb24tc2l6ZSQ4MyQxNjAweDEyMDAiLCJpbnRlcnNlY3Rpb24kODMkMjgiLCJwZXJtaXNzaW9uLW5vdGlmaWNhdGlvbnMkODMkcHJvbXB0IiwicGVybWlzc2lvbi1jYW1lcmEkODMkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDgzJHByb21wdCIsInBlcm1pc3Npb24tcGVyc2lzdGVudC1zdG9yYWdlJDgzJHByb21wdCIsImFkYmxvY2skMTUwJDAiLCJmcmFtZXJhdGUkMTU1JDcw
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95gK5HAWQYdMW%2BqpQgxrX7RC9xA5vC8LHUbvYxVMTXb64zekxisUCIafNMww8fx64geF3rN%2B68xl%2BYVV%2BqmejtdVtu%2BgYqHFT8jN31VydkXF9bXa%2BXpWTJC1ps%2FJJyMx1ZNFpxdIpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 74f58b9d5c6068f5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279934/ 9 KB
4 KB 117ms
39ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279934/config.json?cb=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ec7787429809c686b856f3541e8b907790b23ffab27cfd5f573a2cd5368731fc

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:01:06 GMT
server: nginx
etag: W/"632da002-2213"
content-type: application/json
access-control-allow-origin: https://www.candyindustry.com
expires: Sun, 25 Sep 2022 19:04:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK vr Show response
ghb.hbmp.mediafuse.com/ 40 B
316 B 46ms
45ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/vr?bids=14046
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x462211/hbw_master_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 138e9ed120b0a34831505b7bfb7ceb4c9c4147558f842837983255336a1b7fe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:17 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.candyindustry.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 40

GET
H2 200 hadronid Show response
id.hadron.ad.gt/api/v1/ 7 KB
3 KB 617ms
203ms Script
text/javascript 52.40.56.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/hadronid
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.40.56.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-56-16.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 01be27fd789b6415f3f639dfc0912da7d6376de1786280de55e73acda4b47989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: gzip
origin-trial
server: nginx/1.20.0
content-type: text/javascript; charset=UTF-8

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 122ms
46ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.candyindustry.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 122ms
46ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.candyindustry.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
500 B 85ms
84ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124115330225343&correlator=722807892379298&eid=31069635%2C44761477&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fifs&iu_parts=52040140%2Ccan%2Cweb%2Csubpage%2Cslider%2Csidebar-mrect-mobile&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5&prev_iu_szs=1x1%2C1x1&ifi=1&adks=24347681%2C4226717768&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=page_type%3Ddefault%26reg_user%3Dfalse%26page_name%3Dgdpr_policy%26subscribed_user%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1663959858238&lmt=1663959858&dlt=1663959854170&idt=2529&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&frm=20&vis=1&psz=1600x4181%7C300x3212&msz=0x0%7C300x250&fws=128%2C132&ohw=0%2C1600&ga_vid=383833372.1663959856&ga_sid=1663959858&ga_hid=1275415690&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30517efadbecceb4631d5e922ca3af071c51a671dcb9e7d75c818165b1034ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.candyindustry.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fb459d357ed2995bc03e8368aa7eb22d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE2D 6 KB
4 KB 224ms
46ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb459d357ed2995bc03e8368aa7eb22d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:18 GMT
expires: Sat, 23 Sep 2023 19:04:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 1002ms
151ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Fri, 23 Sep 2022 19:04:18 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 252ms
114ms Fetch
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 13675860247812201117
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 23 Sep 2022 19:04:18 GMT

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
354 B 172ms
171ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

2edaa30d4700e9c64439fd90cba328cf7eeb1177cbf7b7e26520266bb75d724d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 23 Sep 2022 19:04:19 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 322ms
40ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 322ms
40ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 323ms
41ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 322ms
41ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 356ms
75ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 322ms
41ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 308ms
40ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 341ms
74ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 343ms
76ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 344ms
77ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 344ms
78ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 341ms
76ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 342ms
77ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 341ms
76ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 341ms
77ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 366 B
1 KB 253ms
82ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=55%2C57&gdpr=0&eid_pubcid.org=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f%5E1&rf=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&tg_i.pbadslot=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=60a5023a-836b-4af2-858f-12d27c02d4a6&l_pb_bid_id=216c95cce992cb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&slots=1&rand=0.2782787908045137
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a432debf91e000cb56cf5632860ba81ac5824a66aa967996cc8446f2b5614a8a

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 366
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 363 B
1 KB 267ms
97ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=10&gdpr=0&eid_pubcid.org=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f%5E1&rf=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&tg_i.pbadslot=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=c220e645-f883-4454-9724-54715a888711&l_pb_bid_id=3830fdfd84646d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&slots=1&rand=0.07628890400303523
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c982a7d7b29e0373f4c847856ca6bc58f6f751bacddf47858f3b5d2ff857a353

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 363
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 344 B
1 KB 257ms
87ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&gdpr=0&eid_pubcid.org=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f%5E1&rf=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&tg_i.pbadslot=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=8eb2d78b-80b7-4713-b319-b842d50ce19a&l_pb_bid_id=4b68832469df72&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&slots=1&rand=0.8023668051995356
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 949317f423cd0349c11887fd6542d19dc47112945ca63c9d370b91511188d75d

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 344
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 182ms
43ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.candyindustry.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 23 Sep 2022 19:04:18 GMT

POST
H2 204 pb Show response
ad.360yield.com/ 0
375 B 243ms
59ms XHR
text/plain 63.33.112.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.112.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-112-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:18 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 pb Show response
ad.360yield.com/ 0
374 B 242ms
59ms XHR
text/plain 63.33.112.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.112.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-112-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:18 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 pb Show response
ad.360yield.com/ 0
375 B 241ms
58ms XHR
text/plain 63.33.112.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.112.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-112-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:18 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 pb Show response
ad.360yield.com/ 0
374 B 289ms
106ms XHR
text/plain 63.33.112.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.112.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-112-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:19 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 pb Show response
ad.360yield.com/ 0
374 B 288ms
105ms XHR
text/plain 63.33.112.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.112.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-112-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:19 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
861 B 228ms
109ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUO2I9ST
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5509c3a58f35dea68008aedb1c48e46782b214a5f9f3f0b1f0f8456ab3499f4b

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.candyindustry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 363 B
1 KB 264ms
100ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153490&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f%5E1&rf=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&tg_i.pbadslot=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=60a5023a-836b-4af2-858f-12d27c02d4a6&l_pb_bid_id=16f580b16ea2c36&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&slots=1&rand=0.31677918947661743
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0e397ea22e0577c3bce108ff5cf728a8b798eaaa81f32a2f32b4ce6c55507e5e

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 363
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 362 B
1 KB 267ms
103ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153490&size_id=9&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f%5E1&rf=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&tg_i.pbadslot=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=c220e645-f883-4454-9724-54715a888711&l_pb_bid_id=17af7f8769392be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&slots=1&rand=0.12297959786030654
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7511d7194897358ac0669453c11c28cc4f0741982f98ba8ec1b81d9f8b32c74a

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 362
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 343 B
1 KB 321ms
89ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153490&size_id=15&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f%5E1&rf=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&tg_i.pbadslot=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=8eb2d78b-80b7-4713-b319-b842d50ce19a&l_pb_bid_id=18dd718b0f1d20b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&slots=1&rand=0.004148877888198621
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6b9ea06f08a2a4adee64357bd52efff2b9708bc542e17788e5bd1857d15737a1

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 343
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 105ms
102ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ff32755dd4187872d6aee164b5babffe1f115f19d4b437699b86d8e03f7d48b0

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 99ms
97ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 78c4fbbeecb6c2d8cefb938185739e9b03900d3fe5a64bc5141651eff5dbee80

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
99 B 76ms
75ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1b49b835e21947c163e3585f3cf641542c6608c2671b9acb5e9ddbfa8c933bc2

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 103ms
101ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d2b6a9bb43e5894c3600e3d190ca4410ef9bb6314f0b4cbc68554363dbde220f

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 98ms
93ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a5b4034549a3974632e7b92c489bb8ff2702eeae2ad0cd643b0fa66640a59cc8

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 116ms
115ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a5ce4a3473dfb0a71464f6f2c7eb15548555f9ca4c777158e0a0491bc4257eda

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 102ms
100ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 51a6794329327253ee301e7e82e47cf39d9c1d5d7ba0f3de7a32ebfefb801889

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 83ms
78ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b018cc208e059a5de098796b75c3a8f2a0a938329f9ad028e17a0916f3fe1ec5

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 94ms
92ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 40f5cdbf03fecd94cb67cc94fe16426fa068a9270eb68adff1c0877b9e388adc

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 195ms
194ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c383be61d2c53db253eeda7b36db80a9b5cafbbe27e1d554e8bc09fc350a9e11

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 95ms
94ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 2abfa4d9a9da05a8f41d5b1979fe3ce754b058bcc04d498224d13870130a1618

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 115ms
112ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4d7dac78bb9d3c9cf45f04214426ae3b6549da2f4236adceebdf3c9ad592e8f6

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 80ms
78ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 61afaabef40ea16a1bb2cbf6c47251ae84db53882dfd2acbc45c6e305ee6eef5

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 104ms
102ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: eb71725c3c63ad76a2bd979a659d824e4ea771ec1cceb457da064aa71acf08e2

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 79ms
78ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e2765968ac3a8595b6d4c093cc1e9eb3733c587c934be34ec90a16bfe4153e3a

Request headers

Referer: https://www.candyindustry.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 66

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
569 B 161ms
65ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=843091&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22392bac06740c201%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240b318323374316%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22843091%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22843091%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile%22%7D%7D%2C%7B%22id%22%3A%2241cedb7aacde053%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22843091%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile%22%7D%7D%2C%7B%22id%22%3A%2242530fd05d994c2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22843091%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediafuse.com%22%2C%22sid%22%3A%2226%22%2C%22hp%22%3A1%2C%22rid%22%3A%222bd886f9-0c38-4d32-ab3c-ddfbf5ef7183%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2258cf0439-b3ac-46e0-87b5-e35c3bf6f18f%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad28745a8f1273676d94167bdfd9b99b9edbc260dac63b458977612ab11a3ad

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ym2KS103gB7%2F886h4E6kJWKtgVVKV1yjhUZNOG3YUltIqfN27wp6cBqlkgWBxwjQNMJtyIyqhH2PhYin2gntLqK073gdQhHYk8NdlmxEQaqcFL3M4Q7xSjA2PrmBsXQZVi%2Fuj8pX"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.candyindustry.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74f58b9e1ed890ac-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 363 B
1 KB 304ms
87ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=422598&zone_id=2400038&size_id=2&alt_size_ids=57&gdpr=0&rp_schain=1.0,1!mediafuse.com,26,1,2bd886f9-0c38-4d32-ab3c-ddfbf5ef7183,,&eid_pubcid.org=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f%5E1&rf=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&tg_i.pbadslot=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=60a5023a-836b-4af2-858f-12d27c02d4a6&l_pb_bid_id=440250f4ed9e4f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&slots=1&rand=0.6304485495519259
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 325375b991cc322df108069eeaf019461dec1abe4fa8397ebd6cb62b0ffd56e0

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 363
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 344 B
1 KB 337ms
115ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=422598&zone_id=2400038&size_id=10&gdpr=0&rp_schain=1.0,1!mediafuse.com,26,1,2bd886f9-0c38-4d32-ab3c-ddfbf5ef7183,,&eid_pubcid.org=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f%5E1&rf=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&tg_i.pbadslot=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=c220e645-f883-4454-9724-54715a888711&l_pb_bid_id=45969fa566bef43&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&slots=1&rand=0.12122651905899673
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1b17fabd30fdc3f3f961c667108d58f8f1929690b6842eab7286cc4540d2a560

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 344
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 344 B
1 KB 297ms
66ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24434&site_id=422598&zone_id=2400038&size_id=15&gdpr=0&rp_schain=1.0,1!mediafuse.com,26,1,2bd886f9-0c38-4d32-ab3c-ddfbf5ef7183,,&eid_pubcid.org=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f%5E1&rf=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&tg_i.pbadslot=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=8eb2d78b-80b7-4713-b319-b842d50ce19a&l_pb_bid_id=46ada71dba52e57&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile&slots=1&rand=0.6471651921772335
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 77b1776bca72791ada272606ad4f9603b323905dc6c3dc3b9c75978bf66e3b1c

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 344
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
65 B 210ms
82ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
134 B 167ms
71ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:18 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 30
vary: origin, Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
318 B 191ms
51ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=75333934765

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 174 B
595 B 292ms
206ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=60a5023a-836b-4af2-858f-12d27c02d4a6%2Cc220e645-f883-4454-9724-54715a888711%2C8eb2d78b-80b7-4713-b319-b842d50ce19a&nocache=1663959858797&gdpr=0&pubcid=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f&schain=1.0%2C1!adtelligent.com%2C302826%2C1%2C%2C%2C&aus=970x90%2C728x90%2C970x250%7C160x600%2C300x600%7C300x250&divids=div-gpt-ad-leaderboard%2Cdiv-gpt-ad-sidebar-sky%2Cdiv-gpt-ad-sidebar-mrect&aucs=%252F52040140%252Fcan%252Fweb%252Fsubpage%252Fsidebar-mrect-mobile%2523div-gpt-ad-sidebar-mrect-mobile%2C%252F52040140%252Fcan%252Fweb%252Fsubpage%252Fsidebar-mrect-mobile%2523div-gpt-ad-sidebar-mrect-mobile%2C%252F52040140%252Fcan%252Fweb%252Fsubpage%252Fsidebar-mrect-mobile%2523div-gpt-ad-sidebar-mrect-mobile&auid=541177132%2C541177132%2C541177132
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 226675e8891a1c486ce8621c7405f75463bab9b0b4467ceabd014decea2b8d59

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.candyindustry.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
282 B 139ms
52ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:18 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 11
vary: origin, Accept-Encoding

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 361 B
476 B 114ms
113ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2bc6eea677abe87360c1511c8088db2da6bd32b90d5943746ae2f1bc7909b89b

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 23 Sep 2022 19:04:17 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.candyindustry.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 160

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
230 B 246ms
56ms XHR
text/plain 54.194.233.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=6.25.1-c&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-leaderboard%22%2C%22callback_id%22%3A%227588a0f8d91baed%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222926956994327683559%22%2C%22gpid%22%3A%22%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-sidebar-sky%22%2C%22callback_id%22%3A%22764160f87b225ec%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222926956994327683559%22%2C%22gpid%22%3A%22%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-sidebar-mrect%22%2C%22callback_id%22%3A%227728eb17c256e72%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222926956994327683559%22%2C%22gpid%22%3A%22%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile%22%7D%5D&page_url=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&bust=1663959858801&dnt=false&description=Candy%20Industry%20Magazine%20is%20a%20business-to-business%20publication%20that%20covers%20the%20global%20confectionery%20industry%20from%20manufacturing%20to%20retailing.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=%7C%20Candy%20Industry&w=1600&h=1200&pubcid=58cf0439-b3ac-46e0-87b5-e35c3bf6f18f&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediafuse.com%22%2C%22sid%22%3A%2226%22%2C%22hp%22%3A1%2C%22rid%22%3A%222bd886f9-0c38-4d32-ab3c-ddfbf5ef7183%22%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2258cf0439-b3ac-46e0-87b5-e35c3bf6f18f%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.233.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-233-195.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:19 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
162 B 188ms
44ms XHR
text/plain 18.156.156.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.156.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-156-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:18 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
162 B 266ms
123ms XHR
text/plain 18.156.156.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.156.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-156-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:19 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
163 B 185ms
42ms XHR
text/plain 18.156.156.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.156.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-156-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:18 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
162 B 186ms
44ms XHR
text/plain 18.156.156.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.156.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-156-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:18 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 30 B
938 B 560ms
142ms XHR
application/json 69.166.1.14
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2284c244f66aee92f%22%3A%22c1f2ff59c28c10fb9c50%7C728x90%2C970x250%7Cgpid%3D%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile%22%2C%22851cb7dbad3cb64%22%3A%22c1f2ff59c28c10fb9c50%7C300x600%7Cgpid%3D%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile%22%2C%22863f11c5c3c50ef%22%3A%22c1f2ff59c28c10fb9c50%7C300x250%7Cgpid%3D%2F52040140%2Fcan%2Fweb%2Fsubpage%2Fsidebar-mrect-mobile%23div-gpt-ad-sidebar-mrect-mobile%22%7D&ref=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&s=94cb3ce1-4735-4bf0-9828-06d7f9d09316&pv=04f2c885-d8ba-4c4e-8fbf-5c4ad13dc5af&vp=desktop&lib_name=prebid&lib_v=6.25.1-c&us=0&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediafuse.com%22%2C%22sid%22%3A%2226%22%2C%22hp%22%3A1%2C%22rid%22%3A%222bd886f9-0c38-4d32-ab3c-ddfbf5ef7183%22%7D%5D%7D&userid=%7B%22pubcid%22%3A%2258cf0439-b3ac-46e0-87b5-e35c3bf6f18f%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2258cf0439-b3ac-46e0-87b5-e35c3bf6f18f%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-136
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 30
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
121 B 179ms
69ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
183 B 423ms
122ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 623 B
1 KB 138ms
43ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4ccceb7b511135298557dddf9eeb52cbad47d1e90878c043a50fdb2d1e31fb62

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 23 Sep 2022 19:04:18 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e400f44b-5dcd-4dc1-aa85-d9762d209adc
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.candyindustry.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
802 B 256ms
135ms XHR
text/plain 18.64.103.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=4124&domain=candyindustry.com&gdpr=0&gdprstr=
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-68.txl50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:18 GMT
via: 1.1 8a18c9375ff4553eb348eedbe6d74372.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: TXL50-P3
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.candyindustry.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id: xiRzYmmnaPA4p-2IerPnJRHAGSpyhXAzv9K7z2HU4qhpib9FWcdgMg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 360ms
258ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a96943f017b7beb122eeb6abb570011&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7858f9cdb8d57d114ddfe1b8b1bf2fb1cb962b09ffbf14117395718b687e5feb

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 220ms
117ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a9691ee017b7beb0dadeb6c19610017&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5dedc56ab9029909e302db6e624ddf189ecbe9dfaa7b391ffc9802e5efb763a1

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
298 B 175ms
73ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a96943f017b7beb122eeb6cda1c0012&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e333cd45a1cc54aa487242f5fa22524c40628cb71682e0157df1e5cb8746c839

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 212ms
110ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a969db2017b7beb0a3eeb6d8ef1000b&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 206cc01d39ec263447839c0c2e06e8037404b89ccb2f3fc31e8515f7ebac22b3

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 200ms
99ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a969db2017b7beb0a3eeb6ec9d0000c&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 288078fd37d9c04b87aa775fdf8f2b6f728e53785d78668854c7f74e34c45d10

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 216ms
115ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a96943f017b7beb122eeb6abb570011&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a7486c80cde5ca6467b32be4438fb371601d85fbead37dce64863b20fb95ac97

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 210ms
109ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a9691ee017b7beb0dadeb6c19610017&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d7729db4f32ff18533067b40b7d9f4bd16cab226296f5b8638aabe8a924661fb

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 174ms
74ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a96943f017b7beb122eeb6cda1c0012&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 42d3420244c373945742fa726270f7c42c8d52643a8469cf260a38ba8bb626db

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 242ms
142ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a969db2017b7beb0a3eeb6d8ef1000b&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b8b8a5b4e651f81eb136d15dc905961f47730745e0f367dcadc7945b0a097a36

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
117 B 208ms
108ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a969db2017b7beb0a3eeb6ec9d0000c&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 6fa5d41b61570dbbbdbcb4d0067a816d5b5587de2d5c28b193a8c7d2ecc052c3

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 418ms
318ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a96943f017b7beb122eeb6abb570011&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1b127d5d88ed2d2ee494622c7519bade3e8d0f496820a4ca7e42b2cd4cad1fd1

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 255ms
156ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a9691ee017b7beb0dadeb6c19610017&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7e625da4f5876505cbab2de21b5d66ea76428e7c3d086b838bb10e4f5d1d92db

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 210ms
111ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a96943f017b7beb122eeb6cda1c0012&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5630db910948ffc3c50d59f9f3da5f503478fd57a210c06a15a911f2336250f9

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 253ms
154ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a969db2017b7beb0a3eeb6d8ef1000b&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8760d901f9ed3668c62403cb01e7d9d1cc5e68a547f97d666eaa2ae6565f8746

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 208ms
109ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969db2017b7beb0a3eeb67c27c0009&pos=8a969db2017b7beb0a3eeb6ec9d0000c&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 38ce932e35f7ddf4139e0bbdceac457428218895ddead4d602e40285b88f3197

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.candyindustry.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
368 B 153ms
39ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.candyindustry.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
169 B 144ms
57ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.candyindustry.com
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:19 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/307824/ Frame F963 2 KB
1 KB 39ms
39ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.candyindustry.com
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 93f790d10f15bff5a8f5bbadb86f888e879e4110d5dd90a665cd1e62e47f3824

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:01:13 GMT
server: nginx
etag: W/"632da009-854"
content-type: application/json
access-control-allow-origin: https://p.getadcdn.com
expires: Sun, 25 Sep 2022 19:04:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

POST auction
rtb.adxpremium.services/openrtb2/ Frame F963 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F963 19 B
706 B 137ms
48ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:18 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b56be2b1-306f-48df-97f9-786100937897
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.getadcdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame F963 15 B
361 B 149ms
65ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://p.getadcdn.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F963 0
176 B 195ms
45ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.getadcdn.com
date: Fri, 23 Sep 2022 19:04:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame F963 15 B
361 B 144ms
64ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://p.getadcdn.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F963 0
176 B 187ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.getadcdn.com
date: Fri, 23 Sep 2022 19:04:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST auction
rtb.adxpremium.services/openrtb2/ Frame F963 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F963 139 B
827 B 132ms
47ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

24088662e3785ba11660c1bc655b83671acc60f7806936b5129386b009584327

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:18 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c81b53a0-52e0-4ca6-93d4-b3791fca1655
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.getadcdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 148ms
38ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://p.getadcdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://p.getadcdn.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Fri, 23 Sep 2022 19:04:18 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F963 0
216 B 121ms
49ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=89294217046

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 19:04:18 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://p.getadcdn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame F963 15 B
361 B 144ms
73ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://p.getadcdn.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F963 0
408 B 144ms
65ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://p.getadcdn.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST auction
rtb.adxpremium.services/openrtb2/ Frame F963 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F963 139 B
827 B 127ms
43ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

48ceb59fe37dc5d095119ea66c68c3ab87ae6a0feb267d3f6cb45ad95ad7c3e0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:18 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 82cdf285-0748-414b-a2ed-3448d687bc03
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://p.getadcdn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F963 0
176 B 175ms
42ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.getadcdn.com
date: Fri, 23 Sep 2022 19:04:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 75 B
277 B 203ms
202ms XHR
application/json 52.40.56.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json
Requested by: Host: id.hadron.ad.gt
URL: https://id.hadron.ad.gt/api/v1/hadronid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.40.56.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-56-16.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: b0f9ee26598f590e7d508f7b17d01b9b2313b782a2ee83cef5a7891f91cc849a

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:19 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.0
vary: Origin
content-type: application/json

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 602ms
201ms Preflight
application/json 52.40.56.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.40.56.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-56-16.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin
Access-Control-Request-Method: GET
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-origin
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.candyindustry.com
content-encoding: gzip
content-type: application/json
date: Fri, 23 Sep 2022 19:04:19 GMT
server: nginx/1.20.0
vary: Origin

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 96ms
96ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cc9052965c1a75318774031b48e1bc3939ba74795922e85b4556520e7d5a296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11114
x-xss-protection: 0

GET
H/1.1 200
OK selectize.js Show response
www.candyindustry.com/javascripts/app/vendor/ 45 KB
16 KB 251ms
251ms Script
application/javascript 208.91.60.92
AS-NSI-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.candyindustry.com/javascripts/app/vendor/selectize.js

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.92 , United States, ASN14244 (AS-NSI-GLOBAL, US),

Reverse DNS

candyindustry.com

Software

nginx /

Resource Hash

04af08c0dc8b3419b345988392ac21f9a1befaa0549535fb322229ed59370a5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:18 GMT
Content-Encoding: gzip
Age: 865
X-Cache: HIT
Connection: keep-alive
Content-Length: 15745
Last-Modified: Tue, 20 Sep 2022 05:25:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"63294ebc-b30b"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

HEAD
H2 200 gpt.js
www.googletagservices.com/tag/js/ 0
0 146ms
46ms Fetch
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1343 / 387 of 1000 / last-modified: 1663931382"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Sep 2022 19:04:19 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 157ms
57ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:04:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1A98 13 KB
5 KB 116ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 12:14:40 GMT
expires: Sat, 23 Sep 2023 12:14:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F8F8 783 B
534 B 49ms
48ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41fbfd38f600f83aff395e71b21409affeafb463d0144527c8863168f47fa7eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3mMRJiuJK8-4s5QCokcSdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-3mMRJiuJK8-4s5QCokcSdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:19 GMT
expires: Fri, 23 Sep 2022 19:04:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F8F8 0
0 186ms
82ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091901&jk=3124115330225343&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A98 36 KB
16 KB 86ms
51ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 02:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15943
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 02:16:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1A98 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oqzxHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H/1.1 200 p
olytics.omeda.com/olytics/segments/ Frame 0
0 904ms
143ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Fri, 23 Sep 2022 19:04:20 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

OPTIONS
H/1.1 200 /
olytics.omeda.com/olytics/segments/form/check/ Frame 0
0 901ms
141ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/form/check/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Fri, 23 Sep 2022 19:04:19 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

POST
H/1.1 200 p Show response
olytics.omeda.com/olytics/segments/ 545 B
886 B 330ms
329ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

1991b8c5b632369679baf9f0ec6696c8f963de9d7ce9e1b51925ee3b0dd979cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 19:04:20 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 / Show response
olytics.omeda.com/olytics/segments/form/check/ 20 B
360 B 142ms
141ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/form/check/

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

ab64560cf10e232d83b783805d267b1675aa728828db773daefe5936e0e4ed67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 19:04:19 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 cswitch Show response
olytics.omeda.com/olytics/segments/ 143 B
483 B 159ms
158ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/cswitch

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

d0eee55418887f0682aeed3e618bfee0be7e0b29f87dc2883ad20522b2f8f236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 19:04:20 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 cswitch
olytics.omeda.com/olytics/segments/ Frame 0
0 904ms
140ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/cswitch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Fri, 23 Sep 2022 19:04:19 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

POST
H/1.1 204
No Content multitracking Show response
ghb.hbmp.mediafuse.com/adunit/ 0
232 B 92ms
92ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/adunit/multitracking
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x462211/hbw_master_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.candyindustry.com
Date: Fri, 23 Sep 2022 19:04:18 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H/1.1 204
No Content mut Show response
ghb.adtelligent.com/adunit/ Frame F963 0
225 B 46ms
45ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/mut
Requested by: Host: p.getadcdn.com
URL: https://p.getadcdn.com/prebidlink/y19258/hbw_master_307825_11601.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://p.getadcdn.com
Date: Fri, 23 Sep 2022 19:04:18 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
87ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091901&jk=3124115330225343&bg=!hIelh8PNAAYIxsuQKMY7ACkAdvg8WptUAAi5RpIuLTzhTl2TpCWw6sc2Kk11JN71z16Cu1m0IgFxNgIAAABkUgAAAAZoAQcKAOz5HdSGpulWNI3SYbeq9yF1NtiFkRjXQZDT2jddN3_kAHfBhQscmQ_Ho_F1ow59J6pq74h4ZfK3J-GanJi-jixtCR_-1Um7f_k3dm_G0nBHDvtklzQ_z7-lMkuHyArHY4TOQMp7LGbiWb1pgY8n9gYBn13-DockhXHbmQBAHKP2ZHsmINnOos8-yMCUB7UaUmrIIZfL8bj1WRC4wQzKoRjHpmvzqkfY7neuj9YSrWA9Ze4CjdiCBS3zM8NWGyM38m0yFgth0uaTWyjPJ6lo3Yp4GdftQiY-6AbtXeoFrSikccMlV8KkNpcaOjn7d5kCqmfVWEOomheuGASiPs84Rxe-koog-AkVFABRCRqcwrailQ2rbixVnZNo2OCmuXjSfRGPIYAU8kdHKXeNkr9Zq9iybrRoHWHtr91JblhfCJQ4NwYNUAMXYXfV0HdDhF4NlwBYy1fqbqnBpjfkvdAWBne1IDfhL671L8vJ6oysHO4rWM7LmA8pe6MZKebVsdEjYei2BhyP8x8RKkj5o92vTsibqsOKPaHri09_buDVK1zKbOmPwU9EXJkuK_hE8S_W-BE0fg-xuU6RBjJBQo4bcwE_LrGByJKfW94AFC6bPK5DNXh05WpKpZ9m5_rk9ZVIGZn1m5c9Ua63M5VT_pRLv3zVQKee3-RjGvmGZU2Iey31WBWSGohbqHHVkkeEt7Qrs__Ku5JOBTV8MLUlRfyIc5syfy2ljZsSbrvMkw7c2IVhHmuGUMkNK--vDPS2bs3UGlNWxACu5s8e33IcSVrKYskMwcsKssPHsgKMyvT_2kq-6Wz65mfIZ8459R7eaz3DbVnBjJK46X9adqcDP2POwFBZm19F-uqIkVjkDvn0IEA9geCbcK2XQ99cMBX9ZsY_ahx5Um48yy_oS8NweAxlEDN1MZnI1ZVjJJ9LqfN81b1fH6lQDBLUO9Qv3bFaGYnVHLwSeTW8XrcGbtDibQK5QhJXp6dukUrLBe2BCcuTWTJMUXkbSXMFeFTH0RXLUa33LH8jLM4wcB1XRjA7Bc9IuezVUmbw_TfUDstSEXKrFwv0sBu70sA2uq0IRovODrfrluA2wAhhD4YOOi6M8gdBxHxv0gItYnGyUV_fkg303-XJGEgU81huWOdpMbktBjTlX3fH9Crjmv_iXjEOMLjV91KGt8FVIPF0FC4JBAMort79Oke6HYSJsGe-S-ouf6URTsyg6DUlS-3ypcw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.candyindustry.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.candyindustry.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
15 KB 196ms
196ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124115330225343&correlator=3109696577921782&eid=31069635%2C44761477&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fifs&iu_parts=52040140%2Ccan%2Cweb%2Csubpage%2Cleaderboard%2Csidebar-sky%2Csidebar-mrect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=970x90%7C728x90%7C970x250%2C160x600%7C300x600%2C300x250&ifi=3&adks=360523173%2C3200812578%2C1350470413&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=page_type%3Ddefault%26reg_user%3Dfalse%26page_name%3Dgdpr_policy%26subscribed_user%3Dfalse&sc=1&cookie=ID%3D89dc51e2f48c45db%3AT%3D1663959858%3AS%3DALNI_MaK5_cndUHpewlMb7IV4qRO2iLfeQ&abxe=1&dt=1663959860773&lmt=1663959860&dlt=1663959854170&idt=2529&adxs=215%2C1055%2C1055&adys=293%2C423%2C1540&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.candyindustry.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828&frm=20&vis=1&psz=1200x90%7C300x3212%7C300x3212&msz=1170x90%7C300x600%7C300x250&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=383833372.1663959856&ga_sid=1663959858&ga_hid=1275415690&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b85c430942bff48d66becc537c42aa71281542efa603ae2c1b1e12a44c85ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15172
x-xss-protection: 0
google-lineitem-id: 6094810313,6078599252,6078599252
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138401821940,138400316083,138400315210
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.candyindustry.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame F963 87 KB
28 KB 399ms
111ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.getadcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 24 Sep 2022 19:04:21 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 324ms
47ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 24 Sep 2022 19:04:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 03E3 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:31:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03E3 140 KB
44 KB 123ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:04:21 GMT

GET
H3 200 14762592563016639507
tpc.googlesyndication.com/simgad/ Frame 03E3 47 KB
47 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14762592563016639507

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2048247d5c91dae36c9cb2aaf981d98b9895785a69e78bb1af6ed396331784c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 06:37:20 GMT
x-content-type-options: nosniff
age: 304021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47937
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 13:10:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Sep 2023 06:37:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 03E3 0
0 44ms
44ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUnhsDP0MV1klSBmIv1h-GLFYemUZ0LriWFr2e96vV8DYPfa3yga5_pQiaZTDomQlaH7W2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 7D93 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:31:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D93 140 KB
44 KB 149ms
82ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:04:21 GMT

GET
H3 200 14405965549364360887
tpc.googlesyndication.com/simgad/ Frame 7D93 46 KB
46 KB 53ms
52ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14405965549364360887

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f295d206ebfa541be470c825866da389e552f20b041fb824b0f9090456170f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 17:02:44 GMT
x-content-type-options: nosniff
age: 439297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47247
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 19:54:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Sep 2023 17:02:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7D93 0
0 45ms
45ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5sgrmwxuDNHXA_cDL8b8kh_KOgdY74cFneUJq3uzMkVD8gNtyWN0wDb58BfgCFaOvjPho
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 6EF3 3 KB
1 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:31:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6EF3 140 KB
44 KB 153ms
96ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 19:04:21 GMT

GET
H3 200 2868321361652661872
tpc.googlesyndication.com/simgad/ Frame 6EF3 25 KB
25 KB 57ms
57ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2868321361652661872

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e507f733f0010702c28dfb968233d48f0a17b0d3f14f06205ae75feeb21f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 09:36:20 GMT
x-content-type-options: nosniff
age: 379681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26076
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 18:51:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 09:36:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6EF3 0
0 44ms
44ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJ3KdPip7xpGegSS4CXNUe5gEi1gZHP0j2S6lXHQ2Hf0tM7CyGh3jyJV5sii0hnG-UTI0w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 03E3 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40ca905168d2da944d045d248da78facf0f2c597bf82c53f7982d20a0858a84f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7D93 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed1e8704154807de181351712d7db80a049f5988db0aa73ff410f6a5145532c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6EF3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4238dfa932c28dc48e170de6fe6a1bd514a637f7a77383d4c3afb5e4f7573326

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 03E3 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHe4F8wbln0pHX9IoCcpwjFiRKoaL_E2090N0Dew8Pn0XBhJVkBUkdqJJYfiMBEwXOHvWPY508OmB1XUICJvbSgdu7lx-fDW0b1RpEe2RLturw6v9IdOHGmY_2UUwMEy-FrhM9JaU6vt4CHPhmeq6ToVhyJ8w-Pi4WKrtuIMVmZM00C2V5EJoYxFwDU7YKQxwtbB3bv8CWzZMemytCz3KDwhb4k3By3GWFifA17cZHApLJMt1MwASdHOVyE7qDxIkdv8X0NiNLdjDYmZf8YAhUxzTtv1W2KWRjbPwAr337Zh6fhZZjohw4sxcrCbEu15MhJvRy6tHcK6b8x5TAcKkEwV3Wmik&sai=AMfl-YRZIe41kRRAF-s7b6smT8DRWjAI2kotqTFEaxuj--7DPVx9QsqyPC6IgrOL5a-ZPEmSv_dw62p2OIvEYG5yCmOKMcCDn1a4FrHZl_qwuubl9MM-4p2jChepU27jcew&sig=Cg0ArKJSzOqptV8gwEaVEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7D93 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssggLkZW0sNXxVbzaRtPrN2S4A4csKpeI_zwp35qVI-swSN7pI4CXWRP4K_FmIyFhyzu1JkHSiTzLTe8aFlyOUfSROT5FZP6HoNMxMrcLXF4HgBCo1iuWOn1Nlh_mqpgxClPgan1wd_LVahZUKbXNPpvsDdRWWbUSgxpC6HENIvBlqDmR7P_7HG78-ytwsH0wGS_jkGfJUdcrGOjkgsDLR1HTp80MCphCGfLurasKAGDZYf7WFmQhOOQ-5Nl4glXYxRVfJTmtqQPQ8bVHHpBkPH7pi8jaae2_aItoWJGqkcxgcPSkYknWOG-FJAXj_Ct0-myxwDtgjB54yfg7aiY742xwfUTUIDUn2VL60ZFEPlGwSSk07Jhw&sai=AMfl-YR7nS8xkw5BRyXuMwjOWe5_3YroXn19oQCIhho5Tv2IhLA1Tlu-RV7rZgTKNb_qdjkKHgX4pcPHpkWuDb6iuQfZxmKzCK5Zztbx6TXhNA1KF2BRH-d73Og4O1bIwuE&sig=Cg0ArKJSzJxkWse6tCJ5EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6EF3 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTkd3LZum4VJii9pPp8azwgqnkxJDMymtRdc8kPuiDfZyf8VDUniTz0UC6FWKOccNbLK57BezlOogORBTqdnQjp4ujEkWwLy4ZLBAreRJDv90Nk_EvmDdh7LBlO7yoEy0aamu6gL_ax8RDJguKe4wufDvQReUsy9NDAWjXv4XKYBqSPKdHr7ppR9yDwletNqiQvVLGmxeaAzNOU2_gTSPGiDh2dqV0mGsa4mhfz_SKlxy97noR8LyQJkBJ7sB9w4bZ3zgkfUSBGLQ2qeECBtHw06bWnG-DsOBr8_VasidYMkoFaDWggWBa9KHgp3JFoTx2Z2dvFhMZax7GeQQFH3Z-XG6TT32zz6t0suPimCHCSdMSHxgY-Iw3&sai=AMfl-YQik2JHJBANvGShdK-iAAfzZM0UeQQm3Q-yW-wYcxawdoRK4vY2gBhB0M9ru5E00FTHk1svBatTDV8yL31Z7E05MWKfXdgQpkO6ki8geobP7JZrYWIWsk2q_Ndsl-A&sig=Cg0ArKJSzNYSMO08QdVlEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.candyindustry.com
URL: https://www.candyindustry.com/gdpr-policy?url=https%3A%2F%2Fwww.candyindustry.com%2Fext%2Fresources%2Feveryday%2F2020%2Fplma-logo_web-2.jpg%3F1611768828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CA8D 15 KB
6 KB 148ms
48ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.candyindustry.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 842642
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 236ms
141ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:21 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 24 Sep 2022 19:04:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 03E3 0
0 74ms
73ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-fOiODiJnmfqQ48SLBIrcCUXbDvxjk0mH9uyxxRSTNf7uel8ZXT_ede8DJGLthH6YD43HXIT0-WruahoknD9vnBayPA9CMuQJ_AtpacrxtsN_FMHTDbwbg_uqy1dEr7Gbvto4cXRcWsQnOJMasAHD0ycDau8k0jA_TKVfJaYIqmyPICtFupL9M-YWhgIq1YyHzeEb7aDMKjkfN_lJcgSSf7h2Ql4Am8o4_lJ7fHrivdzcO7Mt9POGM1cDxNU3cC2J5ftsjU5rD4-cArFlNFjwMQ2cfy7BY2tDJNlsLk7qzt4vViy_io__sTbWLO34G9OB-vs9sQA0neXvMZ6_NbJyMZ6H2NCzNw&sai=AMfl-YSEOq-XL0GvNE5-Yn2alQZ6Kdd3ZZ9UOXLqxmRTwdykUFo8t5fVN4QFFDN_cSyan8jU9RgV-0XFdO92Z6dw8bKUI8e2cmsCwo12VNQKsdC1zHW7iOmnNMwZO5Yog-Y&sig=Cg0ArKJSzIRU1zwCe4y6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 23 Sep 2022 19:04:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7D93 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvinWAcZUWVA05ksvy_v5x9wdAu4sydeanQ6tAB_J7IlGxscSvHeXJCmGc4yG1LCJi8yaR0sfp3v9yW7SM_vwzWBFrjUV35oNmYmbtFJBw9Mawm2oLpZFAFgY3ulI9XeJzb9-Tu1ThrPkb0gzOOeWp2pgJqphICuUr7K46PytCY_MAQFTIRP3RshUQCyQil3MbQZn3OKAR-LGl8T_MmhgYGvbnqK8cbftm7ZgClpGZbOBDPhwRyA1XLVDLMg8aXanImRw6KpzclOM9GKYyH0ywpGtDU6AvK-UEsAe9vt2beEVKLbYV1aRnPg7Y0DMBzwA7yWBMsPenEK9PY1vNrQ6KybB8JY8Ja0HHwhQ&sai=AMfl-YSPuqJrvjgHprw4x5V2h5FJ2augVSH2uLl8oMtTJKK0xYeIhaUDnoH9E5NhswDBQtj-fh1z4rhLzcTrX5YpWgTvKumC1mOdK0WH1QPsEWKQ8eGQGj1Irjbhh3ObFC8&sig=Cg0ArKJSzAd-QkEVs4F-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 23 Sep 2022 19:04:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6EF3 0
0 74ms
73ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiMvUl8OJJlrYFn75C6VP6WwHEKIarm00d4fhiw7VdQKnI7QUDUesbF9MUGQ4gtT1W2WzD0LutHO3YF1iwLBc0Lyz56q9U8Pu0sWkmhOW7TL_Ry3Y7hrW04pHqyAGNaHJ8X3X36PfRh8w8NVxr7KF2DnW8mTwN2ItCuA970XxwaLYa_4msHzz1zKuH2ountLRjScRGYhYuo5UlbmTVNVRro2US_GCHU0if_G1PS1tB2s8tVZeiWa_TkLalSO0V9yfNsGEjt2X-hei6Pc0VcH2oAoH7qqOlZOPKcjKs9B6COtW68Q2iAWtjWsDUj0On9NlpF61wkONobRbvCnXc0TQoIdBMNEYhFoQ6vqph&sai=AMfl-YT5b2O1h3BhzUnB0pyFkLd3YdzzPZ71eMHg6Fxi7UnrWoA35PMuWHdjw4OkRKhUAsBX8-TbcFnE-Nf2C_-3mXWQC0jNm776oWdLaq4N50WQolf9DrnHb9Y6mUwPTsg&sig=Cg0ArKJSzLkJZ-udwIxVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:04:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 23 Sep 2022 19:04:21 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1449 15 KB
6 KB 71ms
52ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.candyindustry.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://p.getadcdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:04:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 951058
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame F963 88 KB
29 KB 66ms
50ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.getadcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:21 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 24 Sep 2022 19:04:21 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CA8D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=candyindustry.com&sn=ChromeSyncframe&so=0&topUrl=www.candyindustry.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=auWusXxGR2IvMXQ3U0FVOEpVNko2U09vODBYbWxyK1ZhVU95Y2RmWnU2NEJsbEVwaDNDbFY0OW9aUW1TZERwQnRzUExXV3orcnRibjBGeWZiQ09aaFhaOE8wQnkxTC9mZ2x3OUhWZXhwWXpTSVVjTXJpNFh1L1RKdWQ0NH...

446 B
668 B

243ms
51ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=auWusXxGR2IvMXQ3U0FVOEpVNko2U09vODBYbWxyK1ZhVU95Y2RmWnU2NEJsbEVwaDNDbFY0OW9aUW1TZERwQnRzUExXV3orcnRibjBGeWZiQ09aaFhaOE8wQnkxTC9mZ2x3OUhWZXhwWXpTSVVjTXJpNFh1L1RKdWQ0NHF2bjB6U0xDbjBROEF1MkRIRVlBdlh5d05Ta3dTUEs2cnhkZGE1VGlNRnEvU3ZHYVcvOGd3OVMrM3lGeUxKSGpOaWMwRzZjR01rM3J3UWJWcWcxL0dpQ1pHUGp2RUZJU3JhZS8xSm1LMlJDU2ZDMlVzK29WRDNKUXEzY0RReFJRVklZN04vYnBOSTczdVdsakIvWUJjQWZkWHZXNTgwK295akFYbEhJcWE4dlR3bWlqT3hYST18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f33c5ec90995b8aa94cd0f0f0fdb9be01a74cd5884b7a59c08a055d4ac77d3d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2419219
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:20 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=auWusXxGR2IvMXQ3U0FVOEpVNko2U09vODBYbWxyK1ZhVU95Y2RmWnU2NEJsbEVwaDNDbFY0OW9aUW1TZERwQnRzUExXV3orcnRibjBGeWZiQ09aaFhaOE8wQnkxTC9mZ2x3OUhWZXhwWXpTSVVjTXJpNFh1L1RKdWQ0NHF2bjB6U0xDbjBROEF1MkRIRVlBdlh5d05Ta3dTUEs2cnhkZGE1VGlNRnEvU3ZHYVcvOGd3OVMrM3lGeUxKSGpOaWMwRzZjR01rM3J3UWJWcWcxL0dpQ1pHUGp2RUZJU3JhZS8xSm1LMlJDU2ZDMlVzK29WRDNKUXEzY0RReFJRVklZN04vYnBOSTczdVdsakIvWUJjQWZkWHZXNTgwK295akFYbEhJcWE4dlR3bWlqT3hYST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 473144
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1449
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=p.getadcdn.com&sn=ChromeSyncframe&so=0&topUrl=www.candyindustry.com&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=XXTCE3xMRmpMMVJZQjNWc3JCcU1HNDc1REYzbkU4VUFETWU4TTNzdk5uZUs0UHZ0M2VmWW5GZFd6bEl5cHMwRjZzUGN6Y1VRdExQd3JqcnJGSFQyRW1NbVR6Q29iSkZNalVFeFU4eGNHN29LSmx2STZBK1NHeTgyb0JBUm...

444 B
669 B

237ms
50ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XXTCE3xMRmpMMVJZQjNWc3JCcU1HNDc1REYzbkU4VUFETWU4TTNzdk5uZUs0UHZ0M2VmWW5GZFd6bEl5cHMwRjZzUGN6Y1VRdExQd3JqcnJGSFQyRW1NbVR6Q29iSkZNalVFeFU4eGNHN29LSmx2STZBK1NHeTgyb0JBUm54QUpKRkI0Vmd6NnBNY21PNVBQanUzRVNsT1FQY1hGVzdIOHBVQkxlVG11MEFzaWVrdVlueElvdXRGbFNVS1VzbnphVWc1UmdHUElaTmhlU21VdUM5aW1md05zS0ZwVmlxVEhMOEtCblBUSGpRa1FnM1VzYm1PQ1FhTWhrT0RlVWtpay9DQlhwTnM5UXB3blVIcklJUGxiZ3dTMjhhYmx2UzZmNVVMWUU1ak5ucGhvYlFpTT18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ad3118a6ad8f91a55ea90ea11f36d1db21e48be0af5a64c56c9c33d67f4a92dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1833092
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:20 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=XXTCE3xMRmpMMVJZQjNWc3JCcU1HNDc1REYzbkU4VUFETWU4TTNzdk5uZUs0UHZ0M2VmWW5GZFd6bEl5cHMwRjZzUGN6Y1VRdExQd3JqcnJGSFQyRW1NbVR6Q29iSkZNalVFeFU4eGNHN29LSmx2STZBK1NHeTgyb0JBUm54QUpKRkI0Vmd6NnBNY21PNVBQanUzRVNsT1FQY1hGVzdIOHBVQkxlVG11MEFzaWVrdVlueElvdXRGbFNVS1VzbnphVWc1UmdHUElaTmhlU21VdUM5aW1md05zS0ZwVmlxVEhMOEtCblBUSGpRa1FnM1VzYm1PQ1FhTWhrT0RlVWtpay9DQlhwTnM5UXB3blVIcklJUGxiZ3dTMjhhYmx2UzZmNVVMWUU1ak5ucGhvYlFpTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 657272
content-length: 0
expires: 0

POST
H/1.1 204
No Content multitracking Show response
ghb.hbmp.mediafuse.com/adunit/ 0
232 B 47ms
46ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/adunit/multitracking
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x462211/hbw_master_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.candyindustry.com
Date: Fri, 23 Sep 2022 19:04:20 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H/1.1 204
No Content mut Show response
ghb.adtelligent.com/adunit/ Frame F963 0
225 B 47ms
46ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/mut
Requested by: Host: p.getadcdn.com
URL: https://p.getadcdn.com/prebidlink/y19258/hbw_master_307825_11601.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://p.getadcdn.com
Date: Fri, 23 Sep 2022 19:04:20 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D93 42 B
64 B 188ms
84ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB9_1dIz9_nOo_TMu3VkDDhObzpyNyUvSJmRAo9-nmLY8tXRiSGJ77lxSgQo8x8qN_KvFvubo_pxW-ljYdomXKcubd1uh0wzcraGD4NpfW0IJzJHoe&sig=Cg0ArKJSzEuLVSu2gdN8EAE&id=lidar2&mcvt=1000&p=403,1055,1003,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3200812578&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663959861000&rpt=236&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 03E3 42 B
64 B 186ms
85ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHjDPuV4GYyL6cjoVerP0afvsFDR8-oFvKBEBMo0kUfGvdifiFwizvHKjxnQ02SCc2Dub4BUym2V7Tcp0vFl9WYZLWnHYkzViWpatr6t0sk3xf1ani&sig=Cg0ArKJSzJD7FxDzKWreEAE&id=lidar2&mcvt=1003&p=293,315,383,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220921&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=360523173&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663959860987&rpt=229&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 125ms
41ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.getadcdn.com%2F&domain=p.getadcdn.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://p.getadcdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://p.getadcdn.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 23 Sep 2022 19:04:22 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 541142
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame F963
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.getadcdn.com%2F&domain=p.getadcdn.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=ynR5HXxNbVphUUxxOGVLeTdlYnlEVmwyMEwyVkdleEdWNzE2OGdrdHNNMUw4TkJCMFNKcjRmRWN5NlQ5QUljWWhZa205YngvNGxMMFJvN25KUjdGakEwd3IwbWNjbW5MdG5ZV2tkQjBDT3kyUTBCOWNqeFBpZnlwTDRlaz...

431 B
702 B

51ms
51ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ynR5HXxNbVphUUxxOGVLeTdlYnlEVmwyMEwyVkdleEdWNzE2OGdrdHNNMUw4TkJCMFNKcjRmRWN5NlQ5QUljWWhZa205YngvNGxMMFJvN25KUjdGakEwd3IwbWNjbW5MdG5ZV2tkQjBDT3kyUTBCOWNqeFBpZnlwTDRlazJNdGNaOWRmSnVSUmtGR1dwTXR5VU9kRFljaXVpOHV1aWlNcEp2N2tTSTRFdnhxVXVSSFJOUU9hb3hKOSt6Lzc3ODVsTy9yazhoeXYzZmJTdld2ZUljZmoxVjJ2Z1dBZDk2TzBVQTFRY21PWG9tQWwrRXlMWHpNS215dEZqYTEyejk4ditEWVIxNUtIRXNGNWRDU1lDNkZBeSs3VVNpMDk2clZ5eWtBN3AxM2VOT2ZZUmNJWT18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

161c700e5b37a5c3a475cb6d4766d3650b3093b0014d966fe431f5ef31df4cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.getadcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1875336
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ynR5HXxNbVphUUxxOGVLeTdlYnlEVmwyMEwyVkdleEdWNzE2OGdrdHNNMUw4TkJCMFNKcjRmRWN5NlQ5QUljWWhZa205YngvNGxMMFJvN25KUjdGakEwd3IwbWNjbW5MdG5ZV2tkQjBDT3kyUTBCOWNqeFBpZnlwTDRlazJNdGNaOWRmSnVSUmtGR1dwTXR5VU9kRFljaXVpOHV1aWlNcEp2N2tTSTRFdnhxVXVSSFJOUU9hb3hKOSt6Lzc3ODVsTy9yazhoeXYzZmJTdld2ZUljZmoxVjJ2Z1dBZDk2TzBVQTFRY21PWG9tQWwrRXlMWHpNS215dEZqYTEyejk4ditEWVIxNUtIRXNGNWRDU1lDNkZBeSs3VVNpMDk2clZ5eWtBN3AxM2VOT2ZZUmNJWT18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://p.getadcdn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 497597
content-length: 0
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ Frame F963 216 B
624 B 145ms
51ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19259/hb_307825_11601.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

ff2fe2af5913c58c605eb00467d0841d245bb603884917e7a9dd50324f027d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://p.getadcdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://p.getadcdn.com
date: Fri, 23 Sep 2022 19:04:23 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 120ms
42ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.candyindustry.com%2F&domain=www.candyindustry.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.candyindustry.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.candyindustry.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 23 Sep 2022 19:04:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 530646
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.candyindustry.com%2F&domain=www.candyindustry.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=e79GjnxJVzh1cDltUGtMS0ErOWZVT0pnbjI1Sko1MHNxZWIxMU5NRTlGRU4yUGxlTzRrb2xVc3NENFBzRFhYYTd0TUh2UWU4L1l5VXhJeGVXMmxVVDUySjFvZ3VCSG9xYjRhMnJ0SEsxY0V5MzlFbFJydjB2QXAzVUtNMn...

445 B
712 B

61ms
60ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=e79GjnxJVzh1cDltUGtMS0ErOWZVT0pnbjI1Sko1MHNxZWIxMU5NRTlGRU4yUGxlTzRrb2xVc3NENFBzRFhYYTd0TUh2UWU4L1l5VXhJeGVXMmxVVDUySjFvZ3VCSG9xYjRhMnJ0SEsxY0V5MzlFbFJydjB2QXAzVUtNMnFmZkplMjJXUk1uWGljUU1LbjYySlAzWFlwZ0lVV3V5WmRUZjNOY3FDN2pJcDR3cHlreVpHanlCSDlwTHpZaGh0aTFrY1NWZkZCU1cwSjlMS1NuZEdXUzJ3MHVlL1Fpb3NVSTV2OG1qRkJONkJHbkdqRkVXRU5VTEVDODRwSlBxNDkzTjhBU1RZR055ZElrZjFlWG9ZSVlzVVU4dWJGaXFXa1dxSWsycFJ4OUs0dzZvcndaYz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bacad537b154c5da931ec81e52d57de4eec824f825079680f15f4c45a4715c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candyindustry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 9017783
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=e79GjnxJVzh1cDltUGtMS0ErOWZVT0pnbjI1Sko1MHNxZWIxMU5NRTlGRU4yUGxlTzRrb2xVc3NENFBzRFhYYTd0TUh2UWU4L1l5VXhJeGVXMmxVVDUySjFvZ3VCSG9xYjRhMnJ0SEsxY0V5MzlFbFJydjB2QXAzVUtNMnFmZkplMjJXUk1uWGljUU1LbjYySlAzWFlwZ0lVV3V5WmRUZjNOY3FDN2pJcDR3cHlreVpHanlCSDlwTHpZaGh0aTFrY1NWZkZCU1cwSjlMS1NuZEdXUzJ3MHVlL1Fpb3NVSTV2OG1qRkJONkJHbkdqRkVXRU5VTEVDODRwSlBxNDkzTjhBU1RZR055ZElrZjFlWG9ZSVlzVVU4dWJGaXFXa1dxSWsycFJ4OUs0dzZvcndaYz18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.candyindustry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 648639
content-length: 0
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
631 B 140ms
52ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

f84847380ede8fe85cf9a555753dd434b5682f25a59141923e36ed53895dd272

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.candyindustry.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.candyindustry.com
date: Fri, 23 Sep 2022 19:04:23 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame C429 668 B
732 B 56ms
50ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b2baca21c751c8040e5eb86a89c119eea10e6339b9618ca33f825e65c18f3e69

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 419
content-type: text/html
date: Fri, 23 Sep 2022 19:04:23 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 1007 23 KB
8 KB 145ms
58ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2I9ST&prvid=2034%2C173%2C294%2C251%2C175%2C178%2C255%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C337%2C338%2C70%2C97%2C55%2C99%2C77%2C2022%2C3012%2C182%2C3010%2C141%2C186%2C222%2C244%2C201%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eba5252e44d7ff6d98b2266a558dc852552afe0edb7cf3558add35bfc64e00ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8246
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:04:23 GMT
expires: Sun, 25 Sep 2022 19:04:23 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 204 /
onetag-sys.com/usync/ Frame EA3F 0
0 38ms
38ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1663959858977&gdpr=0

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8B19 15 KB
6 KB 180ms
49ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75783
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:04:23 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 24 Sep 2022 16:07:26 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7E97 52 KB
17 KB 157ms
37ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 37830
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 23 Sep 2022 19:04:23 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 286766, 590455
X-Served-By: cache-lga21959-LGA, cache-hhn4037-HHN
X-Timer: S1663959864.898607,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E7B1 281 B
573 B 139ms
38ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Sep 2022 19:04:23 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F01E 15 KB
6 KB 183ms
56ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75783
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:04:23 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 24 Sep 2022 16:07:26 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 60FA 9 KB
3 KB 134ms
37ms Document
text/html 2600:9000:223c:d800:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d800:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67532
content-encoding: gzip
content-type: text/html
date: Fri, 23 Sep 2022 00:18:52 GMT
etag: W/"690b8831dd941a438fb4bc8230f5d150"
last-modified: Thu, 23 Jun 2022 12:50:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-id: biUfXbMLOLs3emKRr0whZ9aljPoFy0v_s5hFs8QS6t43Kgi4xNcPQw==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-version-id: p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache: Hit from cloudfront

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6910 3 KB
2 KB 156ms
37ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/x19258/hb_302826_5902.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.candyindustry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Sep 2022 19:04:23 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame C429
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=81a2632e-0338-4100-a0fd-aa37e6fbf271

43 B
61 B

47ms
46ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=81a2632e-0338-4100-a0fd-aa37e6fbf271
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 23 Sep 2022 19:04:24 GMT
Server: MT3 4505 5b23575 master hkg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=81a2632e-0338-4100-a0fd-aa37e6fbf271
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 23 Sep 2022 19:04:23 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C429
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=JhWAWiAVgQg9QIAJcUCfCyIThw89FNRacUfM8QLy

43 B
106 B

50ms
50ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=JhWAWiAVgQg9QIAJcUCfCyIThw89FNRacUfM8QLy
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=JhWAWiAVgQg9QIAJcUCfCyIThw89FNRacUfM8QLy
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame C429
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1108591201733623016

43 B
61 B

107ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1108591201733623016
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1108591201733623016
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame C429 70 B
264 B 83ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=8b633b60-1a2b-7917-dd63-2bb45fd1c272&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C429 170 B
502 B 148ms
48ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTcwY2U4YWEtZDM1Yy0yN2IzLWM4ODMtNzEwZDk1MzMwYzEy

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C429
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAbPPpGhs_poKyURXJCNTuU&google_cver=1

43 B
114 B

47ms
47ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAbPPpGhs_poKyURXJCNTuU&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAbPPpGhs_poKyURXJCNTuU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E7B1 31 KB
10 KB 38ms
37ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24780
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9421
Expires: Sat, 24 Sep 2022 01:57:23 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 144ms
48ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 23 Sep 2022 19:04:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 462215
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 143ms
47ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 23 Sep 2022 19:04:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 381834
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame E377
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
1 KB

94ms
57ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f96fab70e75481e484be282764977e637ff941c40910065468a9322e06e04de6

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74f58bbf2f15bbbb-FRA
content-encoding: br
content-type: text/html
date: Fri, 23 Sep 2022 19:04:24 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FJzRzb664%2B4FFw1nBQ3s2h1TplpCfsp10xswmDFwymtaMwtes5SfkMeQQHW0BHjnn35ofg6pRJeZJXK1DJu3lUDltgZFFjeSiRzqF9DKeCIcXpVTjVe73YG7XeXgcsarXjLOI56cl8DSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74f58bbe89389267-FRA
content-length: 0
date: Fri, 23 Sep 2022 19:04:24 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaEmwywaIjU8O7qkPT%2BGJgd7vGzmpe1tw%2FrId3zhMEICimQlG7MCm8JAc1s9hxvxIcMor4IZ7Bd9S4T1bbyLGOtCvQ4dtveJ5RWMFdYh%2FD5pXJpVhXitcmgsd6HJETYJF7m6zhczZjJA6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B669
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
573 B

43ms
42ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Sep 2022 19:04:24 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 23 Sep 2022 19:04:24 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 60FA 43 B
687 B 43ms
42ms Image
image/gif 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:23 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 18650287-b2e0-4e73-92d0-ae2dfcf7d53f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 60FA 43 B
131 B 66ms
50ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 60FA
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-drEKiG5E2uF6CVb8iYYEnuxci3ap2asX~A

0
233 B

283ms
131ms

Image
text/plain

18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-drEKiG5E2uF6CVb8iYYEnuxci3ap2asX~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:23 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: 0LrvMqQQU1C-uFX1C6PG512u46R0vskzScOew_YyApuKVkopPtHsYw==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-drEKiG5E2uF6CVb8iYYEnuxci3ap2asX~A
date: Fri, 23 Sep 2022 19:04:24 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 60FA 70 B
264 B 58ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 60FA 0
239 B 182ms
40ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1 400
Bad Request undertone
cs.admanmedia.com/sync/ Frame 60FA 20 B
20 B 379ms
117ms Image
text/plain 80.77.87.162
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 60FA 0
42 B 302ms
40ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:24 GMT
content-length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 60FA 0
191 B 197ms
46ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:23 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 60FA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yvJHLYNE2uEx0Fbw1OdJ9Yjoz_lEY7s2MmUDb7g-~A

0
359 B

301ms
130ms

Image
text/plain

18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yvJHLYNE2uEx0Fbw1OdJ9Yjoz_lEY7s2MmUDb7g-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:24 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: BaNIQJzy9L7SOHVjG-WWZKVD-Y-ltMPZeOqthcMJmmE-uIoyWPoQvw==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yvJHLYNE2uEx0Fbw1OdJ9Yjoz_lEY7s2MmUDb7g-~A
date: Fri, 23 Sep 2022 19:04:24 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 t.gif
cw.addthis.com/ Frame 60FA 0
427 B 246ms
222ms Image
text/plain 2.20.72.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=46&pdid=b65efc6a217f49fc84f7979f51241964
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.72.124 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-72-124.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 23 Sep 2022 19:04:24 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 60FA
Redirect Chain

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=asontlnljbj3s5izoq5bhzvxg
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=asontlnljbj3s5izoq5bhzvxg

42 B
942 B

57ms
57ms

Image
image/gif

34.242.116.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=asontlnljbj3s5izoq5bhzvxg

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=

Protocol

HTTP/1.1

Server

34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-116-160.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v042-047f0d9dd.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: m/QaJe3HR90=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v042-0b550ec94.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jH049JuJTKk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=asontlnljbj3s5izoq5bhzvxg
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 15597
tags.bluekai.com/site/ Frame 60FA 62 B
434 B 316ms
207ms Image
image/gif 2.18.168.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/15597?id=asontlnljbj3s5izoq5bhzvxg
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.168.242 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:24 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2 451 403716.gif
idsync.rlcdn.com/ Frame 60FA 0
98 B 157ms
46ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/403716.gif?partner_uid=asontlnljbj3s5izoq5bhzvxg
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 60FA 0
338 B 201ms
53ms Image
text/plain 79.125.33.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=asontlnljbj3s5izoq5bhzvxg
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.33.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-33-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:24 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1663959864
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 7E97
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
813 B

44ms
44ms

Script
text/html

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:24 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0b6ecba8-25e2-4c02-b812-0814ffc3ed7d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:24 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a6e96d1f-79f1-40d1-a3d1-536e224072c6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 4338
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

105ms
64ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275ceb93c9f6eba65add6f3110e6a35491f6de506ac1c8fb50b5d8596760c9f2

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74f58bbf2f12bbbb-FRA
content-encoding: br
content-type: text/html
date: Fri, 23 Sep 2022 19:04:24 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHx2FoMHzuemw3RBFyOEOCU3XJ2SFN%2BxBrLBA2T8dKyukd7a6BUrRCrFuO8Z1DprXGNXc3L%2BKYuCnrKbOrkt65lI37QCOKfxEeuQGqNwC0blVSXsYeeSwFK9ZVjKml1bX8DH2nWtfge7QA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74f58bbe893c9267-FRA
content-length: 0
date: Fri, 23 Sep 2022 19:04:24 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bpyvLKpoTnHpmHLBb6tT1kfIaDy6eIg8GH%2BWQs6t%2F7bO58CpJJEviBSnbFtoi61Q1wu4NrC9Q94228SEKY5Tf%2BICI1jBlvLyE8jW27JnuUE5pynyMUzBvTK1kIEDN78RhOeBba0rrdlrw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8B19 0
42 B 317ms
45ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86569108&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:24 GMT
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E7B1 70 B
264 B 59ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E7B1
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/cJe_uU3Ygtvad8lwX-G-X8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6598955516285035331

0
239 B

40ms
39ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6598955516285035331
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Fri, 23 Sep 2022 19:04:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6598955516285035331
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E7B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPb94tIl5Ic0AT_yLlR4KdE&google_cver=1

0
239 B

42ms
40ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPb94tIl5Ic0AT_yLlR4KdE&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPb94tIl5Ic0AT_yLlR4KdE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7B1
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFVVFLQjgtMVctRVY0OA==&gdpr=0

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFVVFLQjgtMVctRVY0OA==&gdpr=0

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFVVFLQjgtMVctRVY0OA==&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E7B1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lwmS6bxiSr2z971Ls-cI5A&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lwmS6bxiSr2z971Ls-cI5A&gdpr=0

43 B
479 B

62ms
61ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lwmS6bxiSr2z971Ls-cI5A&gdpr=0

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 853W0XA29F9NYKNCPH93
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lwmS6bxiSr2z971Ls-cI5A&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E7B1
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EUQKB8-1W-EV48&gdpr=0

0
708 B

242ms
157ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EUQKB8-1W-EV48&gdpr=0
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5C8F49ADFBC940DFA4D35940376B41A2 Ref B: FRAEDGE1109 Ref C: 2022-09-23T19:04:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpXNijuwdSbgtDQ4Uv5Q==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EUQKB8-1W-EV48&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7B1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRlOTE4ZjcwYTI0YmY4Y2JhNGEwYTJjZjg1NTEwYzBiYTYyYmUwZA&gdpr=0

170 B
188 B

57ms
56ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRlOTE4ZjcwYTI0YmY4Y2JhNGEwYTJjZjg1NTEwYzBiYTYyYmUwZA&gdpr=0

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRlOTE4ZjcwYTI0YmY4Y2JhNGEwYTJjZjg1NTEwYzBiYTYyYmUwZA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E7B1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=k0kX0LySQYOTze2U7PVGhg&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=k0kX0LySQYOTze2U7PVGhg&gdpr=0

43 B
479 B

149ms
131ms

Image
image/gif

52.46.155.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=k0kX0LySQYOTze2U7PVGhg&gdpr=0

Protocol

HTTP/1.1

Server

52.46.155.104 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 7HJ3MF6N36MQJ9Y2WN3R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=k0kX0LySQYOTze2U7PVGhg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B669 31 KB
10 KB 41ms
41ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:04:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24779
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9421
Expires: Sat, 24 Sep 2022 01:57:23 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame B669 0
239 B 40ms
40ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=L8EUQKB8-1W-EV48
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E377
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB&dcc=t

43 B
855 B

261ms
140ms

Image
image/gif

52.46.155.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: XK8DYV2D10XS2EQK77SC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: K8HNDNB0Y8HGD8GMF455
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E377
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy4DOAKc9ifQEdetEb4mXQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEnjcKmv3xZawUJ4iBYWZ9E&google_cver=1

43 B
842 B

90ms
90ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEnjcKmv3xZawUJ4iBYWZ9E&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc0ecce9bb3-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3khmEmzJCTpOeC6tI%2FVIs0Ep0TNhQIQQYwg4SreKhc4H6WLsnXUKq3CexNlHEDIGeM8NNiZ8v81e%2BSwQ6hAYtLbwj2IItleMmSLLU4q%2BM9szbnnOd8LycOLOOj0fE66o9JSj9x1tLF4bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEnjcKmv3xZawUJ4iBYWZ9E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E377 70 B
264 B 58ms
54ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame E377
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAkrbJ-_tWIMitTH4vmE_1w&google_cver=1

43 B
841 B

57ms
57ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAkrbJ-_tWIMitTH4vmE_1w&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bbff8b4bbbb-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5LqaAT5SrhD%2BHDqxPYyIQ3O2Vhvs3SoM3zbQYbT1pNl0DLQP1%2FSaoeGkX64AInGvktTRoUCIKge1CmDTvjS93fSst92RGkSUkg25ZJx7844dUd5mNoyPOpiJQfmL2ANvAlpW0rjtkn8OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAkrbJ-_tWIMitTH4vmE_1w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E377
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB

43 B
601 B

185ms
59ms

Image
image/gif

2a05:d018:d29:3601:ebd:fba0:5325:a4e6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Server

2a05:d018:d29:3601:ebd:fba0:5325:a4e6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB
date: Fri, 23 Sep 2022 19:04:24 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E377
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4808211311686009560

43 B
878 B

107ms
73ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4808211311686009560
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc0dcc69bb3-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwjn%2BTMM6sed3VIu4chcxuDP90BSSxl8FL9QtsOM3cInCzCGgx6YhMG18sNX7T10dAM%2Bux9skkGn67cW%2F4BZclP2VHMTawZtkC9P08yPZoR2%2BCFSiEjfSAoVRWJDWa8jdMiu20eqVDwR1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:24 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f5689c1a-ee72-42cd-8029-e603d717ef5e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4808211311686009560
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E377
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Uqo7oJra1OBNYk5

43 B
844 B

72ms
71ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Uqo7oJra1OBNYk5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc12d999bb3-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yrg2DgBmGDtpeuv5S3RCJQI%2Bis%2BtAA5039yplj7bjAQ%2FQl1Sbrbdr6ZdbsVKZbMnn63IEHoF%2FkeSoV0OwG8jLOA8uTA3rcEJchyFWiUTc5OPtEvDeVT%2FCb1oQETuT9NQu3CIJQUuFhUpyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:23 GMT
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0db4e5e2a65977bf5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Uqo7oJra1OBNYk5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E377
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322323187493404

43 B
844 B

71ms
71ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322323187493404
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc1df299bb3-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWQlgljqQFLt%2BPwRZNrdt0RAb6wdxt54LPHvN2CLBPDWcVQPbeYpKlH7ZHgnuuGjK3oousiwF2i4hmaSA%2FplllO3%2BRLh1O8WehEvDHmpl94%2BQuP6yUREEsgv6qbnmnIT5oAKn%2FSIUh1zzg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322323187493404
Date: Fri, 23 Sep 2022 19:04:24 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sync
usr.undertone.com/userPixel/ Frame E377 0
348 B 238ms
129ms Image
text/plain 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:04:24 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: -gv0LDclT_2-vHlXOk89uk_vemrKad77gyUwAK8p2223D33FvVstpA==

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4338 70 B
264 B 58ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 4338
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4DOAKc9ifQEdetEb4mXQAABH4AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAkrbJ-_tWIMitTH4vmE_1w&google_cver=1

43 B
843 B

52ms
52ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAkrbJ-_tWIMitTH4vmE_1w&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bbff8bcbbbb-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2Fvni7f5V2iWyioEbDB%2FvvhJCp0Kj8WdxCUhXW6vlRMoCFX6rW%2FvF3pbttISPVB2YOoBWK8Zd84VMmTZddXzlOI1Po8t7Qkl3gJ4FolN0fz7uCnxwnQp2N6QxwoFDrMVm9E9GDrlA1HMtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAkrbJ-_tWIMitTH4vmE_1w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4338
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOAKc9ifQEdetEb4mXQAABH4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOAKc9ifQEdetEb4mXQAABH4AAAAB&dcc=t

43 B
855 B

159ms
139ms

Image
image/gif

52.46.155.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOAKc9ifQEdetEb4mXQAABH4AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 12C9XM2V05HJNC5QK4Y3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: Q3YC4HM0VJE4BF55Z0MS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4DOAKc9ifQEdetEb4mXQAABH4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4338
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy4DOAKc9ifQEdetEb4mXQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEnjcKmv3xZawUJ4iBYWZ9E&google_cver=1

43 B
842 B

79ms
79ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEnjcKmv3xZawUJ4iBYWZ9E&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc0dcc89bb3-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UU%2BomepXGhNbcy8eXe6pnG%2FipWcjOZrVlfRqABKqfXTuD3DPpLx1quGiwWniHFX%2BfNp3r76Bj0NwGj6khUp7zpNnnoKl1NsYovlIzlvyWmxSvCzrG0hF864EzJDDKPeDdf7kkQdKN3U2Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEnjcKmv3xZawUJ4iBYWZ9E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4338
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Uqo7oJra1OBNYk5

43 B
847 B

64ms
64ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Uqo7oJra1OBNYk5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc12d9d9bb3-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBX79cnTBLQj6gScJGeq%2By16M88JgNPpyrmEC%2BB2CMBsqkqZEiA9HGUinFZj%2FtUje%2Fkggz44B7cFBE3VQYp47oHM1hkg49KSQ4alr%2FnuNYCpA%2FthOErE75ufOtgzhcXLySCe%2B7V9ltdunw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:23 GMT
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Uqo7oJra1OBNYk5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum.casalemedia.com/ Frame 4338
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664046264

43 B
869 B

178ms
66ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664046264
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc27bb368f2-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnN51Zon26U6ZdhlpMzsGsGxypuL61f19eB7XpZxoWTALyYLdmxunFspk%2Ba7GCvuG6bUP3Qs9gkQmnc3p7ceOVrCjTTEuheWnj%2F7wejE7t8rZ2dtsWlZe7SiRTJnNDFTQxYno%2FpI"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664046264
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4338
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0c020316-ab1a-42c1-9f7b-4e9a845d192a

43 B
848 B

133ms
88ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0c020316-ab1a-42c1-9f7b-4e9a845d192a
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc0dcc29bb3-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2%2BlPiX1MO%2FIAaRJjLLQv%2FJx4oX6COAcnrKuZBixGZvG19QHcrJ40lyIBNalS9MaOyPM4e%2F4WLFJDCTIxYdpjV%2FxIwebK%2B5R1OB6Lzv2JhGr9GlnXll9ZUYErRcXvAH4sZX1bUH4MmMzTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0c020316-ab1a-42c1-9f7b-4e9a845d192a
date: Fri, 23 Sep 2022 19:04:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4338
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EF42CBEC28B64BB1BB2998FA381B607F

43 B
843 B

153ms
114ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EF42CBEC28B64BB1BB2998FA381B607F
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc0dcc59bb3-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Al6guWoFxMqDpfHHF7o0Ye3Sl5r1vED4%2BWjrCNehXYIkgLXZNs10YowMXSHkHHVAt%2FADycqfSMJtf1HGCcHLKgNfIHq6rX155W0mc4zLotk69yb%2BS6konVPie7Y%2BODIrydTRdmplLygDSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 23 Sep 2022 19:04:24 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EF42CBEC28B64BB1BB2998FA381B607F
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 22 Sep 2022 19:04:24 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 4338 43 B
351 B 156ms
45ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yy4DOAKc9ifQEdetEb4mXQAA%261150
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.candyindustry.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f58bc06ffbbbc2-FRA
date: Fri, 23 Sep 2022 19:04:24 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 127
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Fri, 23 Sep 2022 23:04:24 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7E97 0
741 B 45ms
44ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:04:25 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 84bd0ee0-ef69-472f-88b2-dd4198aed9e3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: rtb.adxpremium.services
URL: https://rtb.adxpremium.services/openrtb2/auction

Domain: rtb.adxpremium.services
URL: https://rtb.adxpremium.services/openrtb2/auction

Domain: rtb.adxpremium.services
URL: https://rtb.adxpremium.services/openrtb2/auction

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.candyindustry.com/	1969-12-31 23:59:59	Name: cart.item_count Value: 0
www.candyindustry.com/	1969-12-31 23:59:59	Name: _utz_jpvc Value: BAhJIgYwBjoGRVQ%3D--18dac92f2706cd66a07ba4086b93c202b63481f4
.candyindustry.com/	1970-01-20 14:58:15	Name: role Value: BAhJIgpndWVzdAY6BkVU--55a4e1a3932ea5951f318483e674d189f863bd5f
www.candyindustry.com/	1970-01-20 14:58:15	Name: hallmark_session Value: BAh7CjoKZW1haWwwOg5maXJzdG5hbWUwOg1sYXN0bmFtZTA6CmxldmVsMDoPb2x5X2VuY19pZDA%3D--8e25a6d81c6431843f5a6ec2762beffe9b4d2693
www.candyindustry.com/	1969-12-31 23:59:59	Name: user_ip_covered Value: false
www.candyindustry.com/	1969-12-31 23:59:59	Name: last_viewed_path Value: %2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.candyindustry.com%252Fext%252Fresources%252Feveryday%252F2020%252Fplma-logo_web-2.jpg%253F1611768828
www.candyindustry.com/	1969-12-31 23:59:59	Name: _candyindustry_session Value: BAh7CkkiD3Nlc3Npb25faWQGOgZFVEkiJThiMGIzNjA2MTRmZmYxOGY4OTRkMTM0M2MwYzkzN2JhBjsAVEkiGWhhc19oYWxsbWFya19zZXNzaW9uBjsARlRJIghrZXkGOwBGSSIpNjQzOTI0MjItNGRmYS00YzAxLTk4YzMtMTljMmU5M2I2NThkBjsARkkiD3VwZGF0ZWRfYXQGOwBGSXU6CVRpbWUN86IewLG73BAJOgl6b25lSSIIVVRDBjsARjoNbmFub19udW1pAhYDOg1uYW5vX2RlbmkGOg1zdWJtaWNybyIGeUkiEF9jc3JmX3Rva2VuBjsARkkiMVFTczhweUlQa01hUG1aekVsS1pzZWJKNVhQM0JtOVR3Z1ppQ25VeFg3T1U9BjsARg%3D%3D--b1789311bc69533bf236b60fc357398f9765f755
www.candyindustry.com/	1970-01-20 15:41:27	Name: __atuvc Value: 1%7C38
www.candyindustry.com/	1970-01-20 06:12:41	Name: __atuvs Value: 632e032f61bb0039000
.addthis.com/	1970-01-20 15:41:27	Name: uvc Value: 1%7C38
.candyindustry.com/	1970-01-20 15:48:39	Name: _ga Value: GA1.2.383833372.1663959856
.candyindustry.com/	1970-01-20 06:14:06	Name: _gid Value: GA1.2.535521149.1663959856
.candyindustry.com/	1970-01-20 06:12:39	Name: _gat_UA-2806739-12 Value: 1
.addthis.com/	1970-01-20 15:41:27	Name: loc Value: MDAwMDBFVURFU04yMzExMTkyNzAwODAwMDBDSA==
.doubleclick.net/	1970-01-20 15:34:15	Name: IDE Value: AHWqTUkP1CkDb9Uh1DlG6brgb-J-c9byX1krAmvJGNsiXOvOEWi5e7DlWhh-vmau-HQ
www.candyindustry.com/	1969-12-31 23:59:59	Name: epubAfterMenu Value: true
a4p.adpartner.pro/	1970-01-20 07:39:03	Name: apuid Value: f69be05f-a27f-44d7-82d7-84e4a2c78b73
.adtelligent.com/	1970-01-20 07:41:56	Name: vmuid Value: 84deb345be02d918
.adtelligent.com/	1970-01-20 07:41:56	Name: a307558 Value: f69be05f-a27f-44d7-82d7-84e4a2c78b73
www.candyindustry.com/	1970-01-20 06:55:51	Name: _pbjs_userid_consent_data Value: 2024371239917068
.candyindustry.com/	1970-01-20 14:58:15	Name: _pubcid Value: 58cf0439-b3ac-46e0-87b5-e35c3bf6f18f
.candyindustry.com/	1970-01-20 15:34:15	Name: __gads Value: ID=89dc51e2f48c45db:T=1663959858:S=ALNI_MaK5_cndUHpewlMb7IV4qRO2iLfeQ
.candyindustry.com/	1970-01-20 14:58:15	Name: oly_fire_id Value: 2783B0247467A6L
.candyindustry.com/	1970-01-20 14:58:15	Name: oly_anon_id Value: e1fbe5f5-533a-4a4c-ab7e-66c95ed17872
.prebid.a-mo.net/	1970-01-20 14:58:15	Name: __amc Value: 1_1663959858_1663959858
.360yield.com/	1970-01-20 08:22:15	Name: tuuid_lu Value: 1663959859
.360yield.com/	1970-01-20 08:22:15	Name: tuuid Value: cb05c3fb-ec35-4cca-80cd-f0398abb49ba
.undertone.com/	1970-01-20 14:58:15	Name: UTID Value: b65efc6a217f49fc84f7979f51241964
.undertone.com/	1970-01-20 14:58:15	Name: UTID_ENC Value: asontlnljbj3s5izoq5bhzvxg
.openx.net/	1970-01-20 14:58:15	Name: i Value: 58cf0439-b3ac-46e0-87b5-e35c3bf6f18f\|1663959858
.rubiconproject.com/	1970-01-20 14:58:15	Name: khaos Value: L8EUQKB8-1W-EV48
.rubiconproject.com/	1970-01-20 14:58:15	Name: audit Value: 1\|naVuGyos1qrvfsN/PvV3/ANb0fGVcfL/XWaA1sYWTLHCRi4Lg8bJK4xICtwrCWqOJFqY58AY6YZdR8HGUVikR+pxoFhi3t4JKTko5zrvng6BBghva7Xw9g==
.go.sonobi.com/	1970-01-20 06:55:51	Name: __uis Value: e7f672e7-a592-4b4f-8ec1-7d5fcab83464
.go.sonobi.com/	1970-01-20 06:14:06	Name: _usd_candyindustry.com Value: 04f2c885-d8ba-4c4e-8fbf-5c4ad13dc5af
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8A Value: s85136\|Yy4Ad
.criteo.com/	1970-01-20 15:34:15	Name: uid Value: 03de6520-4ffc-4ca7-8104-585ea9c9b78c
.openx.net/	1970-01-20 06:34:15	Name: pd Value: v2\|1663959863\|gekin0vNiygu
.ads.pubmatic.com/	1970-01-20 06:14:06	Name: KCCH Value: YES
.quantserve.com/	1970-01-20 08:22:15	Name: d Value: ELgBDAGVJ4qsMA
.quantserve.com/	1970-01-20 15:42:54	Name: mc Value: 632e0337-f26af-42550-2feaa
.adform.net/	1970-01-20 06:55:28	Name: C Value: 1
.adform.net/	1970-01-20 07:39:03	Name: uid Value: 1108591201733623016
.adnxs.com/	1970-01-20 08:22:15	Name: uuid2 Value: 4808211311686009560
.casalemedia.com/	1970-01-20 08:22:15	Name: CMPS Value: 1200
.candyindustry.com/	1970-01-20 15:34:15	Name: cto_bundle Value: gLzAb183b3RQUG1MOGJjSTAlMkJSSDFlRXpLMEV0YmV1MDZmOThzZkVqMmlEMlVIUFFicjBsRU1JRFN6UzlqVHVzbk1uVjdram5yZ05MYUdsTDFxJTJCYUNNUmo1Qko5QkNEaDNuUEtCT2pKZDh5JTJGV2F2QzY1a1VOcGdNd0I0SmtNJTJCNVVMY3FackFMUVdxTWlIMnB0ekJmYnlFRnYyZyUzRCUzRA
.candyindustry.com/	1970-01-20 15:34:15	Name: cto_bidid Value: AcQmjF9ycTdudGpEMiUyRnhrTzlsWTVaSkVTbjkwR3ZsSmxUdEgwNTNSSWRrV1owajgzVEwlMkJJcXdqeGFmbTFaNU1xTGRsaXJEeDQ5dkVIQ0RpTkwzSmhOMDNyb0ZVS2NYRUVwckhRWUJ5a0s4bXFGZzZzZ1dsaExZQ1N6SFFYQjB2aFJ6aXA
.addthis.com/	1970-01-20 15:34:15	Name: ouid Value: 632e03380001cd0d955b9f96fe299d44552405af0a98b20cfb42
.addthis.com/	1970-01-20 15:34:15	Name: uid Value: 632e03384e862e52
.addthis.com/	1970-01-20 15:34:15	Name: na_id Value: 2022092319042408800175337930
.yahoo.com/	1970-01-20 14:58:37	Name: A3 Value: d=AQABBDgDLmMCEMR_p_vzmMzRkHoxb7bGVxcFEgEBAQFUL2M3YwAAAAAA_eMAAA&S=AQAAAi3RqwtaFXa-la4lhpgaK1c
.casalemedia.com/	1970-01-20 14:58:15	Name: CMID Value: Yy4DOAKc9ifQEdetEb4mXQAA
.casalemedia.com/	1970-01-20 08:22:15	Name: CMPRO Value: 1150
.demdex.net/	1970-01-20 10:31:51	Name: demdex Value: 86318874195270217343802990933068367426
.analytics.yahoo.com/	1970-01-20 14:58:15	Name: IDSYNC Value: "18z9~27bv:175w~27bv"
.dpm.demdex.net/	1970-01-20 10:31:51	Name: dpm Value: 86318874195270217343802990933068367426
.krxd.net/	1970-01-20 10:31:51	Name: _kuid_ Value: PGMFL439
.simpli.fi/	1970-01-20 14:59:42	Name: suid Value: EF42CBEC28B64BB1BB2998FA381B607F
.w55c.net/	1970-01-20 15:41:27	Name: wfivefivec Value: Uqo7oJra1OBNYk5
.undertone.com/	1970-01-20 14:58:36	Name: UID_EXT_57 Value: Yy4DOHRGuYEkMirk9xvwQAAABLAAAAAB
.undertone.com/	1970-01-20 14:58:36	Name: UID_EXT_56 Value: y-yvJHLYNE2uEx0Fbw1OdJ9Yjoz_lEY7s2MmUDb7g-~A
.w55c.net/	1970-01-20 06:55:51	Name: matchcasale Value: 5
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:58:15	Name: bcookie Value: "v=2&8fa7691d-2e51-4bbf-878a-be6a81b4a4a6"
.linkedin.com/	1970-01-20 10:31:51	Name: li_gc Value: MTswOzE2NjM5NTk4NjQ7MjswMjGhAZumB12l6eB+FVTLxKmNx6PBgpJxOzeYtcTyXm5YHw==
.linkedin.com/	1970-01-20 06:14:06	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2695:u=1:x=1:i=1663959864:t=1664046264:v=2:sig=AQFfagFMPKgRO1VKKBJcQjpyIcKDEzBj"
.amazon-adsystem.com/	1970-01-20 15:48:39	Name: ad-privacy Value: 0
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2Mja0MDexNDYxMBHiM9T1zQsLznU0M3Yv9fYHAD_1_lMlAAAA
.rfihub.com/	1970-01-20 15:34:15	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmZsaWppYWZiam4KAGA0I9gQAAAA
.rfihub.com/	1970-01-20 15:34:15	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2Mja0MDexNDYxMBHiM9T1zQsLznU0M3Yv9fYHAD_1_lMlAAAA
.casalemedia.com/	1970-01-20 08:22:15	Name: CMTS Value: 1208
.amazon-adsystem.com/	1970-01-20 10:46:15	Name: ad-id Value: Aws4KvuKyE3Zjr6SChXzPrI\|t

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/403716.gif?partner_uid=asontlnljbj3s5izoq5bhzvxg Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5120040.fls.doubleclick.net
a.ad.gt
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
adx.adform.net
apex.go.sonobi.com
api.fouanalytics.com
beacon.krxd.net
bidder.criteo.com
btlr.sharethrough.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.indexww.com
cdn.undertone.com
cf-images.us-east-1.prod.boltdns.net
cm.g.doubleclick.net
contextual.media.net
cs.admanmedia.com
cw.addthis.com
d1eoo1tco6rr5e.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
edge.api.brightcove.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fb459d357ed2995bc03e8368aa7eb22d.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb.hbmp.mediafuse.com
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
insight.adsrvr.org
js-sec.indexww.com
m.addthis.com
match.adsrvr.org
ml314.com
mug.criteo.com
olytics.omeda.com
onetag-sys.com
oqs.omeda.com
p.getadcdn.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
player.adtelligent.com
player.hbmp.mediafuse.com
player.mediafuse.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.media.net
px.ads.linkedin.com
rtb.adxpremium.services
s.amazon-adsystem.com
s7.addthis.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
sync.adtelligent.com
sync.mathtag.com
tags.bluekai.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
v1.addthisedge.com
www.candyindustry.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
rtb.adxpremium.services
s7.addthis.com
103.229.206.241
104.18.18.126
104.18.19.126
142.250.185.66
142.251.39.70
147.75.85.234
151.101.129.108
151.101.2.27
162.19.138.118
169.50.137.184
172.64.137.32
178.250.0.157
178.250.2.131
18.156.156.238
18.157.93.190
18.64.103.68
18.66.123.144
18.66.97.18
184.51.9.34
185.184.10.30
185.184.8.90
185.64.189.112
185.64.190.78
185.89.211.12
185.89.211.84
193.0.160.129
198.47.127.18
2.18.168.242
2.18.235.93
2.18.69.141
2.20.72.124
204.180.130.159
204.180.130.165
208.91.60.92
213.19.147.42
23.205.235.133
23.35.236.247
23.75.240.210
2600:9000:223c:d800:1f:2473:9080:93a1
2602:803:c003:200::61
2606:4700::6812:d4c
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:800::2004
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::200e
2a00:1450:400d:80c::200a
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:ebd:fba0:5325:a4e6
2a0c:5c81:5142::2
3.126.56.137
3.66.143.217
34.107.148.139
34.111.234.236
34.242.116.160
34.95.81.168
34.98.64.218
35.157.246.167
35.244.174.68
35.84.93.102
37.157.3.30
37.157.4.23
45.133.44.3
45.133.44.4
51.75.86.98
51.83.220.94
52.222.149.91
52.223.40.198
52.28.203.152
52.40.56.16
52.46.155.104
52.95.125.22
54.194.233.195
62.149.1.122
63.33.112.133
66.155.71.25
69.166.1.14
69.173.144.138
69.173.144.139
79.125.33.106
80.77.87.162
00fba0f0699a539ababcbfdbf562c25e809dbf5a78c02d5f7db18e691ae61785
01be27fd789b6415f3f639dfc0912da7d6376de1786280de55e73acda4b47989
04af08c0dc8b3419b345988392ac21f9a1befaa0549535fb322229ed59370a5a
0508a40d1540b2002570f0da01d0520aec55db7f7ce92c08dd53d701c8b9fa64
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
084ad72c56179326ac3f118964f5067663cd3e99353c41d0a2269c474a662fbe
08853164eedfa60c07f77bb8d7162d0c8724eb87fde8333ed00876c9cba315ae
08f9e8e286ed0564d725061f60574e3e76f098f89751d0aad0de98301da6d857
09c11d6e17eaddde5d9ab2f6a1b7ab5ca64560725300ba3289683d35d7cfb486
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d63b07cee205cb37fa26cd0768764c2207c1e8eb9a2f194df10f303192f665f
0e397ea22e0577c3bce108ff5cf728a8b798eaaa81f32a2f32b4ce6c55507e5e
1009e21403771b1ebcbcd107fce78f1aa6977d3bd4a0bb253f7d234f72463d32
104ca99c1d8681ef31502560237df84f64c0da7af7c48667c2d77292237a2ee8
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
138e9ed120b0a34831505b7bfb7ceb4c9c4147558f842837983255336a1b7fe6
15aebc88e2d40791aafa03407088d4a5cc9839ab402bc482e9a76622b1adca84
15f295d206ebfa541be470c825866da389e552f20b041fb824b0f9090456170f
161c700e5b37a5c3a475cb6d4766d3650b3093b0014d966fe431f5ef31df4cf7
17d9be910edf270f5a65d075e0e14c01fe022593834f700aa209cbb32827f4b0
1991b8c5b632369679baf9f0ec6696c8f963de9d7ce9e1b51925ee3b0dd979cd
1b127d5d88ed2d2ee494622c7519bade3e8d0f496820a4ca7e42b2cd4cad1fd1
1b17fabd30fdc3f3f961c667108d58f8f1929690b6842eab7286cc4540d2a560
1b49b835e21947c163e3585f3cf641542c6608c2671b9acb5e9ddbfa8c933bc2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2048247d5c91dae36c9cb2aaf981d98b9895785a69e78bb1af6ed396331784c3
206cc01d39ec263447839c0c2e06e8037404b89ccb2f3fc31e8515f7ebac22b3
20e507f733f0010702c28dfb968233d48f0a17b0d3f14f06205ae75feeb21f74
226675e8891a1c486ce8621c7405f75463bab9b0b4467ceabd014decea2b8d59
24088662e3785ba11660c1bc655b83671acc60f7806936b5129386b009584327
275ceb93c9f6eba65add6f3110e6a35491f6de506ac1c8fb50b5d8596760c9f2
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
288078fd37d9c04b87aa775fdf8f2b6f728e53785d78668854c7f74e34c45d10
296c963015eaf5e94a3af8b3b77d996d7df158dca6a0d30689714a4f3de5ac21
2abfa4d9a9da05a8f41d5b1979fe3ce754b058bcc04d498224d13870130a1618
2bc6eea677abe87360c1511c8088db2da6bd32b90d5943746ae2f1bc7909b89b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edaa30d4700e9c64439fd90cba328cf7eeb1177cbf7b7e26520266bb75d724d
30517efadbecceb4631d5e922ca3af071c51a671dcb9e7d75c818165b1034ba9
31d7a86266ba3fbaea29718b1261abcd93ef1e56faeb5d4069f94e9e90dc9cda
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
325375b991cc322df108069eeaf019461dec1abe4fa8397ebd6cb62b0ffd56e0
33c453b4d5ac93638542995f61f958e8d5a5d084308bb7c38faf3690328fc918
353c29529b467e7e8efa556d7c03ae568f0771dbcde742b9b13999e725e3a3a5
35cec44b5cd7bfaf8c9cec5b5d49affb89aa8aee4baf8d82cd0f575ed5fd81a2
375f8594a1eea3979e37ed1a4e61f2239c57ca767a019cdff65d4af52b98ce79
38ce932e35f7ddf4139e0bbdceac457428218895ddead4d602e40285b88f3197
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e26ec3e47b10ffe85115534ae4c998b312945eff6bb8ca1f139570c54973569
3f2d8877e2ff84854fa6ca7769bd070296adf7d21a8c0fc8856a54f97be536d8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402459ba2ba22075416d1aa09518df58ab0138095ff2d304ada984264a9d4bd3
40ca905168d2da944d045d248da78facf0f2c597bf82c53f7982d20a0858a84f
40f5cdbf03fecd94cb67cc94fe16426fa068a9270eb68adff1c0877b9e388adc
41fbfd38f600f83aff395e71b21409affeafb463d0144527c8863168f47fa7eb
4238dfa932c28dc48e170de6fe6a1bd514a637f7a77383d4c3afb5e4f7573326
42d3420244c373945742fa726270f7c42c8d52643a8469cf260a38ba8bb626db
46ea47f183c2b382fa98d006e62a523b60bf0c1fd7e79a7d9eeec8854f247114
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ceb59fe37dc5d095119ea66c68c3ab87ae6a0feb267d3f6cb45ad95ad7c3e0
4ad28745a8f1273676d94167bdfd9b99b9edbc260dac63b458977612ab11a3ad
4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b85c430942bff48d66becc537c42aa71281542efa603ae2c1b1e12a44c85ad8
4b8985f4d14549d9b4f926bcd5e7834c70eeea6462c8557981bb61acb35bc545
4ccceb7b511135298557dddf9eeb52cbad47d1e90878c043a50fdb2d1e31fb62
4d7dac78bb9d3c9cf45f04214426ae3b6549da2f4236adceebdf3c9ad592e8f6
4dad7543ce7e0d43663c42300d4f6bce21025680bcb2096eefcf5376fc0554c2
4dd2c080c446c1f37ccd43a687fb824c9a53a5fac513e9c1703be1a279920863
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fda3ee207f446d23c68553d5cc01858cdaab99c03aa6aa9dc5d5de5568f34fe
51a6794329327253ee301e7e82e47cf39d9c1d5d7ba0f3de7a32ebfefb801889
5298b8c236032f5861c80c5e03f103c4463c055c499277f2fe3adeaf12999ee2
52aba7c806ca9e6af714856641bf87ebb2a715ef06200f6fb94085546320a8e7
5509c3a58f35dea68008aedb1c48e46782b214a5f9f3f0b1f0f8456ab3499f4b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5630db910948ffc3c50d59f9f3da5f503478fd57a210c06a15a911f2336250f9
5687b089ad967f96d68c56553b5b3d248056d8113db5011e8002707606e7d74d
56a6583f8ccf7c2b6e5caa9f07ac6a88844811ab535164a359dd9ddc8969cd4c
59aa4a2e8bd5605bfec48b4f02b0a7ca522c2cd2a137dff4c5c4933d737287a2
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aea0d1d89aba77c45ee34479a9668ca395cf3c10855b71ab6cfe9ec513901bb
5d5390021b664527475db46a22c7b5ef3f8de17386eadb46315978aa5c90954e
5dedc56ab9029909e302db6e624ddf189ecbe9dfaa7b391ffc9802e5efb763a1
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61afaabef40ea16a1bb2cbf6c47251ae84db53882dfd2acbc45c6e305ee6eef5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
64719d7d5246e68e98787bb819ed9ffe8087c9893e66c200e8eee9fc97762aa6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9ea06f08a2a4adee64357bd52efff2b9708bc542e17788e5bd1857d15737a1
6dc1547411c270882ca329ebbb8676437acf8513670509d619e4306965e50493
6fa5d41b61570dbbbdbcb4d0067a816d5b5587de2d5c28b193a8c7d2ecc052c3
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
7511d7194897358ac0669453c11c28cc4f0741982f98ba8ec1b81d9f8b32c74a
77b1776bca72791ada272606ad4f9603b323905dc6c3dc3b9c75978bf66e3b1c
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
7858f9cdb8d57d114ddfe1b8b1bf2fb1cb962b09ffbf14117395718b687e5feb
78c4fbbeecb6c2d8cefb938185739e9b03900d3fe5a64bc5141651eff5dbee80
7ae3dca8b680bdd991f410b8162ac490009310c2ce2caf6b449f762448b42bac
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7cc9052965c1a75318774031b48e1bc3939ba74795922e85b4556520e7d5a296
7e625da4f5876505cbab2de21b5d66ea76428e7c3d086b838bb10e4f5d1d92db
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8760d901f9ed3668c62403cb01e7d9d1cc5e68a547f97d666eaa2ae6565f8746
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
8b3b285ca9dc492ec8c9d4d3e90eb5677069a1bdd1f88f433ad87dec95856ef5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fadfcb9537680d26d5b6c7d7eb16ed58276e0927e4dd2a46eab6506adebfbed
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
93f790d10f15bff5a8f5bbadb86f888e879e4110d5dd90a665cd1e62e47f3824
949317f423cd0349c11887fd6542d19dc47112945ca63c9d370b91511188d75d
971895a58696405aa74aa2ae124dce6246ec181a7069f0eb1c5b11a47834a81f
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9a6bf0a6e2eb1b64d0823e7a6b41430390a384de43380f44a10e03f296bf5b93
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a041651fc88210ebdd9d35c3edc954ac0137b4ed6217c3eef15a4d86785ffe7c
a16877d432df97949a092e489a478b531a8e04667252abedc4fac1f0705e9480
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a41ffe41c8b4dd417897c6692ea51d4f71e19354a6ac76345020e350ad0df7b0
a432debf91e000cb56cf5632860ba81ac5824a66aa967996cc8446f2b5614a8a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b4034549a3974632e7b92c489bb8ff2702eeae2ad0cd643b0fa66640a59cc8
a5ce4a3473dfb0a71464f6f2c7eb15548555f9ca4c777158e0a0491bc4257eda
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7486c80cde5ca6467b32be4438fb371601d85fbead37dce64863b20fb95ac97
a92186a3c971971a15650c67623f0e462a5b15a7d54abbd2c5963dad963bdd02
a9ba6ec345921e872849636f3eb0931dddf65aaede90e939f7b68dbbff771e8e
ab64560cf10e232d83b783805d267b1675aa728828db773daefe5936e0e4ed67
ac0b052a1261929b8bcbd7bff9461357b18308cb9509596cb72bdb1dfe163436
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad3118a6ad8f91a55ea90ea11f36d1db21e48be0af5a64c56c9c33d67f4a92dd
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
add12b8d5a57c99cb51768e0272128c84e2f6eb2ea73de6a813dba4243ab36a6
aeffb7940a0b363ba72ec2b3f2cc5353e43aa6aad82d0e7344616877c9d08e31
b007484b495c6bd52b9e268153b59e8c97f3658c125057351f7446747fa69b05
b018cc208e059a5de098796b75c3a8f2a0a938329f9ad028e17a0916f3fe1ec5
b0f9ee26598f590e7d508f7b17d01b9b2313b782a2ee83cef5a7891f91cc849a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b234ef8a535169f0adab1cf20bf3cd49a58501c5324ff1934741feb49645baac
b2baca21c751c8040e5eb86a89c119eea10e6339b9618ca33f825e65c18f3e69
b438715684b182fe22e0b892c134710e808af8dac53be4501cb979f93318205b
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
b8b8a5b4e651f81eb136d15dc905961f47730745e0f367dcadc7945b0a097a36
bacad537b154c5da931ec81e52d57de4eec824f825079680f15f4c45a4715c27
bb09cfbd137611eb5310ed5f7b74b8bbb566e0e51d63e9e736cb02089044c5f4
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
bed1e8704154807de181351712d7db80a049f5988db0aa73ff410f6a5145532c
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c383be61d2c53db253eeda7b36db80a9b5cafbbe27e1d554e8bc09fc350a9e11
c437b408d8c243c1910dde0d61a491db2f57e9be038fba1560648ba743d71634
c8132a9d2e685a073675485064e57fd21ef1f6c6d04ab456d992e5bff7782567
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
c982a7d7b29e0373f4c847856ca6bc58f6f751bacddf47858f3b5d2ff857a353
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cdd136e36bcf38f0a7fa2eb8e3856efcdc034d868ba5096b00a201f854066dcd
d0eee55418887f0682aeed3e618bfee0be7e0b29f87dc2883ad20522b2f8f236
d2b6a9bb43e5894c3600e3d190ca4410ef9bb6314f0b4cbc68554363dbde220f
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d3f5d2edb1d7efe3e24417b3a48999d2090f8b7cab6a0f773e4075b33122de03
d7729db4f32ff18533067b40b7d9f4bd16cab226296f5b8638aabe8a924661fb
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d97a7bae1d07f7300d7878626b41a182725274f43aeecb0d348cc6041865ec63
db1eb9b1c2422dde9bbbbaf5a4a901b306a1120056d72a7fae30b92eb6b81a2f
decc786f75e1141080763ea5cc20ea91a54590b215b08f2e44c2aad886e42241
df02c2949cbc9ac456f455575c6a4d7a4054d0e0d887ee19befe5dce0da2253a
e2765968ac3a8595b6d4c093cc1e9eb3733c587c934be34ec90a16bfe4153e3a
e333cd45a1cc54aa487242f5fa22524c40628cb71682e0157df1e5cb8746c839
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb71725c3c63ad76a2bd979a659d824e4ea771ec1cceb457da064aa71acf08e2
eba5252e44d7ff6d98b2266a558dc852552afe0edb7cf3558add35bfc64e00ca
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec7787429809c686b856f3541e8b907790b23ffab27cfd5f573a2cd5368731fc
ed809fc9518b8f5164e45e3da013e15feea32f290b91c5cff5c92cf61cbf0ce9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33c5ec90995b8aa94cd0f0f0fdb9be01a74cd5884b7a59c08a055d4ac77d3d7
f84847380ede8fe85cf9a555753dd434b5682f25a59141923e36ed53895dd272
f865146d0eb8e5f82cdbbc9af70864ba0fcc75ec76806bdc5d97d23669a80aee
f96fab70e75481e484be282764977e637ff941c40910065468a9322e06e04de6
f9f9a8bdccac44021ea79deaf42d67e0fb390c397db2584a7f4fce78e479f9dd
fe109b9d05e617669a7d867b3e7c757f909f32afaf06355ab838e60773c71cf6
ff2fe2af5913c58c605eb00467d0841d245bb603884917e7a9dd50324f027d76
ff32755dd4187872d6aee164b5babffe1f115f19d4b437699b86d8e03f7d48b0

www.candyindustry.com Open in urlscan Pro 208.91.60.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

335 Requests

89 %HTTPS

25 %IPv6

63 Domains

104 Subdomains

78 IPs

13 Countries

3567 kBTransfer

8439 kBSize

71 Cookies

19 Outgoing links

Page URL History

Redirected requests

335 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.candyindustry.com Open in urlscan Pro
208.91.60.92 Public Scan

Screenshot
Live screenshot

Full Image

335
Requests

89 %
HTTPS

25 %
IPv6

63
Domains

104
Subdomains

78
IPs

13
Countries

3567 kB
Transfer

8439 kB
Size

71
Cookies

335 HTTP transactions
3 data transactions