urlscan.io logo urlscan.io
SecurityTrails logo

www.themarysue.com Open in urlscan Pro
2606:4700:10::ac43:14a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.themarysue.com/
Submission: On January 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 129 IPs in 16 countries across 118 domains to perform 577 HTTP transactions. The main IP is 2606:4700:10::ac43:14a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.themarysue.com. The Cisco Umbrella rank of the primary domain is 138031.
TLS certificate: Issued by R3 on November 17th 2021. Valid for: 3 months.
This is the only time www.themarysue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 2606:4700:10:... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 41 63.250.56.23 41436 (CLOUDWEBM...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.190.39.246 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 34.111.95.79 15169 (GOOGLE)
1 1 151.101.192.134 54113 (FASTLY)
5 199.232.192.134 54113 (FASTLY)
3 2600:9000:215... 16509 (AMAZON-02)
1 184.30.21.59 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
8 143.204.95.188 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
10 184.30.20.198 16625 (AKAMAI-AS)
3 3 185.94.180.126 35220 (SPOTX-AMS)
6 34.98.64.218 15169 (GOOGLE)
2 2a0c:5c81:509... 55081 (24SHELLS)
28 63.250.60.64 204548 (CLOUDWEBM...)
18 22 3.120.57.143 16509 (AMAZON-02)
2 2 23.88.75.186 24940 (HETZNER-AS)
8 18 184.30.20.241 16625 (AKAMAI-AS)
4 8 76.223.111.18 16509 (AMAZON-02)
2 143.204.98.75 16509 (AMAZON-02)
4 9 69.173.144.139 26667 (RUBICONPR...)
4 5 185.33.221.14 29990 (ASN-APPNEX)
17 34.200.155.146 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
2 52.29.208.72 16509 (AMAZON-02)
3 185.64.189.112 62713 (AS-PUBMATIC)
9 142.250.186.98 15169 (GOOGLE)
2 35.164.52.163 16509 (AMAZON-02)
5 9 3.126.56.137 16509 (AMAZON-02)
2 51.89.7.198 16276 (OVH)
1 44.239.145.70 16509 (AMAZON-02)
3 34.210.253.33 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.158.49.43 16509 (AMAZON-02)
3 18.157.246.64 16509 (AMAZON-02)
3 3.214.91.80 14618 (AMAZON-AES)
1 178.250.0.165 44788 (ASN-CRITE...)
4 8 185.33.220.241 29990 (ASN-APPNEX)
1 178.162.133.150 60781 (LEASEWEB-...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 23.37.38.181 16625 (AKAMAI-AS)
5 34.149.20.76 15169 (GOOGLE)
2 216.52.2.48 30282 (AS-INAPCD...)
1 34.107.148.139 15169 (GOOGLE)
1 213.19.147.42 26120 (RHYTHMONE)
1 185.255.84.150 200271 (IGUANE-)
1 3.125.147.153 16509 (AMAZON-02)
4 198.47.127.19 62713 (AS-PUBMATIC)
4 4 185.184.8.65 204995 (RTB-HOUSE...)
12 62.149.0.72 15497 (COLOCALL ...)
2 4 46.249.52.249 50673 (SERVERIUS-AS)
6 2600:9000:215... 16509 (AMAZON-02)
4 6 37.157.4.39 198622 (ADFORM)
4 89.187.169.47 60068 (CDN77 ^_^)
1 143.204.98.71 16509 (AMAZON-02)
1 46.105.202.126 16276 (OVH)
2 2 66.155.71.150 13768 (COGECO-PEER1)
6 46.249.52.248 50673 (SERVERIUS-AS)
6 5.178.65.252 50673 (SERVERIUS-AS)
2 35.227.252.103 15169 (GOOGLE)
6 12 34.206.192.53 14618 (AMAZON-AES)
2 6 168.119.146.39 24940 (HETZNER-AS)
2 26 18.157.144.230 16509 (AMAZON-02)
2 2 23.37.42.132 16625 (AKAMAI-AS)
6 23.79.143.124 16625 (AKAMAI-AS)
8 26 188.132.147.235 42910 (PREMIERDC...)
1 143.204.98.65 16509 (AMAZON-02)
2 205.234.175.175 30081 (CACHENETW...)
2 51.89.9.253 16276 (OVH)
32 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
16 31 142.250.184.226 15169 (GOOGLE)
6 8 35.227.248.159 15169 (GOOGLE)
5 8 37.157.2.235 198622 (ADFORM)
9 14 3.33.220.150 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
2 2600:1f18:659... 14618 (AMAZON-AES)
4 4 2a05:d018:24:... 16509 (AMAZON-02)
5 5 52.17.105.123 16509 (AMAZON-02)
2 4 34.254.143.3 16509 (AMAZON-02)
2 2 151.1.205.165 3242 (ASN-ITNET)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
4 4 35.201.81.244 15169 (GOOGLE)
2 89.163.159.104 24961 (MYLOC-AS ...)
4 10 52.17.84.146 16509 (AMAZON-02)
2 2 212.82.100.182 34010 (YAHOO-IRD)
2 2 35.156.119.137 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
5 54.76.6.59 16509 (AMAZON-02)
7 151.101.66.49 54113 (FASTLY)
2 2 2.18.233.201 16625 (AKAMAI-AS)
2 2 54.175.169.36 14618 (AMAZON-AES)
2 4 52.95.125.22 16509 (AMAZON-02)
2 3 104.111.215.191 16625 (AKAMAI-AS)
2 2 54.216.137.191 16509 (AMAZON-02)
3 6 209.54.177.54 16509 (AMAZON-02)
7 7 185.29.132.245 30419 (MEDIAMATH...)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 54.247.140.137 16509 (AMAZON-02)
1 54.69.67.215 16509 (AMAZON-02)
1 1 52.198.7.102 16509 (AMAZON-02)
1 38.91.45.7 398989 (DEEPINTENT)
1 2 18.213.10.151 14618 (AMAZON-AES)
2 2 194.213.62.37 13036 (TMOBILE-)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 143.204.98.13 16509 (AMAZON-02)
2 212.83.160.162 12876 (Online SAS)
3 3 178.250.0.163 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 213.202.235.8 24961 (MYLOC-AS ...)
5 5 18.197.73.85 16509 (AMAZON-02)
2 2 37.252.173.213 29990 (ASN-APPNEX)
3 3 72.251.244.140 29791 (VOXEL-DOT...)
2 2 87.98.228.78 16276 (OVH)
2 2 52.214.119.250 16509 (AMAZON-02)
1 1 54.36.172.109 16276 (OVH)
2 2 3.228.147.119 14618 (AMAZON-AES)
4 3.127.178.105 16509 (AMAZON-02)
2 52.214.209.198 16509 (AMAZON-02)
2 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
3 213.254.244.12 36062 (DOUBLE-VE...)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 54.246.97.45 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 20.72.149.136 8075 (MICROSOFT...)
12 35.162.100.127 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 51.144.7.192 8075 (MICROSOFT...)
1 216.46.185.182 13649 (ASN-VINS)
1 66.155.71.25 13768 (COGECO-PEER1)
1 184.30.20.185 16625 (AKAMAI-AS)
2 2 213.155.156.168 1299 (TWELVE99 ...)
9 185.64.190.80 62713 (AS-PUBMATIC)
3 185.64.190.81 62713 (AS-PUBMATIC)
1 2 141.94.170.77 16276 (OVH)
1 169.50.137.184 36351 (SOFTLAYER)
2 104.16.201.58 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 67.202.105.34 ()
1 1 34.102.163.6 ()
1 2620:1ec:c11:... ()
1 1 70.42.32.223 ()
2 2 96.46.183.20 ()
577 129
29    2606:4700:10::ac43:14a1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.themarysue.com
15    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
41    63.250.56.23 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
3    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
3    35.190.39.246 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 246.39.190.35.bc.googleusercontent.com
superficialeyes.com
3    2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
1    2606:4700:10::6816:93d (United States)

ASN13335 (CLOUDFLARENET, US)
dotesports.com
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    34.111.95.79 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 79.95.111.34.bc.googleusercontent.com
spc.themarysue.com
1    151.101.192.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
5    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
themarysue.disqus.com
3    2600:9000:2156:9a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    184.30.21.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-59.deploy.static.akamaitechnologies.com
s.ntv.io
1    2606:4700:10::6816:3b6e (United States)

ASN13335 (CLOUDFLARENET, US)
am22.mediaite.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2600:9000:2156:1200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
8    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
4    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
primis-d.openx.net
propermedia-d.openx.net
2    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
28    63.250.60.64 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
22    3.120.57.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-143.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
18    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
8    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    143.204.98.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-75.fra50.r.cloudfront.net
sync.intentiq.com
9    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com
5    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
17    34.200.155.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-155-146.compute-1.amazonaws.com
jadserve.postrelease.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.29.208.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-208-72.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    35.164.52.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-52-163.us-west-2.compute.amazonaws.com
usync.proper.io
9    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    51.89.7.198 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p20.id5-sync.com
id5-sync.com
1    44.239.145.70 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-145-70.us-west-2.compute.amazonaws.com
id.sharedid.org
3    34.210.253.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-253-33.us-west-2.compute.amazonaws.com
bids.proper.io
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
adservice.google.de
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    35.158.49.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-49-43.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
3    18.157.246.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    3.214.91.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-91-80.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
8    185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    185.255.84.150 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    3.125.147.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-147-153.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
12    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
4    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
6    2600:9000:2156:1400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
6    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
4    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
1    143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net
ats.rlcdn.com
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
6    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
6    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
12    34.206.192.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-192-53.compute-1.amazonaws.com
a.audrte.com
6    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
26    18.157.144.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
26    188.132.147.235 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-235-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
1    143.204.98.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-65.fra50.r.cloudfront.net
geo.privacymanager.io
2    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
32    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
31    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
8    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
8    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
14    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    2600:1f18:6593:f601:6e36:3d7b:dfb5:1567 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
4    2a05:d018:24:b001:e806:2ca:d089:17f3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
5    52.17.105.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-105-123.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
loada.exelator.com
2    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
3    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    89.163.159.104 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
10    52.17.84.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    35.156.119.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-119-137.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
5    54.76.6.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-6-59.eu-west-1.compute.amazonaws.com
beacon.krxd.net
7    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    54.175.169.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-169-36.compute-1.amazonaws.com
usermatch.krxd.net
4    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    54.216.137.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-137-191.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
6    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    54.247.140.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-140-137.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    54.69.67.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-67-215.us-west-2.compute.amazonaws.com
dmp.brand-display.com
1    52.198.7.102 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-7-102.ap-northeast-1.compute.amazonaws.com
d.adroll.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    18.213.10.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com
um2.eqads.com
2    194.213.62.37 (Novy Jicin, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid4.ibillboard.com
bbnaut.ibillboard.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    2a05:d018:d29:3601:2114:2cbc:c6ab:b127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    143.204.98.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net
tags.crwdcntrl.net
2    212.83.160.162 (France)

ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu
js.cookieless-data.com
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
10    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
5    18.197.73.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-73-85.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    37.252.173.213 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
adscale-emea.adnxs.com
3    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu
tracking.m6r.eu
2    87.98.228.78 (Spain)

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu
green.erne.co
2    52.214.119.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-119-250.eu-west-1.compute.amazonaws.com
r.scoota.co
1    54.36.172.109 (France)

ASN16276 (OVH, FR)
PTR: pl01.roqad.pl
ws.rqtrk.eu
2    3.228.147.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-147-119.compute-1.amazonaws.com
ads.creative-serving.com
4    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    52.214.209.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-209-198.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    2a02:26f0:e300:185::4469 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
rtbcdn.doubleverify.com
3    213.254.244.12 (United States)

ASN36062 (DOUBLE-VERIFY, US)
rtb0.doubleverify.com
tps20522.doubleverify.com
1    2600:9000:2156:5800:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.besafe.global
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    54.246.97.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-97-45.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    20.72.149.136 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
12    35.162.100.127 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-100-127.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
1    216.46.185.182 (Broomfield, United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    184.30.20.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-185.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-6.cloudy.ovh
pixel.onaudience.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    104.16.201.58 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
2    2606:4700::6810:79c3 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
5    67.202.105.34 (None, )

ASN- ()
de.tynt.com
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
1    70.42.32.223 (None, )

ASN- ()
b1sync.zemanta.com
2    96.46.183.20 (None, )

ASN- ()
ads.betweendigital.com
Apex Domain
Subdomains		 Transfer
69 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2780
video.primis.tech — Cisco Umbrella Rank: 6043
6 MB
42 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
cm.g.doubleclick.net — Cisco Umbrella Rank: 169
195 KB
33 themarysue.com
www.themarysue.com — Cisco Umbrella Rank: 138031
spc.themarysue.com — Cisco Umbrella Rank: 461792
420 KB
32 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1092
mwzeom.zeotap.com — Cisco Umbrella Rank: 1443
9 KB
32 adscale.de
js.adscale.de — Cisco Umbrella Rank: 6665
ih.adscale.de — Cisco Umbrella Rank: 3223
33 KB
30 admatic.com.tr
cdn.admatic.com.tr — Cisco Umbrella Rank: 8494
ads3.admatic.com.tr — Cisco Umbrella Rank: 9220
ads4.admatic.com.tr — Cisco Umbrella Rank: 17094
46 KB
29 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 446
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 448
image6.pubmatic.com — Cisco Umbrella Rank: 531
image2.pubmatic.com — Cisco Umbrella Rank: 862
simage2.pubmatic.com — Cisco Umbrella Rank: 481
image4.pubmatic.com — Cisco Umbrella Rank: 741
simage4.pubmatic.com
78 KB
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
297 KB
22 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 254
9 KB
19 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
htlb.casalemedia.com — Cisco Umbrella Rank: 437
ssum.casalemedia.com — Cisco Umbrella Rank: 1052
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
22 KB
18 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3005
u-ams02.e-planning.net — Cisco Umbrella Rank: 47537
s.e-planning.net — Cisco Umbrella Rank: 4980
i.e-planning.net — Cisco Umbrella Rank: 124557
35 KB
18 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 270
fastlane.rubiconproject.com — Cisco Umbrella Rank: 442
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 906
eus.rubiconproject.com — Cisco Umbrella Rank: 503
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2071
token.rubiconproject.com — Cisco Umbrella Rank: 583
38 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 272
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1384
s.amazon-adsystem.com — Cisco Umbrella Rank: 263
125 KB
17 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 885
10 KB
17 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 526
pixel.adsafeprotected.com — Cisco Umbrella Rank: 553
dt.adsafeprotected.com — Cisco Umbrella Rank: 488
97 KB
16 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 351
ib.adnxs.com — Cisco Umbrella Rank: 210
adscale-emea.adnxs.com — Cisco Umbrella Rank: 15529
acdn.adnxs.com — Cisco Umbrella Rank: 534
19 KB
15 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 249
cms.analytics.yahoo.com — Cisco Umbrella Rank: 775
ads.yahoo.com — Cisco Umbrella Rank: 722
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 404
6 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
6 KB
14 adform.net
cm.adform.net — Cisco Umbrella Rank: 1465
dmp.adform.net — Cisco Umbrella Rank: 1949
track.adform.net — Cisco Umbrella Rank: 3624
c1.adform.net — Cisco Umbrella Rank: 524
6 KB
14 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5490
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5916
7 KB
12 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 538
tags.crwdcntrl.net — Cisco Umbrella Rank: 1395
sync.crwdcntrl.net — Cisco Umbrella Rank: 641
29 KB
12 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2824
10 KB
9 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1039
sync.mathtag.com — Cisco Umbrella Rank: 372
5 KB
9 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 355
tlx.3lift.com — Cisco Umbrella Rank: 569
4 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 369
3 KB
8 openx.net
u.openx.net — Cisco Umbrella Rank: 639
primis-d.openx.net — Cisco Umbrella Rank: 11561
propermedia-d.openx.net — Cisco Umbrella Rank: 12288
rtb.openx.net — Cisco Umbrella Rank: 1154
1 KB
8 proper.io
global.proper.io — Cisco Umbrella Rank: 10106
usync.proper.io — Cisco Umbrella Rank: 4893
bids.proper.io — Cisco Umbrella Rank: 10647
eb.proper.io — Cisco Umbrella Rank: 11601
117 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
604 B
7 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 356
usermatch.krxd.net — Cisco Umbrella Rank: 896
2 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
1 KB
7 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1034
pixel.advertising.com — Cisco Umbrella Rank: 293
2 KB
6 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1830
1 KB
6 disqus.com
disqus.com — Cisco Umbrella Rank: 2607
themarysue.disqus.com — Cisco Umbrella Rank: 94697
7 KB
5 tynt.com
de.tynt.com
1 KB
5 doubleverify.com
rtbcdn.doubleverify.com — Cisco Umbrella Rank: 2368
rtb0.doubleverify.com — Cisco Umbrella Rank: 627
tps20522.doubleverify.com — Cisco Umbrella Rank: 25916
18 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 347
103 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
5 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1506
1000 B
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 769
3 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25120
1 KB
4 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7330
loada.exelator.com — Cisco Umbrella Rank: 18753
2 KB
4 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 982
2 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 666
1 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 693
dis.criteo.com — Cisco Umbrella Rank: 574
2 KB
4 gstatic.com
fonts.gstatic.com
62 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
3 KB
3 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 10644
2 KB
3 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 402
996 B
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1537
2 KB
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 2742
pixel-sync.sitescout.com — Cisco Umbrella Rank: 547
767 B
3 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 10765
ecs.mantisadnetwork.com — Cisco Umbrella Rank: 19753
974 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1222
346 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 545
cdn.id5-sync.com — Cisco Umbrella Rank: 1650
12 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 418
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
3 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 81513
27 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 2844
onesignal.com — Cisco Umbrella Rank: 1221
73 KB
2 betweendigital.com
ads.betweendigital.com
1 KB
2 glotgrx.com
pre.glotgrx.com — Cisco Umbrella Rank: 5876
392 B
2 yabidos.com
pixel.yabidos.com — Cisco Umbrella Rank: 6044
25 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1264
736 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4740
637 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 433
975 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
74 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 2787
1 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 30221
1 KB
2 erne.co
green.erne.co — Cisco Umbrella Rank: 11486
467 B
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 4716
1 KB
2 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 16655
1 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 2594
562 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 649
d.turn.com — Cisco Umbrella Rank: 772
836 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 155882
428 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 739
430 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 371
761 B
2 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19774
670 B
2 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 119601
1 KB
2 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 8893
822 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 523
215 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8579
914 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 888
2 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 609
761 B
2 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 5706
4 KB
2 rlcdn.com
api.rlcdn.com Failed
ats.rlcdn.com — Cisco Umbrella Rank: 1401
id.rlcdn.com — Cisco Umbrella Rank: 656
36 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1199
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 877
453 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 864
pixel.quantserve.com — Cisco Umbrella Rank: 380
10 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
84 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 829
2 KB
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
594 B
1 mrtnsvr.com
ad.mrtnsvr.com
218 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 631
610 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1255
72 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 8638
328 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2584
911 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 245
577 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 634
35 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2256
104 B
1 besafe.global
cdn.besafe.global — Cisco Umbrella Rank: 14784
13 KB
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 1615
515 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 10719
1 KB
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 771
44 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1320
112 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1461
261 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 450
430 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1551
592 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3799
748 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1243
174 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1409
888 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1599
822 B
1 google.se
adservice.google.se — Cisco Umbrella Rank: 50505
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 745
418 B
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 4035
216 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 822
2 KB
1 mediaite.com
am22.mediaite.com — Cisco Umbrella Rank: 137604
138 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 2933
114 KB
1 dotesports.com
dotesports.com — Cisco Umbrella Rank: 67306
23 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
36 KB
577 118
Domain Requested by
41 live.primis.tech 2 redirects www.themarysue.com
live.primis.tech
29 cm.g.doubleclick.net 16 redirects spl.zeotap.com
ssum.casalemedia.com
ads.us.e-planning.net
googleads.g.doubleclick.net
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
bcp.crwdcntrl.net
eb2.3lift.com
29 www.themarysue.com www.themarysue.com
28 video.primis.tech live.primis.tech
www.themarysue.com
26 mwzeom.zeotap.com ads.us.e-planning.net
26 ih.adscale.de 2 redirects js.adscale.de
ih.adscale.de
22 x.bidswitch.net 18 redirects www.themarysue.com
live.primis.tech
ssum.casalemedia.com
eb2.3lift.com
18 ads3.admatic.com.tr cdn.admatic.com.tr
www.themarysue.com
17 jadserve.postrelease.com s.ntv.io
www.themarysue.com
15 pagead2.googlesyndication.com www.themarysue.com
pagead2.googlesyndication.com
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
14 match.adsrvr.org 9 redirects ssum.casalemedia.com
ads.us.e-planning.net
bcp.crwdcntrl.net
eb2.3lift.com
12 dt.adsafeprotected.com 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
12 a.audrte.com 6 redirects ads.us.e-planning.net
a.audrte.com
www.themarysue.com
12 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
cdn.admatic.com.tr
ads.us.e-planning.net
11 dsum-sec.casalemedia.com 3 redirects ssum.casalemedia.com
um2.eqads.com
googleads.g.doubleclick.net
10 tpc.googlesyndication.com www.themarysue.com
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
ads.us.e-planning.net
global.proper.io
ads.pubmatic.com
9 ups.analytics.yahoo.com 5 redirects www.themarysue.com
8 ads4.admatic.com.tr 8 redirects
8 pixel.tapad.com 6 redirects ads.us.e-planning.net
spl.zeotap.com
8 ib.adnxs.com 4 redirects global.proper.io
spl.zeotap.com
googleads.g.doubleclick.net
8 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
www.themarysue.com
www.googletagservices.com
8 eb2.3lift.com 4 redirects global.proper.io
eb2.3lift.com
8 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
global.proper.io
7 sync.mathtag.com 7 redirects
7 sync-tm.everesttech.net spl.zeotap.com
ads.us.e-planning.net
www.themarysue.com
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
bcp.crwdcntrl.net
6 s.amazon-adsystem.com 3 redirects ssum.casalemedia.com
eb2.3lift.com
6 bcp.crwdcntrl.net 4 redirects tags.crwdcntrl.net
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
6 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
global.proper.io
6 sync.richaudience.com 2 redirects ads.us.e-planning.net
spl.zeotap.com
6 s.e-planning.net ads.us.e-planning.net
6 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
6 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
5 de.tynt.com global.proper.io
5 simage2.pubmatic.com ads.pubmatic.com
5 pixel.advertising.com 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
bcp.crwdcntrl.net
5 dpm.demdex.net 5 redirects
5 ssc.33across.com global.proper.io
5 secure.adnxs.com 4 redirects acdn.adnxs.com
5 themarysue.disqus.com www.themarysue.com
themarysue.disqus.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.themarysue.com
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
4 image2.pubmatic.com ads.pubmatic.com
4 sync.crwdcntrl.net bcp.crwdcntrl.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ps.eyeota.net www.themarysue.com
s.console.adtarget.com.tr
4 www.google.com 1 redirects www.themarysue.com
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 track.adform.net 4 redirects
4 token.rubiconproject.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ads.us.e-planning.net
4 idsync.frontend.weborama.fr 4 redirects
4 sync.tidaltv.com 4 redirects
4 dmp.adform.net 2 redirects spl.zeotap.com
4 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
4 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
4 ads.us.e-planning.net 2 redirects s.console.adtarget.com.tr
4 creativecdn.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
4 fonts.gstatic.com fonts.googleapis.com
4 pixel.rubiconproject.com www.themarysue.com
live.primis.tech
ads.us.e-planning.net
4 u.openx.net live.primis.tech
global.proper.io
4 fonts.googleapis.com www.themarysue.com
live.primis.tech
4 spc.themarysue.com dotesports.com
3 tracking.m6r.eu 3 redirects
3 dis.criteo.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 tags.bluekai.com 2 redirects bcp.crwdcntrl.net
3 dsp.adfarm1.adition.com 3 redirects
3 btlr.sharethrough.com global.proper.io
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 bids.proper.io global.proper.io
3 hbopenbid.pubmatic.com live.primis.tech
global.proper.io
3 ssum-sec.casalemedia.com 3 redirects
3 sync.search.spotxchange.com 3 redirects
3 static.adsafeprotected.com www.themarysue.com
pixel.adsafeprotected.com
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.themarysue.com
3 superficialeyes.com www.themarysue.com
superficialeyes.com
2 ads.betweendigital.com 2 redirects
2 pre.glotgrx.com mantodea.mantisadnetwork.com
2 pixel.yabidos.com mantodea.mantisadnetwork.com
pixel.yabidos.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 px.ads.linkedin.com 1 redirects eb2.3lift.com
2 tps20522.doubleverify.com rtbcdn.doubleverify.com
2 rtbcdn.doubleverify.com 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
rtbcdn.doubleverify.com
2 pixel.adsafeprotected.com 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
2 www.googletagservices.com securepubads.g.doubleclick.net
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
2 ads.creative-serving.com 2 redirects
2 r.scoota.co 2 redirects
2 green.erne.co 2 redirects
2 adscale-emea.adnxs.com 2 redirects
2 js.cookieless-data.com s.e-planning.net
2 tags.crwdcntrl.net s.e-planning.net
2 bbnaut.ibillboard.com 2 redirects
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 usermatch.krxd.net 2 redirects
2 pixel.mathtag.com 2 redirects
2 odr.mookie1.com spl.zeotap.com
2 aa.agkn.com 2 redirects
2 cms.analytics.yahoo.com 2 redirects
2 dmp.theadex.com spl.zeotap.com
2 bn01.er.bemail.it 2 redirects
2 loadeu.exelator.com spl.zeotap.com
2 dmp.v.fwmrm.net spl.zeotap.com
2 trc.taboola.com spl.zeotap.com
2 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 onetag-sys.com ads.us.e-planning.net
2 i.e-planning.net ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 rtb.openx.net ads.us.e-planning.net
2 pixel.sitescout.com 2 redirects
2 cm.adform.net s.console.adtarget.com.tr
2 ap.lijit.com global.proper.io
2 mantodea.mantisadnetwork.com global.proper.io
2 pre.ads.justpremium.com global.proper.io
2 id5-sync.com global.proper.io
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
2 usync.proper.io www.themarysue.com
2 ads.adaptv.advertising.com live.primis.tech
2 sync.intentiq.com www.themarysue.com
2 csync.loopme.me 2 redirects
2 s.console.adtarget.com.tr live.primis.tech
2 connect.facebook.net www.themarysue.com
connect.facebook.net
2 unpkg.com 1 redirects www.themarysue.com
2 global.proper.io www.themarysue.com
global.proper.io
2 cdn.onesignal.com www.themarysue.com
cdn.onesignal.com
1 simage4.pubmatic.com ads.pubmatic.com
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 um.simpli.fi ads.pubmatic.com
1 acdn.adnxs.com global.proper.io
1 pixel-sync.sitescout.com bcp.crwdcntrl.net
1 global.ib-ibi.com bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 d.turn.com 1 redirects
1 sync.inmobi.com 1 redirects
1 s0.2mdn.net 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
1 ads.yieldmo.com 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
1 dclk-match.dotomi.com 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
1 cdn.besafe.global 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
1 rtb0.doubleverify.com rtbcdn.doubleverify.com
1 ws.rqtrk.eu 1 redirects
1 m.exactag.com www.themarysue.com
1 eb.proper.io global.proper.io
1 id.rlcdn.com ads.us.e-planning.net
1 ads.yahoo.com ads.us.e-planning.net
1 match.deepintent.com ssum.casalemedia.com
1 d.adroll.com 1 redirects
1 dmp.brand-display.com ssum.casalemedia.com
1 match.prod.bidr.io ssum.casalemedia.com
1 ad.turn.com 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 geo.privacymanager.io ats.rlcdn.com
1 cdn.id5-sync.com www.themarysue.com
1 ats.rlcdn.com www.themarysue.com
1 pixel.quantserve.com www.themarysue.com
1 tlx.3lift.com global.proper.io
1 hb-api.omnitagjs.com global.proper.io
1 tag.1rx.io global.proper.io
1 prebid.media.net global.proper.io
1 htlb.casalemedia.com global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 apex.go.sonobi.com global.proper.io
1 propermedia-d.openx.net global.proper.io
1 bidder.criteo.com global.proper.io
1 adservice.google.se pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 id.sharedid.org global.proper.io
1 primis-d.openx.net live.primis.tech
1 onesignal.com cdn.onesignal.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com global.proper.io
1 am22.mediaite.com www.themarysue.com
1 s.ntv.io www.themarysue.com
1 disqus.com 1 redirects
1 dotesports.com www.themarysue.com
1 www.googletagmanager.com www.themarysue.com
0 api.rlcdn.com Failed global.proper.io
577 185
Subject Issuer Validity Valid
*.themarysue.com
R3		 2021-11-17 -
2022-02-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
superficialeyes.com
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-01-17		 3 months crt.sh
spc.themarysue.com
GTS CA 1D4		 2021-11-19 -
2022-02-17		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.google.se
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2021-11-28 -
2022-02-26		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2022-01-06 -
2022-04-06		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
cdn.id5-sync.com
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
ads4.admatic.com.tr
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.knorex.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2020-01-22 -
2022-04-21		 2 years crt.sh
*.eyeota.net
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
cdn.besafe.global
Amazon		 2021-06-25 -
2022-07-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.cintnetworks.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-04 -
2022-11-04		 a year crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-03-08		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh

This page contains 80 frames:

Primary Page: https://www.themarysue.com/
Frame ID: 741B466B15478165DDF991B7C1388BF1
Requests: 174 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 5CC1C7C37CCD2EAB2B6E6FFA1FA2B30F
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Frame ID: 78AA872C726431430AD50A390AEE1963
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: B418C1AE14822533515502029523CD7C
Requests: 24 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 4BBDDF9A707C1CFAA1235D8DF3F62C25
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 8D72BEC74827C2AB21003F7C6E4C1013
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
Frame ID: 57ED7154A4D804A14D7911B4E62E7F79
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: E48892E46C241940A35770C4A4CA061E
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: CDB23ADC859DB09F31DE3F0E59D2EA6C
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 1C6801076B8405573B6745C60E00F6A6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: DB6CE26B5B3AE33EB1BE2AF676F53A83
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
Frame ID: 5A36ADF9BF1FAE1B50C65CB1E52B5A00
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 670F015929B00F387388EDA0875222F0
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 168555006A414FD6726E71B26033FD03
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9356934496955375&output=html&adk=522671305&adf=1178619241&lmt=1641828162&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641828161425&bpp=3&bdt=209&idt=617&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8457917808720&frm=20&pv=2&ga_vid=479152982.1641828162&ga_sid=1641828162&ga_hid=418160425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1159412243048153&pem=764&tmod=979&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=645
Frame ID: 28C248CA8309AEED48D95DC546AC5DAC
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
Frame ID: A6A02738CF65E45E7CED46A4579EDBFD
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 71492E5741CBFAD5E54028B1E908A914
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: EA5D2433344D742E3735D61733083DA6
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 08CE4EA324FD6E7E65ACC7AD8125EB7D
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: DF3ADC3FDDC15536ACEA58E721D8A77B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 152E1AC2D0091E7EEF3731CCA9742913
Requests: 10 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 615CDF3542C35F53C42264E57D56E62C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 38437C252B63E3D90865E21A73207AE7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: C82252A89E4BBAE005B36B8A9EE93DB8
Requests: 11 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 34A1F52A8C92BE9017F925F4509B4B00
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
Frame ID: 733E45A1BA351503EECE42D4AF4E3E4C
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: A7EB24F0DBF1A08D0E10D9DAE953D0EF
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: E765DC70A7F2DD8F3F469B0502BCC2DE
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 0A1F82FDE1E45255B715AE1CEAC8DC5A
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 1256EE09AC24211FCD9CEB0921289000
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da5351154be6af4da%26uid%3D
Frame ID: F43A8B2A9610849235E9ABB897AD85AB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 23681A5DA0575A74101153FD75979098
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da5351154be6af4da%26uid%3D
Frame ID: C86E388C7C02B632C02E0AF40D0E4884
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Frame ID: 0C817CF45C636260D9F2010A872D01B3
Requests: 9 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/a54faea9d0608df9/navegg_2022_01.html
Frame ID: 6EF3F530F71453EDC44B46212824AC67
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: FAE0220AE8932920E89103BD0A7627CC
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361&cmp=0
Frame ID: 36B6D204D21216DA07EC4AB9D852CDA4
Requests: 31 HTTP requests in this frame

Frame: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 94A7138392C31A8C756B56575F7C01D8
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Frame ID: E994445F6AC23B2FD45BBC26EE7B37BB
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/a54faea9d0608df9/navegg_2022_01.html
Frame ID: 4679736C24AAF43D9244D439C469948A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 3C3B666ECC47CD64224152CD270FDCF9
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361&cmp=0
Frame ID: 52438053FBCBA211F491CD6ECB8330BD
Requests: 31 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: B9038D9861A38943ABEE76B6100455C6
Requests: 11 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 8012986D59D1144D6CB8C87A22FAAA32
Requests: 11 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 136B78565598A2885B23DAA1A0C60D7C
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: CC2BDBEDDC7CC960C322736AD0FB6441
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AN9crRslRVFWX6xR
Frame ID: C10310721B1A63B9C48D2AEF8EE1D6E0
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 94EEEE9DE7D60F5C8EC86A35D210E2B2
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AIRAktVatz9QMYeP
Frame ID: AE08549545515546B99A8A9A9964C8BA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 4EEF40A7175C7258CC3D15D8561205D1
Requests: 14 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: DFA82F7696FC69106C9B45078A96E828
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: ADC4ACDFCAACD62234412CB33B4DA38F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 2FF74605A655833F9FC2D31514058FA7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnhoVXJObm6qt9Ugs5WC6CLgg5toNTNu9FSp4ddsCpMBiOOPtTsdLMPsESyNkjrQgyhaln5Z9Lm5pJ_g66_GJILer7sWFWKSjF83_NVZvBZk8tf9-X-RgUub214kht5JH_K2AAgD68ibKI7jnwos_A-VbyPnwRMHCEF91oUEvJHJldmEUuiJVt_QW7yyO7fG_6mF8rlDtOpvHE_Xyl45s5OzP2iIIoPoSZU-gqJPXunXjZGxUQLkUrt2W5EqWUIJDNPR4L0H97LM2x-RSrVTVfnko3XT9WG1vSqgM5y_l1FJjhFlm-z5ahH2308eE&sig=Cg0ArKJSzGvk08qnHfU9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C1E0625AF0C868855D117DCB53FF35BF
Requests: 5 HTTP requests in this frame

Frame: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AAF892FA74F423E259F103F1C078EF88
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDO4qEBGPyHr70BMAE&v=APEucNVS9_rzcdTWxuCmVX9D13cbqSx_rwty4Tsz2L1XpyqWf-gWMPisqyxvpG8pPfseHLGf5qK0e278EWDa-dR-PfbU2n-ylC-mvJqxhDnaJi4iP8FyLPJKbttbU0xMOOUvpHLqZurWwAnCmS0kD6VzoZH4XwvK3tMU7V6OekM1qlgNSqbnUSMbEGJDYqjH8o2r0BgZjEu1
Frame ID: 70DDEFB051EDF746FC9601BFBA7FF60E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 289281F4CC351898F81F9AE4AE3717E2
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9137EF0DFC30285C34A6F8A212DF60DF
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 736D3917DEF2C686D508A7265BE6F44E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDA5668709E437CA07641D67054637FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 20B64DBD4DA960C073F08DCCFB4D4FAB
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=836581916/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: E8BCBFFA5CE7368BE7FD7B1FF3DCE602
Requests: 7 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=315935515/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: EC5E2BB525F0634D2F1D36E8BD4D7500
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: DB8827192375AFDC0D609442D8E72ACD
Requests: 2 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828161539&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F
Frame ID: EF3052413DB32D8F0294DD2B519C5A45
Requests: 6 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=alle0mi1641828161966
Frame ID: E4545EF355FBBACCACB4FFB69C22AFB7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3DDACCCCFFA69A86F4F5A3861B85173C
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 581BDB26FCF23B1F0EF78AF687D35848
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=560F4D6D-37BF-4EB8-8A26-A891946B576C
Frame ID: 4858BD195435809CC1F0723CB91A73B4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8030464049716842991
Frame ID: E58ED41B400A0548A505530976CF72A8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 0F6879D1A80732E10B5EED29EF1667EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051598261462235275
Frame ID: 29F944883913048E45664F7673E1073C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3EBAF8F21475B59CC4E218DB4B4F8BDB
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A4C42C16C12C3A298F47131EDEF96019
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13412165
Frame ID: 6CDF3EA5DC73EA38F9C776CCD811B7AE
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dthix2tgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: DE80D7833DE6A4D70EF87AEE090DBF2E
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dxcdREtgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 51A035380FDD380E40EAEBC01DC78F44
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dH1YR2tgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: DE8A63C5D410C24C2C409192D46DF36A
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dChRSAtgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 9CD9E1A8C192D0F63CC3241926C326A3
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dorQpQtgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: DA7C829478DB89D0FC8F9A1F5B0E854F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Mary Sue - The Nexus of Pop Culture and the Uncharted UniverseTwitterTwittermascot-2The Mary SueArrow Left #1 IconArrow right #1 IconArrow Left #1 IconArrow right #1 Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

577
Requests

78 %
HTTPS

25 %
IPv6

118
Domains

185
Subdomains

129
IPs

16
Countries

8658 kB
Transfer

14321 kB
Size

138
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@2.1.3/dist/web-vitals.iife.js
Request Chain 39
  • https://disqus.com/forums/themarysue/count.js HTTP 302
  • https://themarysue.disqus.com/count.js
Request Chain 77
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=2726617e-7229-11ec-aa4c-1a7ccaea0306 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
Request Chain 84
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=93&advUuid=ff405bc7-70ed-483e-aef0-a39695eed93b
Request Chain 85
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=99&advUuid=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
Request Chain 86
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=12148450581790859240&advId=121&advUuid=12148450581790859240 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
Request Chain 88
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61dc4f4161be6%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=105&advUuid=4891557269792591769
Request Chain 98
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=12148450581790859240&advId=121&advUuid=12148450581790859240 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
Request Chain 100
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
Request Chain 106
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=93&advUuid=ca175af0-ee6c-4952-bd3a-c3fdc2f727b9
Request Chain 107
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=99&advUuid=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
Request Chain 108
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61dc4f417859a%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=105&advUuid=4891557269792591769
Request Chain 129
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Ddd24c2a7-4c9a-4d82-b6fd-74963291b292%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_a9bcb4bb_d3d0084b_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Ddd24c2a7-4c9a-4d82-b6fd-74963291b292%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_a9bcb4bb_d3d0084b_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=dd24c2a7-4c9a-4d82-b6fd-74963291b292&uid=882d9602-03ab-41de-998c-a69650e57f72
Request Chain 130
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_dfbd3af8_08deb1ed_2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_dfbd3af8_08deb1ed_2&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-K8OE.WRE2uEB4PmGxkpajZhiilOmIlwz~A
Request Chain 184
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
Request Chain 185
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 195
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
Request Chain 196
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 224
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Da5351154be6af4da HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a5351154be6af4da
Request Chain 229
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Da5351154be6af4da HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 230
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da5351154be6af4da%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a5351154be6af4da&uid=4891557269792591769
Request Chain 231
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Da5351154be6af4da HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a5351154be6af4da
Request Chain 236
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Da5351154be6af4da HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 237
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da5351154be6af4da%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a5351154be6af4da&uid=4891557269792591769
Request Chain 238
  • https://ih.adscale.de/uu?cbfn=receive&t=1641828162 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1641828162&nut&uu=a7f3d9f25b57463f88066eba4f341156
Request Chain 239
  • https://ih.adscale.de/uu?cbfn=receive&t=1641828162 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1641828162&nut&uu=e3b3ac4009974650afdf2e4ca8869e51
Request Chain 241
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 244
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 278
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=56ad8642-950b-47bf-8e75-3a3e0de090a1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Request Chain 280
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=77347c28-e909-4568-b8d7-3bfdd731acbe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Request Chain 284
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0be184b7-15e5-49f7-9a76-e19ef05d508d&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 285
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=746c9983-ff74-43e6-671e-2f87ab3eb05e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=746c9983-ff74-43e6-671e-2f87ab3eb05e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=33109535426016893273654717955005951782&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Request Chain 287
  • https://bn01.er.bemail.it/zeotap.php?_bid=746c9983-ff74-43e6-671e-2f87ab3eb05e&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-83707-0.963142001641828165-2e5d9fff60e3f0b645bf4c9e93fd6904&zdid=533&env=mWeb
Request Chain 288
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7051598261461973131&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Request Chain 289
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=746c9983-ff74-43e6-671e-2f87ab3eb05e HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=746c9983-ff74-43e6-671e-2f87ab3eb05e
Request Chain 290
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=746c9983-ff74-43e6-671e-2f87ab3eb05e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=746c9983-ff74-43e6-671e-2f87ab3eb05e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361&bounce=1&random=1563388153 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=SKguW6tKT6/CxEs4ULF.Ze&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Request Chain 292
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=746c9983-ff74-43e6-671e-2f87ab3eb05e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=746c9983-ff74-43e6-671e-2f87ab3eb05e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=8c6fb74eeb02f1af44958616005f6ab4&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Request Chain 293
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-f78T.DRE2opnR62DrFN2OBj4m3hF1FkHjA--~A&zpartnerid=570&env=mWeb
Request Chain 294
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=zhh2kUJAhltYMhNbGF%2BlPs6shFnPr7ny%2BS41iYitP1U%3D
Request Chain 299
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Request Chain 300
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Request Chain 301
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=746c9983-ff74-43e6-671e-2f87ab3eb05e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=746c9983-ff74-43e6-671e-2f87ab3eb05e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361&dcc=t
Request Chain 302
  • https://tags.bluekai.com/site/87734?id=746c9983-ff74-43e6-671e-2f87ab3eb05e&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 303
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Request Chain 306
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&dcc=t
Request Chain 307
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdxPQRngm4F2ibcuoBZx0gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPafblrPb8oQMfPfxfSlcM0&google_cver=1&gdpr=1
Request Chain 309
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=1&gdpr_consent=
Request Chain 310
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8861882096168454252
Request Chain 315
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=56ad8642-950b-47bf-8e75-3a3e0de090a1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Request Chain 317
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=77347c28-e909-4568-b8d7-3bfdd731acbe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Request Chain 321
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0be184b7-15e5-49f7-9a76-e19ef05d508d&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 322
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=52785652774475056901277143070551151788&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Request Chain 324
  • https://bn01.er.bemail.it/zeotap.php?_bid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-48444-0.965674001641828165-2e2eaad8be677d30c6aa9e28be4c6c64&zdid=533&env=mWeb
Request Chain 325
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7051598261462235275&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Request Chain 327
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361&bounce=1&random=1977192919 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=SKguW6tKT6/CxEs4ULF.Ze&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Request Chain 329
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=8c6fb74eeb02f1af44958616005f6ab4&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Request Chain 330
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-f78T.DRE2opnR62DrFN2OBj4m3hF1FkHjA--~A&zpartnerid=570&env=mWeb
Request Chain 331
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=M3JySn%2Bm94FYMhNbGF%2BlPljsRAvUvElR%2BS41iYitP1U%3D
Request Chain 336
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Request Chain 337
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Request Chain 338
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361&dcc=t
Request Chain 339
  • https://tags.bluekai.com/site/87734?id=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 340
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Request Chain 345
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdxPQRngm4F2ibcuoBZx0gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMvqEI5Mg86gVDy-b_79jJU&google_cver=1&gdpr=1
Request Chain 347
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&dcc=t
Request Chain 350
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 353
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 366
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=e3b3ac4009974650afdf2e4ca8869e51&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162734%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162734/0/img?tpid=101&tpuid=BBID-01-03165421628932046-16495416
Request Chain 367
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=e3b3ac4009974650afdf2e4ca8869e51&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=101&tpuid=BBID-01-03165421628934002-16495416
Request Chain 368
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY8U3HRT-21-K3EL&sigv=1&esig=2~c43617a0b023ab603ac6a7dde9db40225b64b7ca
Request Chain 369
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7zHt-r4GVbkCigiUyJzrx8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6620337673451116725
Request Chain 370
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VTNIUlQtMjEtSzNFTA==
Request Chain 373
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&expires=28
Request Chain 375
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFhOWNjNDIzMGQwMWEzYTNiYWE3N2ZmMzUyNWQ5ZmU0ZjQ5NjIyNw
Request Chain 388
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=1edc3435515d78b4ae9e502f945fba3beaf7087652605976d23ee1df93d5c544&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YdxPQRngm4F2ibcuoBZx0gAA%261212
Request Chain 389
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=1edc3435515d78b4ae9e502f945fba3beaf7087652605976d23ee1df93d5c544&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162735%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YdxPQRngm4F2ibcuoBZx0gAA%261212
Request Chain 392
  • https://track.adform.net/serving/cookie/match/?party=9&uid=6be982ad51678d36b193f6ccf1349ab72c773b54e79f88d4628b89d08fe2966a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162735%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=6be982ad51678d36b193f6ccf1349ab72c773b54e79f88d4628b89d08fe2966a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162735%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?tpid=42&gdpr=0&tpuid=5963704833846896809
Request Chain 393
  • https://track.adform.net/serving/cookie/match/?party=9&uid=6be982ad51678d36b193f6ccf1349ab72c773b54e79f88d4628b89d08fe2966a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=6be982ad51678d36b193f6ccf1349ab72c773b54e79f88d4628b89d08fe2966a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=42&gdpr=0&tpuid=2013461008473140927
Request Chain 395
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=740cc9ca2fa42424b56f49a7110e767272e9c0a258446677b34b4fde558273b2&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=abf3c2de-7963-49a3-ab69-d7bb83d189a3&gdpr=0
Request Chain 397
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=2b3ba936888134d88a62529e3e5b99481f484edd51071512eee41ccb00059c75&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
Request Chain 413
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&gdpr=0&tpuid=CAESECzwGKQ97MRVsOGUZwE55kI&google_cver=1
Request Chain 414
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 418
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyODI1ZTM1Zi03MjI5LTExZWMtOGZmOC0wMjc1Yjk5OTMwM2E%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
Request Chain 419
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=77347c28-e909-4568-b8d7-3bfdd731acbe&_origin=1&gdpr=1&gdpr_consent=
Request Chain 420
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=75&tpuid=4891557269792591769&gdpr=0
Request Chain 421
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=740cc9ca2fa42424b56f49a7110e767272e9c0a258446677b34b4fde558273b2&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162735%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=abf3c2de-7963-49a3-ab69-d7bb83d189a3&gdpr=0
Request Chain 422
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=aa157928c399dfb9c901fa5f610a3db3ea5cbc9d290447f1ed9898d8fedf0e39&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=aa157928c399dfb9c901fa5f610a3db3ea5cbc9d290447f1ed9898d8fedf0e39&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/js?tpid=48&tpuid=eb5a155214890eb1362e0b3b27e24933
Request Chain 424
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=2b3ba936888134d88a62529e3e5b99481f484edd51071512eee41ccb00059c75&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162735%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162735%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&gdpr=0&tpuid=CAESECzwGKQ97MRVsOGUZwE55kI&google_cver=1
Request Chain 427
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyODI1ZTM1Zi03MjI5LTExZWMtOGZmOC0wMjc1Yjk5OTMwM2E%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
Request Chain 429
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=77347c28-e909-4568-b8d7-3bfdd731acbe&_origin=1&gdpr=1&gdpr_consent=
Request Chain 430
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162735%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?tpid=75&tpuid=4891557269792591769&gdpr=0
Request Chain 432
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=P6a46eKibArOM15XK5hTYISa&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Request Chain 433
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=aa157928c399dfb9c901fa5f610a3db3ea5cbc9d290447f1ed9898d8fedf0e39&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162735%2F0%2Fjs&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/js?tpid=48&tpuid=eb5a155214890eb1362e0b3b27e24933
Request Chain 434
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1242f42f-28d9-4390-84ef-45de9455af5b&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=admatic&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Request Chain 438
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=882d9602-03ab-41de-998c-a69650e57f72 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=882d9602-03ab-41de-998c-a69650e57f72 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=61f188c6-0c2a-4e48-af0c-e5d82a0e374f&ssp=admatic&expires=30&user_group=5&bsw_param=882d9602-03ab-41de-998c-a69650e57f72 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Request Chain 443
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5963704833846896809 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEDj8GdIjEWVGKq2er5MPc70&google_cver=1 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cbdEKmdok4HQvGF9MurDlFlEQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cbdEKmdok4HQvGF9MurDlFlEQ&gdpr=0&gdpr_consent=&google_gid=CAESEDj8GdIjEWVGKq2er5MPc70&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 446
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5963704833846896809 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEDj8GdIjEWVGKq2er5MPc70&google_cver=1 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=&google_gid=CAESEDj8GdIjEWVGKq2er5MPc70&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxYuqoJfuCCrQqZG-LvPCo&google_cver=1
Request Chain 461
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdxPQRngm4F2ibcuoBZx0gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxYuqoJfuCCrQqZG-LvPCo&google_cver=1
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELHxP9PTtALffdcahYrLXPw&google_cver=1
Request Chain 463
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg5MTU1NzI2OTc5MjU5MTc2OQ%3D%3D
Request Chain 480
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEM2XJUaaCO09-RosgkPCz7A&google_cver=1&google_push=AYg5qPJygIWQwiulb2KtfyHM9YmF-iQtQAtclhMAHlSAFHxVBEYPLOZ6H9WH5M5vvSWcjssmkE0Q1YMheQCpIuYISL-Ku6C7CU5O HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPJygIWQwiulb2KtfyHM9YmF-iQtQAtclhMAHlSAFHxVBEYPLOZ6H9WH5M5vvSWcjssmkE0Q1YMheQCpIuYISL-Ku6C7CU5O
Request Chain 481
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO7U5qkCmUw1pBaA20OEbCE&google_cver=1&google_push=AYg5qPI0hoAiA1dbQZsYkF03YgywqxlBdh4BRjP0gWXEvaEPxEMRp_rkzEnJW-FJTsWqzP9y5_vavk3LR3NLOQdO1GZtO_RmHFM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2MzcwNDgzMzg0Njg5NjgwOQ&google_push=AYg5qPI0hoAiA1dbQZsYkF03YgywqxlBdh4BRjP0gWXEvaEPxEMRp_rkzEnJW-FJTsWqzP9y5_vavk3LR3NLOQdO1GZtO_RmHFM
Request Chain 484
  • https://sync.inmobi.com/gob?google_gid=CAESEFXUizrwkBFWlIU1jpqUvTk&google_cver=1&google_push=AYg5qPJyAKT-8EskCltLixq4-gLbiZOZkpQhJrGA1yHWn-O2Kp3ZBjedxTQ7mhghPu2fhXKKsyLE5yFAWbNO8VWsCSgZFyLKrR1F2A HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26gdpr_consent%3D%26gdpr%3D&gdpr_consent=&gdpr=
Request Chain 507
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
Request Chain 508
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=8c6fb74eeb02f1af44958616005f6ab4&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=51c7489c-8508-4aea-995d-9fe784f1aba5
Request Chain 509
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=8c6fb74eeb02f1af44958616005f6ab4&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=52785652774475056901277143070551151788
Request Chain 511
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/8c6fb74eeb02f1af44958616005f6ab4/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8861882096168454252
Request Chain 529
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8030464049716842991
Request Chain 530
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 531
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051598261462235275
Request Chain 532
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Vg9NbTe_TriKJqiRlGtXbA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 533
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
Request Chain 534
  • https://pixel.onaudience.com/?partner=214&mapped=560F4D6D-37BF-4EB8-8A26-A891946B576C HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ce649bd30018e6a77de722d303ec4f9d
Request Chain 535
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTYwRjRENkQtMzdCRi00RUI4LThBMjYtQTg5MTk0NkI1NzZD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 536
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENd1goOa1NMkrDgLNx61mRk&google_cver=1
Request Chain 538
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
Request Chain 539
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5963704833846896809
Request Chain 540
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=77347c28-e909-4568-b8d7-3bfdd731acbe
Request Chain 541
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4891557269792591769&gdpr=0&gdpr_consent=
Request Chain 542
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=560F4D6D-37BF-4EB8-8A26-A891946B576C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SWtNVP9E2uUILaz8d0ExybrIW.LHIvQ-~A&gdpr=0&gdpr_consent=
Request Chain 545
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=77347c28-e909-4568-b8d7-3bfdd731acbe
Request Chain 559
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=94X7M424M&dongle=u6nf
Request Chain 561
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxNDg0NTA1ODE3OTA4NTkyNDA%3D
Request Chain 563
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12148450581790859240?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-YFz9JolE2oSXp3Fjbb1zSi83OruVxb0trnOocWpH_Q--~A&dongle=0883
Request Chain 566
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12148450581790859240 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12148450581790859240&dcc=t
Request Chain 567
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 569
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=77347c28-e909-4568-b8d7-3bfdd731acbe&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Request Chain 570
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5963704833846896809&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Request Chain 571
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=P6a46eKibArOM15XK5hTYISa&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Request Chain 572
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f21585c7-0d12-530a-ab1f-f96fcac3b626&ssp=admatic&expires=30&user_group=1 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=

577 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.themarysue.com/ 		106 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47dc16ecbb8d70cc1cc2e6148b066b16fde82566386bab27c7a78caf849aa03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-type
text/html; charset=UTF-8
cf-ray
6cb6e6ee7cb0691f-FRA
link
<https://www.themarysue.com/wp-json/>; rel="https://api.w.org/", </wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.8.3>; rel=preload; as=style, </wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22>; rel=preload; as=script, </wp-includes/js/wp-embed.min.js?ver=5.8.3>; rel=preload; as=script
vary
Accept-Encoding, Accept-Encoding
cf-cache-status
BYPASS
cf-apo-via
origin,no-cache
cf-edge-cache
cache,platform=wordpress
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
content-encoding
br
cf-h2-pushed
</wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.8.3>,</wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22>,</wp-includes/js/wp-embed.min.js?ver=5.8.3>
pmpromc.css
www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/ 		182 B
226 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 11:12:11 GMT
server
cloudflare
age
1666
etag
W/"603f6f0b-dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=220
cf-ray
6cb6e6f78c9c691f-FRA
cf-bgj
minify
comment_count.js
www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/ 		708 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Mar 2019 08:40:52 GMT
server
cloudflare
age
4859
etag
W/"5c91fc94-379"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=889
cf-ray
6cb6e6f78ca0691f-FRA
cf-bgj
minify
wp-embed.min.js
www.themarysue.com/wp-includes/js/ 		1 KB
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 11:13:32 GMT
server
cloudflare
age
1666
etag
W/"603f6f5c-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6cb6e6f78ca1691f-FRA
am-asap-500.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500.woff2?2107011725
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 21:25:53 GMT
server
cloudflare
age
4859
etag
"60de32e1-2e68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6e6f7cd30691f-FRA
content-length
11880
am-asap-500i.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500i.woff2?2107011725
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 21:25:53 GMT
server
cloudflare
age
4052
etag
"60de32e1-31dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6e6f7cd34691f-FRA
content-length
12764
crit-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		44 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/crit-main.min.css?2112171821
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e2f32b584ba1e0811bdd21889949c60d5b994f32fee8e4379f441e039eaa20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Dec 2021 23:21:33 GMT
server
cloudflare
age
4052
etag
W/"61bd1b7d-b1a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
6cb6e6f7cd38691f-FRA
def-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		290 B
288 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/def-main.min.css?2110151600
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Oct 2021 20:00:12 GMT
server
cloudflare
age
4859
etag
W/"6169ddcc-122"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
6cb6e6f7cd3c691f-FRA
min.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/min.js?2111190411
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Nov 2021 09:11:50 GMT
server
cloudflare
age
4052
etag
W/"61976a56-32db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=13019
cf-ray
6cb6e6f7cd3e691f-FRA
cf-bgj
minify
flying-focus.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/flying-focus.js?2108231028
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Aug 2021 14:28:13 GMT
server
cloudflare
age
4052
etag
W/"6123b07d-ecb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=3787
cf-ray
6cb6e6f81de3691f-FRA
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98cd0c3553f86027dace3f80514db47b7f234687984851cc73675e72b15a64fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51791
x-xss-protection
0
server
cafe
etag
4691784256494460130
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 15:22:41 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb5a91ed8358b8a192fad4ad9f95d514a0b01e958136ab027670d7a6481fccd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36338
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 15:22:41 GMT
ads-prebid-banner-proper-outbrain.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		25 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/ads-prebid-banner-proper-outbrain.js?2111190533
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Nov 2021 10:33:12 GMT
server
cloudflare
age
2622
etag
W/"61977d68-1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=27
cf-ray
6cb6e6f7cd3f691f-FRA
cf-bgj
minify
the-shining-movie-snow-768x432.jpg
www.themarysue.com/wp-content/uploads/2020/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2020/12/the-shining-movie-snow-768x432.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c45faee55e744eb2befc2da3332a1f9ac341d139aed9d11b81fce36a2efbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Dec 2020 22:26:57 GMT
server
cloudflare
age
1246
etag
"5fe3c431-c342"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=49986, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f81de7691f-FRA
content-length
47942
cf-bgj
imgq:100,h2pri
station-eleven-kirsten-comic-book-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/station-eleven-kirsten-comic-book-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80eac18dfb0b66e5dcb184e0e43980693e693efdc50258487923b3a94f953916

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 22:14:20 GMT
server
cloudflare
age
4266
etag
"61d6183c-53c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=21449, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f81de9691f-FRA
content-length
20651
cf-bgj
imgq:100,h2pri
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
8d670ed5b8e199d0e9e6648a410c7dce93be0ae10ed1259f7ac75e47c3df5231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
promo-gossip.jpg
www.themarysue.com/wp-content/themes/m2019-tms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/images/promo-gossip.jpg?v=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
age
2275
cf-polished
origFmt=jpeg, origSize=3659
content-disposition
inline; filename="promo-gossip.webp"
content-length
3474
last-modified
Mon, 14 Oct 2019 15:08:43 GMT
server
cloudflare
etag
"5da48f7b-e4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6e6f81ded691f-FRA
cf-bgj
imgq:100,h2pri
email-decode.min.js
www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Jan 2022 15:17:54 GMT
server
cloudflare
etag
W/"61d5b6a2-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6cb6e6f80dd2691f-FRA
vary
Accept-Encoding
expires
Wed, 12 Jan 2022 15:22:41 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1106
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6cb6e6f868f85cb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 13 Jan 2022 15:22:41 GMT
v2hxy1I2DadD9_UqgflZCzeDduq1c01Waovlzw4IO3xzRl7hrwYLJWBwNH5vqt34i
superficialeyes.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2hxy1I2DadD9_UqgflZCzeDduq1c01Waovlzw4IO3xzRl7hrwYLJWBwNH5vqt34i
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
23aa569e3d78c44702c26913021359bdc197a5b92d92d3a81c6da87a667953f0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"49cedb19f92d60a4eddf497a56ed6958a26967635cee21095dafd7dbba7b3505"
vary
Accept-Encoding, Accept-Language
x-hostname
26187baf
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 10 Jan 2022 15:22:41 GMT
timing-allow-origin
*
themarysue.min.js
global.proper.io/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/themarysue.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55119bdeddc64e99c3807f7cad4fe107d3c5a12b0ad917ec281ae5a340922a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 23:35:44 GMT
server
cloudflare
age
1698209
etag
W/"61c264d0-67bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6cb6e6f8593b4a5b-FRA
expires
Mon, 10 Jan 2022 15:27:41 GMT
sp.js
dotesports.com/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dotesports.com/sp.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:93d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9cceef0655b024537abf9206db411c98bd619d11c85367545572595ac815d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cf-cache-status
HIT
age
326
cf-polished
origSize=71348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 25 Jun 2021 15:19:26 GMT
server
cloudflare
etag
W/"60d5f3fe-116b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6cb6e6f868424aaf-FRA
cf-bgj
minify
web-vitals.iife.js
unpkg.com/web-vitals@2.1.3/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@2.1.3/dist/web-vitals.iife.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.3/dist/web-vitals.iife.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4ccf2942489bb44fa7923b2cb00f6c5e41faad154c568903446f825507ad4c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
312945
fly-request-id
01FRRYWV8GMQGRJHFTDZW5FKCJ
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"112d-5fb1Z84a6BgN6nyOVQbUEi27EBM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6cb6e6f8caa54e8b-FRA

Redirect headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FS28YRGC9PSQBHKHSHY30KNE
server
cloudflare
age
407
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.3/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6cb6e6f849bf4e8b-FRA
access-control-allow-origin
*
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79bde0be9e7fd0079142bb8a0e3f8c32e5c0e7934d7257b783195b4da5995071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
raIYWmMwPAnjJRHo35fdPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
eL9vE0WOaMOqcVgv/VriqNWzkAU01qSnLM1H6glw1U0klUIpw21qp6RWH4nBZ31MRrVvfPzt+Y2QJo2/9q8yHQ==
x-fb-trip-id
917726464
x-fb-content-md5
24f67207e52a4b866e10f089d881e53b
x-frame-options
DENY
date
Mon, 10 Jan 2022 15:22:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"2e2a927ae7f8d82bc9e99d0908479666"
timing-allow-origin
*
expires
Mon, 10 Jan 2022 15:31:27 GMT
all.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=fbd090f3fc3e9582a5e5c6605260af39
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ce79c20d06e8bfdcbfa1d1e7385f63d71bd79afdab7a941433bb5091ff8d3d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
awhZRmnI4OXwH8zcF6iUig==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83519
x-fb-rlafr
0
x-fb-debug
WqqlsMVP/VLpewAgPNpzaPRKM0MjFC3OXhi83LNMCrTRkSjaQTqV7LdphJjN2kt7gIgV3GJXmltZpWQUOp7DBA==
x-fb-content-md5
5dacefcbd5f3f873e4e95a7fee571fca
x-frame-options
DENY
date
Mon, 10 Jan 2022 15:22:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2a1edf4872103351a84b2b3b5ec1a677"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 10 Jan 2023 15:08:36 GMT
liveView.php
live.primis.tech/live/ Frame 5CC1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
7acea219cb7b63627b89ba6ec72f2f14b305819741ea04d05e733e1e7cdcd226

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
fdc93167a818655607dcc0c8d40615ffc4f27de296bb95ffec37d1bf92fdedbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0227266e7f6a755f6edcdd4ced8e12f1fbed6f02e51e9ec2dfaba60bde53d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
1740243665408384086
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 15:22:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/ Frame 78AA 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 09 Jan 2022 16:07:35 GMT
expires
Sun, 23 Jan 2022 16:07:35 GMT
content-type
text/html; charset=UTF-8
etag
2196020943555189384
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4873
x-xss-protection
0
age
83706
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1295
date
Mon, 10 Jan 2022 15:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 10 Jan 2022 17:01:06 GMT
latest.js
global.proper.io/payloads/ 		413 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/themarysue.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df46046effa30ba22f79dbdd78ef028b6f4aa16b1544a74cd09d9780d8f2e8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Nov 2021 20:25:34 GMT
server
cloudflare
age
5767228
etag
W/"618441be-675d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6cb6e6f91ab44a5b-FRA
expires
Mon, 10 Jan 2022 15:27:41 GMT
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.95.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.95.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.themarysue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
x-cloud-trace-context
a58d307cbb0247c520574bbac4248b53
date
Mon, 10 Jan 2022 15:22:41 GMT
content-type
text/html
server
Google Frontend
content-length
0
via
1.1 google
alt-svc
clear
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: dotesports.com
URL: https://dotesports.com/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.95.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.95.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
23eee4332d3e9931679059d0bdaf2d22
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
liveView.php
live.primis.tech/live/ Frame B418 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
9dae1718fb696dd98f6a22b91672f05be01c312512e3a74be21aafd9d8592682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 5CC1 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:40 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 5CC1 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:40 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 5CC1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:41 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 5CC1 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:40 GMT
prebidVid.5.18.0_6.min.js
live.primis.tech/content/prebid/ Frame 5CC1 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:28:42 GMT
server
nginx
etag
W/"619b8cfa-7892b"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:40 GMT
liveVideo.php
live.primis.tech/live/ Frame 5CC1 		547 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
84ea58775b41062c7e837aeb0c2682959b40d7bfc2249339a4019e7edeb90d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
count.js
themarysue.disqus.com/
Redirect Chain
  • https://disqus.com/forums/themarysue/count.js
  • https://themarysue.disqus.com/count.js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
147
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 06 Jan 2022 22:09:51 GMT
Server
nginx
ETag
"61d768af-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
yIgI8ZhBv0xw5deS2HquTC7EZ8RNTPavalpyf-KkOgoBkjYcb9vCpQ==

Redirect headers

Date
Mon, 10 Jan 2022 15:22:41 GMT
Server
Varnish
Strict-Transport-Security
max-age=300; includeSubdomains
Location
https://themarysue.disqus.com/count.js
Cache-Control
public, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
count.js
themarysue.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
147
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 06 Jan 2022 22:09:51 GMT
Server
nginx
ETag
"61d768af-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
yIgI8ZhBv0xw5deS2HquTC7EZ8RNTPavalpyf-KkOgoBkjYcb9vCpQ==
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
13561687
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
MzsjnrMUmE-rotGW2rPccIep91Ut6ME14g8AsuLF5zYWPDRkOGup9g==
load.js
s.ntv.io/serve/ 		392 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/wp-content/themes/m2019-tms/js/min.js?2111190411
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-59.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3e6aee43ce232f5c967d532d699c8dd2366873b4a61a6d6cbebb3606174a4a61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:41 GMT
Content-Encoding
gzip
x-amz-request-id
E8WH76T0SFRR254Z
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
QYn6M/0t4O4VXsQ9wtwMXifLjzOhFXdooWNuRvj7AbGW7ZGwHm/FaV2U8GpFdRS5k/r/4GGT70w=
Last-Modified
Wed, 05 Jan 2022 23:08:18 GMT
Server
AmazonS3
ETag
"0de0bc397fd51514098ef13d672152b4"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2276
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6cb6e6f99e974e37-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 13 Jan 2022 15:22:41 GMT
riddler-cdc-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/01/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/riddler-cdc-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10adb91612cc57ef59c7648bec3d6233cb56bf7c36fa1f2dbe272ab1bb894ec3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 22:21:04 GMT
server
cloudflare
age
6242
etag
"61d619d0-66c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=26307, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f988f7691f-FRA
content-length
22617
cf-bgj
imgq:100,h2pri
oscar-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/oscar-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85787242bd88d0b4a05e0a38ecac59a2ebd32216b9f9e04a1939ca6c02254be2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 21:16:07 GMT
server
cloudflare
age
6242
etag
"61d60a97-7b57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=31575, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f988fe691f-FRA
content-length
23062
cf-bgj
imgq:100,h2pri
goblins-harry-potter-jon-stewart-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/goblins-harry-potter-jon-stewart-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d8fc43c27b7d662813c058fddb3b89757049d99d1457452758a88800ffd27cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 22:08:55 GMT
server
cloudflare
age
6242
etag
"61d616f7-3ff2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=16370, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f988ff691f-FRA
content-length
16089
cf-bgj
imgq:100,h2pri
woc-in-wonder-woman-review-circut-432x243.jpg
www.themarysue.com/wp-content/uploads/2020/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2020/12/woc-in-wonder-woman-review-circut-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9680b2d6c8f8067f79fbcced42415032d7717ea062f1f55a4e3bb0f0043e24c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2020 17:44:45 GMT
server
cloudflare
age
6242
etag
"5fda478d-5038"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=20536, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f988fd691f-FRA
content-length
19945
cf-bgj
imgq:100,h2pri
Mannequin-meme-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/Mannequin-meme-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5cda828fc0013a7ea47e3e851255258be9ae9cf2370d5af2916bdb9fec0576

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Jan 2022 14:55:31 GMT
server
cloudflare
age
1238
etag
"61dc48e3-6aa9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=27305, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f98901691f-FRA
content-length
26584
cf-bgj
imgq:100,h2pri
pjimage-2022-01-09T140048.510-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/pjimage-2022-01-09T140048.510-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0aa364c57a89e21cbac7b173cb9ca5a5cbe72cf6b2c0d613446f6e7284220d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 22:01:18 GMT
server
cloudflare
age
7134
etag
"61db5b2e-5838"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=22584, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f98903691f-FRA
content-length
22020
cf-bgj
imgq:100,h2pri
daniellebrooks-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/daniellebrooks-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ec14af51e485577a790275a456ae6849a31c4316070cf9bd367a603104d2ec5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 21:31:26 GMT
server
cloudflare
age
7134
etag
"61db542e-5e84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=24196, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f98905691f-FRA
content-length
16677
cf-bgj
imgq:100,h2pri
scream5-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/scream5-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24dbbc10ff72f8969701af960a1ddf24f4313c699018096d0b31d9904ab1132e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 20:18:42 GMT
server
cloudflare
age
6239
etag
"61db4322-4224"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=16932, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f98907691f-FRA
content-length
16393
cf-bgj
imgq:100,h2pri
affleck-batman-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/01/affleck-batman-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e14fa6032f55f3750b785d3538194e591ed060bd8355728cc8bc0c6b91f72b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Jan 2021 19:11:57 GMT
server
cloudflare
age
7134
etag
"6010697d-44dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=17629, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f98908691f-FRA
content-length
17115
cf-bgj
imgq:100,h2pri
pjimage-2021-04-25T133429.993-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/04/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/04/pjimage-2021-04-25T133429.993-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f2d7e0526e78c547cb135b82450b2559a1fe75e13e45c81792402c26aac3de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Apr 2021 20:34:41 GMT
server
cloudflare
age
7134
etag
"6085d261-622e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=25134, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f98909691f-FRA
content-length
24437
cf-bgj
imgq:100,h2pri
office-space1-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/06/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/06/office-space1-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6099b3eb651980b598379233f054c2ec5b6ab88137b4a6cf9bcd3b9ab9f50f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2021 18:23:07 GMT
server
cloudflare
age
4429
etag
"60c64d0b-4000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=16384, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f9993e691f-FRA
content-length
16235
cf-bgj
imgq:100,h2pri
encanto-mirabel-felix-augustin-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/encanto-mirabel-felix-augustin-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38191cdc172275927524007a8754c10ebce00a30164d612315339e67163dcc6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Jan 2022 18:33:27 GMT
server
cloudflare
age
6239
etag
"61d88777-7a28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=31272, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f9993f691f-FRA
content-length
26562
cf-bgj
imgq:100,h2pri
the355-1-432x243.jpg
www.themarysue.com/wp-content/uploads/2020/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2020/10/the355-1-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8b77ac9fc036f206d787696fafc9f9a1debd05bd97b4cf92a8cd76be7bb0de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Oct 2020 17:57:48 GMT
server
cloudflare
age
6239
etag
"5f7cb01c-5915"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=22805, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f99940691f-FRA
content-length
22133
cf-bgj
imgq:100,h2pri
antony-starr-homelander-the-boys-season-3-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/antony-starr-homelander-the-boys-season-3-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5fe3057aa6dcd8b0d0b5a451a738a0ebc998f888e06e8413b0782a22413d4c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Jan 2022 20:42:12 GMT
server
cloudflare
age
6239
etag
"61d8a5a4-3a3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=14909, status=webp_bigger
accept-ranges
bytes
cf-ray
6cb6e6f99941691f-FRA
content-length
14603
cf-bgj
imgq:100,h2pri
TMS-Newsletter-promo-1.27.20.png
am22.mediaite.com/tms/cnt/uploads/2021/10/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am22.mediaite.com/tms/cnt/uploads/2021/10/TMS-Newsletter-promo-1.27.20.png
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d861557eb9ebf623f534bda4f9524c02b1533bb40b086f9c4873cc7e6265b7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
cf-cache-status
HIT
age
459883
content-length
140591
pragma
public
last-modified
Tue, 26 Oct 2021 22:54:11 GMT
server
cloudflare
etag
"61788713-2252f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6cb6e6f9d8f04eb5-FRA
expires
Wed, 12 Jan 2022 07:37:57 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 17 Jan 2022 15:22:41 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame B418 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:40 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame B418 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:40 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame B418 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:41 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame B418 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:40 GMT
prebidVid.5.18.0_6.min.js
live.primis.tech/content/prebid/ Frame B418 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:28:42 GMT
server
nginx
etag
W/"619b8cfa-7892b"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 10 Jan 2023 15:22:40 GMT
liveVideo.php
live.primis.tech/live/ Frame B418 		548 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1641828161&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
230fde7e009c89d5201e982ac3621e29842e1aef473434d64a0d3c8954be30cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=418160425&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1831179477&gjid=778814903&cid=479152982.1641828162&tid=UA-21433528-1&_gid=284248088.1641828162&_r=1&gtm=2ou150&z=375970478
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=418160425&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=479152982.1641828162&tid=UA-21433528-1&_gid=284248088.1641828162&gtm=2ou150&z=1356295291
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 08:21:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25253
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
count-data.js
themarysue.disqus.com/ 		907 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=565082%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D565082&1=566422%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566422&1=566469%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566469&1=566472%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566472&1=566480%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566480&1=566573%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566573&1=566574%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566574&1=566598%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566598&1=566613%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566613&1=566620%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566620
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9cae44a5899e97f4c5969c101f1566ad5e1a3ca8fcaff50d2b4c2887c320d59c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:41 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
633
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
907
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		905 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=566634%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566634&1=566635%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566635&1=566640%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566640&1=566643%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566643&1=566645%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566645&1=566647%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566647&1=566650%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566650&1=566678%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566678&1=566716%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566716&1=566719%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566719
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea0beac43de8bc019880d83c4c3767e2ce6a27123f1842102186b41d5b52e22f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:41 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
633
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
905
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		626 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=566721%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566721&1=566723%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566723&1=566726%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566726&1=566729%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566729&1=566732%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566732&1=566737%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566737
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
672adcd6d8978f5cc162c211792c390769c89d9be11af99188047240048d954b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:41 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
633
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
626
X-XSS-Protection
1; mode=block
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:37:55 GMT
content-encoding
gzip
age
2689
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 22:03:49 GMT
server
AmazonS3
etag
W/"ebff52074a206856b4f1993710373d93"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YsVOtp5QlbmvFQZe2PBcstSHhgOOEs6rbmLzx6oQT1b9YhvakeR0nA==
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5CC1 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding
gzip
etag
1e39d25f07f5619925357b752ab10d04
age
628
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1N5660MRJCVXZ7J6PY16
date
Mon, 10 Jan 2022 15:12:19 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
htNHuKK24UaX6MiPRMoM8XrGD2diAKkMzSsGqti2WXrKtPbI-xz0TQ==
css
fonts.googleapis.com/ Frame 4BBD 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:05:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:22:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:22:41 GMT
css
fonts.googleapis.com/ 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:05:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:22:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:22:41 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D72 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=149178
expires
Wed, 12 Jan 2022 08:48:59 GMT
date
Mon, 10 Jan 2022 15:22:41 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 57ED
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:22:40 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 10 Jan 2022 15:22:41 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
X-fe
24
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame E488 		43 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Mon, 10 Jan 2022 15:22:41 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame CDB2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
bd1e679461909bf647b2e10e9941278ce2e9e008c2c6db5caf4863ebf4627cca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

Server
VertaMedia 1.0
Date
Mon, 10 Jan 2022 15:22:41 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
854
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 5CC1 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmOGM4YwRyMDplMwA3MwtjNwUlLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NwM3JaZcZF9wo250ZW50X2Ryp2M9VGuyK0qio2QeUGkuY2UeUG9xY2FmqCgDoGyjK0NbLvflNlUlRwI4Kl0eSzFgZWVfYSgKYW1coCguozQeSzVhK1N0YXRmn3xzqzyxX2NioaRyoaRsqGy0oGU9VGuyK0qio2QeUGkuY2UeUG9xY2FmqCgDoGyjK0NbLvflNlUlRwI4Kl0eSzFgZWVfYSgKYW1coCguozQeSzVhK1N0YXRmn3xzqzyxX2NioaRyoaRsZHVlYXRco249MTMlJzRyYaVaSW5zo3JgYXRco249Jat9MmAjJax9MwUjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWRwNGY0MTYkYzU2JzNvqXN0ZXI9MTY0MTtlODE2MTY4NSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c332349100e41dab1e7e159c6709730e4fac9c324e61c81432f641cc61ca3f37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
4407
chunklist_480.m3u8
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/ 		839 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
8c94b64ed2663171b5f9fcb0984f85c668ec6ca9282e95614a350ca60e29335a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
839
last-modified
Tue, 16 Nov 2021 10:54:33 GMT
server
Tengine
etag
"789147f1d6e65dc4697dd7764a638657"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
Jd9Ulnr2ouwR2P6ARrsiqcJDrUbNZ37SvwUNn4UVczvQpPac40aDOw==
expires
Mon, 24 Jan 2022 15:22:41 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0MTtlODE2MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nl4jLwQ2OTIhNmEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkZGM0ZwQkNwFvZTYzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0MTtlODE2MTY3OCZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWRwNGY0MTqxYzUlJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 5CC1 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 5CC1
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=93&advUuid=ff405bc7-70ed-483e-aef0-a39695eed93b
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=93&advUuid=ff405bc7-70ed-483e-aef0-a39695eed93b
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=93&advUuid=ff405bc7-70ed-483e-aef0-a39695eed93b
date
Mon, 10 Jan 2022 15:22:41 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 5CC1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=99&advUuid=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=99&advUuid=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=99&advUuid=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 10 Jan 2022 15:22:41 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 5CC1
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=12148450581790859240&advId=121&advUuid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
143.204.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-75.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
cache-control
no-store
content-type
text/html; charset=utf-8
sync.php
pixel.rubiconproject.com/exchange/ Frame 5CC1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 5CC1
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61dc4f4161be6%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=105&advUuid=4891557269792591769
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=105&advUuid=4891557269792591769
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
911c4b06-a7ad-4e08-b175-ebe7fb70c7d8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f4161be6&pixel=&advId=105&advUuid=4891557269792591769
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid61938c8b4e072207280652.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.jpg?cbuster=1637059917
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
590d8903c8f030db7ecbbc44266ec1ac30407c511d3da171db7cfd50256f7f46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 10:53:22 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"aeae4ad1f690f762ae3f9465cc039894"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:41 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
10466
x-amz-cf-id
sKQsl9mg8IF7DuFmxW4arDnd-3XSuER1qRArm-qoVTYo7E1DL9A_Aw==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame 5CC1 		25 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmOGM4YwRyMDplMwA3MwtjNwUlLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NwM3JaZcZF9wo250ZW50X2Ryp2M9VGuyK0qio2QeUGkuY2UeUG9xY2FmqCgDoGyjK0NbLvflNlUlRwI4Kl0eSzFgZWVfYSgKYW1coCguozQeSzVhK1N0YXRmn3xzqzyxX2NioaRyoaRsqGy0oGU9VGuyK0qio2QeUGkuY2UeUG9xY2FmqCgDoGyjK0NbLvflNlUlRwI4Kl0eSzFgZWVfYSgKYW1coCguozQeSzVhK1N0YXRmn3xzqzyxX2NioaRyoaRsZHVlYXRco249MTMlJzRyYaVaSW5zo3JgYXRco249Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWRwNGY0MTYkYzU2JzNvqXN0ZXI9MTY0MTtlODE2MTpkMSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed6ea6756aa83b3ba38eabb7db0a52a388d7237f142ca7971a531fc574e7ea6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3883
liveView.php
live.primis.tech/live/ Frame 5CC1 		25 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmOGM4YwRyMDplMwA3MwtjNwUlLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NwM3JaZcZF9wo250ZW50X2Ryp2M9VGuyK0qio2QeUGkuY2UeUG9xY2FmqCgDoGyjK0NbLvflNlUlRwI4Kl0eSzFgZWVfYSgKYW1coCguozQeSzVhK1N0YXRmn3xzqzyxX2NioaRyoaRsqGy0oGU9VGuyK0qio2QeUGkuY2UeUG9xY2FmqCgDoGyjK0NbLvflNlUlRwI4Kl0eSzFgZWVfYSgKYW1coCguozQeSzVhK1N0YXRmn3xzqzyxX2NioaRyoaRsZHVlYXRco249MTMlJzRyYaVaSW5zo3JgYXRco249Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWRwNGY0MTYkYzU2JzNvqXN0ZXI9MTY0MTtlODE2MTpkMSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
0bb5daf3e21b8b835fa819df2db948ea039dc04f14d1a2bfe502df59136a3847

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3884
liveView.php
live.primis.tech/live/ Frame 5CC1 		40 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmOGM4YwRyMDplMwA3MwtjNwUlLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NwM3JaZcZF9wo250ZW50X2Ryp2M9VGuyK0qio2QeUGkuY2UeUG9xY2FmqCgDoGyjK0NbLvflNlUlRwI4Kl0eSzFgZWVfYSgKYW1coCguozQeSzVhK1N0YXRmn3xzqzyxX2NioaRyoaRsqGy0oGU9VGuyK0qio2QeUGkuY2UeUG9xY2FmqCgDoGyjK0NbLvflNlUlRwI4Kl0eSzFgZWVfYSgKYW1coCguozQeSzVhK1N0YXRmn3xzqzyxX2NioaRyoaRsZHVlYXRco249MTMlJzRyYaVaSW5zo3JgYXRco249Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWRwNGY0MTYkYzU2JzNvqXN0ZXI9MTY0MTtlODE2MTpkMvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f4161be6&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
bfb422fe58ef270d4fd0368480898ca3fe02a624b4e41a835ee33b699d669d50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
5320
apstag.js
c.amazon-adsystem.com/aax2/ Frame B418 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding
gzip
etag
1e39d25f07f5619925357b752ab10d04
age
628
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1N5660MRJCVXZ7J6PY16
date
Mon, 10 Jan 2022 15:12:19 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
b3N1wilQ2L5X6qVoduLWQT9mvuh4C8F-QGfDFI0jSRqjPyJbnQtJfw==
css
fonts.googleapis.com/ Frame 1C68 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:05:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:22:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:22:41 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 13:54:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:22:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:22:41 GMT
sync
x.bidswitch.net/ Frame B418 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB6C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=149178
expires
Wed, 12 Jan 2022 08:48:59 GMT
date
Mon, 10 Jan 2022 15:22:41 GMT
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame B418
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=12148450581790859240&advId=121&advUuid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
143.204.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-75.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
cache-control
no-store
content-type
text/html; charset=utf-8
sync.php
pixel.rubiconproject.com/exchange/ Frame B418 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 5A36
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:22:41 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 10 Jan 2022 15:22:41 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=94&advUuid=27266149-7229-11ec-aa4c-1a7ccaea0306
X-fe
38
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 670F 		43 B
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Mon, 10 Jan 2022 15:22:41 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame 1685 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
3cac6419ab04f9ee52dc1f2eb7528ce32f765bb34fa8e3e224b83405ec80c7bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

Server
VertaMedia 1.0
Date
Mon, 10 Jan 2022 15:22:41 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
849
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame B418 		25 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZWU1MWQ1NTI0MmY5ODY5NwEmLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3NDEkJaZcZF9wo250ZW50X2Ryp2M9V0qBK0F3YXJxplflMDE3JTNBK0RBVxyEK0uBUxJPVVIzqzyxX2NioaRyoaRsqGy0oGU9V0qBK0F3YXJxplflMDE3JTNBK0RBVxyEK0uBUxJPVVIzqzyxX2NioaRyoaRsZHVlYXRco249MTM3JzRyYaVaSW5zo3JgYXRco249Jat9MmAjJax9MwUjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWRwNGY0MTp4NTyuJzNvqXN0ZXI9MTY0MTtlODE2MTp5MlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c7446458448ebfa160267ccd8ef25445162337066d42359a33b46542a606d616

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
4810
chunklist_480.m3u8
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/ 		872 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
093e113d0b31988bff87427756f4eba991ba841569e2eeba9cb3fac10ef59b48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 312b9f49a05a10af1e6462e1c59bae9b.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
872
last-modified
Mon, 15 Nov 2021 23:51:32 GMT
server
Tengine
etag
"e1f42b3c32aab668a784da495c0abf65"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
Ua_EDByKKiEK5xQcopKxibYQDknDJvqm4Mh2U8mNjSiysVrot2ikjg==
expires
Mon, 24 Jan 2022 15:22:41 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0MTtlODE2MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nl4jLwQ2OTIhNmEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkZGM0ZwQkNmt1OWEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0MTtlODE2MTp4NvZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWRwNGY0MTuvMzMkJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:40 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveCS.php
live.primis.tech/live/ Frame B418
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=93&advUuid=ca175af0-ee6c-4952-bd3a-c3fdc2f727b9
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=93&advUuid=ca175af0-ee6c-4952-bd3a-c3fdc2f727b9
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=93&advUuid=ca175af0-ee6c-4952-bd3a-c3fdc2f727b9
date
Mon, 10 Jan 2022 15:22:41 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame B418
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=99&advUuid=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=99&advUuid=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=99&advUuid=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 10 Jan 2022 15:22:41 GMT
liveCS.php
live.primis.tech/live/ Frame B418
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f417859a%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61dc4f417859a%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=105&advUuid=4891557269792591769
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=105&advUuid=4891557269792591769
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9b9e95a7-7663-4285-9d1c-302eb8854b19
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61dc4f417859a&pixel=&advId=105&advUuid=4891557269792591769
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid6192ee51d5524369869613.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.jpg?cbuster=1637019940
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
ad2433c5b91ef4e812b11a59b299cd988a427b27a8927dba48086f4acc05fff5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 319f376925908156190f5fc160137b43.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 23:46:36 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"32a7d84ebb10eb210c3fc82767b59d0c"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:41 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
17809
x-amz-cf-id
edCWda44w0qhaBLNwGO0hIzjeZIHI2hV8VdXIhtJle4GdkeYcKfyQQ==
x-proxy-cache
HIT
t
jadserve.postrelease.com/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.themarysue.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
0d79fd3d1033cb51c92447ca53facd3f87d7a28e8cac7055094c23920f129bf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
3165
expires
Mon, 1 Jan 1990 12:00:00 GMT
liveView.php
live.primis.tech/live/ Frame B418 		25 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZWU1MWQ1NTI0MmY5ODY5NwEmLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3NDEkJaZcZF9wo250ZW50X2Ryp2M9V0qBK0F3YXJxplflMDE3JTNBK0RBVxyEK0uBUxJPVVIzqzyxX2NioaRyoaRsqGy0oGU9V0qBK0F3YXJxplflMDE3JTNBK0RBVxyEK0uBUxJPVVIzqzyxX2NioaRyoaRsZHVlYXRco249MTM3JzRyYaVaSW5zo3JgYXRco249Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWRwNGY0MTp4NTyuJzNvqXN0ZXI9MTY0MTtlODE2MTtlNlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
faebe75c664887c36b6ae7384255e7cb5b34f393568fac001f993d26363b3f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3887
liveView.php
live.primis.tech/live/ Frame B418 		25 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZWU1MWQ1NTI0MmY5ODY5NwEmLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3NDEkJaZcZF9wo250ZW50X2Ryp2M9V0qBK0F3YXJxplflMDE3JTNBK0RBVxyEK0uBUxJPVVIzqzyxX2NioaRyoaRsqGy0oGU9V0qBK0F3YXJxplflMDE3JTNBK0RBVxyEK0uBUxJPVVIzqzyxX2NioaRyoaRsZHVlYXRco249MTM3JzRyYaVaSW5zo3JgYXRco249Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWRwNGY0MTp4NTyuJzNvqXN0ZXI9MTY0MTtlODE2MTtlOCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
ca8e9d60c5e086a57199aa751e54f7645d2cbe4136b7d31ef49ee956604e6dea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3888
liveView.php
live.primis.tech/live/ Frame B418 		25 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZWU1MWQ1NTI0MmY5ODY5NwEmLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3NDEkJaZcZF9wo250ZW50X2Ryp2M9V0qBK0F3YXJxplflMDE3JTNBK0RBVxyEK0uBUxJPVVIzqzyxX2NioaRyoaRsqGy0oGU9V0qBK0F3YXJxplflMDE3JTNBK0RBVxyEK0uBUxJPVVIzqzyxX2NioaRyoaRsZHVlYXRco249MTM3JzRyYaVaSW5zo3JgYXRco249Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTMjNUYmMTM3N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWRwNGY0MTp4NTyuJzNvqXN0ZXI9MTY0MTtlODE2MTtlOSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31305F31377D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=217.114.215.133&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61dc4f417859a&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
16fb437d5b1222c957b5aed4c451f469374789bd87527bdff66c62aa748858b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
4817
web
onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d44c371fdfecd4b7eb1e994e893e18cf7175c94ee7a0a52180e46a4c7b981c60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
597
cf-polished
origSize=3421
status
200 OK
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a7d1a9ba-39bb-44b1-b399-c9559dda35f9
x-runtime
0.020542
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"c82f53d4fcc70b2f1518c96258e1e6bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6cb6e6fba86a5cb0-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 10 Jan 2022 16:22:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 01:54:06 GMT
x-content-type-options
nosniff
age
480515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 01:54:06 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 5CC1 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.208.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-208-72.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
avjp
primis-d.openx.net/v/1.0/ Frame 5CC1 		106 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6e717ced-1f71-4e0d-bed0-1cb1661d832d&nocache=1641828161937&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C29569%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=720&vht=405&aumfs=2400
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 google
server
OXGW/17.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 5CC1 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 10 Jan 2022 15:22:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwQkODI4MTYkJaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY3ODI4NwQzrD03MwAzrT00MDUzoXN0YT0kNwt4OTA3NvZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nl4jLwQ2OTIhNmEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkZGM0ZwQkNwFvZTYzpaZhPSR7VyBsUyZOX01BQ1JPsSZuqHRyoXB0TXVfqGyjoGyypw0lMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQkODI4MTYkOTI4JaVcZD1TZWgcozRiU1BfYXyypwYkZGM0ZwQkN2RvZTIzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwQkODI4MTYkJaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY3ODI4NTpzrD03MwAzrT00MDUzoXN0YT0kNwt4OTA3NvZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nl4jLwQ2OTIhNmEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkZGM0ZwQkNwFvZTYzpaZhPSR7VyBsUyZOX01BQ1JPsSZuqHRyoXB0TXVfqGyjoGyypw0lMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQkODI4MTYkOTI4JaVcZD1TZWgcozRiU1BfYXyypwYkZGM0ZwQkN2RvZTIzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:40 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
vid61938c8b4e072207280652_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		877 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652_thumb.jpg?cbuster=1637059917
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
6829e036a70ec0db65da1037d5308787bcd3a8d4b4f891949c8189ca62435c85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 10:53:23 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"4eef3c7380642564c60729bf1580f7c4"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:41 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
877
x-amz-cf-id
tOsX8UqdvHTUleIdLqm2TDciL5IKvnllSz2ODOmM70m8DyaWVyD2rQ==
x-proxy-cache
HIT
vid6192e30186e31144925064_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192e30186e31144925064_thumb.jpg?cbuster=1637016982
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
30b582e9bfdbf0af2563f1220ace33de65ad5f1b73d0a0542ffd9c02788cf2be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 22:56:58 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"4b1ee2f4006359616ae4eb451186ee4a"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:41 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2800
x-amz-cf-id
euBQxNsMBdunZ6QTosS6hvhx4fvwYLmM0fTErLssP7EgMDfxMYcHiA==
x-proxy-cache
HIT
vid6192e59ba6733810325426_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192e59ba6733810325426_thumb.jpg?cbuster=1637017576
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
df4f3632c137908c059c07c2f89bec5c6ceb2ff174924664909fd6baafe2a629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 52c7de80c6ff92b7b540ab39e3ca1184.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 23:07:16 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"ba08f298fe0cca8ad48a60c03787a09b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:41 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2699
x-amz-cf-id
-HTWmhcivBVRrXE9C3AxgHEdnd2EYypbH-D6O5L9GnHaxgxRz9TzqA==
x-proxy-cache
HIT
vid6192e7fb0def4318249879_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192e7fb0def4318249879_thumb.jpg?cbuster=1637018233
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
e5e90f6bf5f177fe87400da87543d9972babd6045132e7feec88972f0d05c9dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 23:23:35 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"430856c8ad0263eaf1566300926d5e44"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:41 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2878
x-amz-cf-id
yMCM9eqDdqC-KEcuygNsNjizJpJp2RBH0Sw2CzJ29qPoEr8ZAhxCBg==
x-proxy-cache
HIT
vid61938d5da5e05742777706_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61938d5da5e05742777706_thumb.jpg?cbuster=1637060422
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
78bf02bd396cfa1ac64341a6bdc2b1ecd70e3c93dfe83bb454b35bc010597f13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 312b9f49a05a10af1e6462e1c59bae9a.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 11:00:57 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"a599cd71614c4ed3376dbee505ae6e2e"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:41 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1408
x-amz-cf-id
41TGcJJqfw7aggZl92USUqCP4WCxOr7zzvzHhQwHdJUQJhEAD8XcIQ==
x-proxy-cache
HIT
vid6193777468ac3736249471_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6193777468ac3736249471_thumb.jpg?cbuster=1637055365
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
dca0cb53d70088aa4136f2414930436e0d4057b270db1f025b5dca1039ecdfe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 32f0eb698e97ecf6204fd04046b31899.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 09:36:55 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"ac155e5d1a5168355ad1e1658653848b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:41 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2849
x-amz-cf-id
kLFzEksWdTrQNvRIzGClbtExEtFfewLovrh0m-0t9Ymfpd-sXwv7Ng==
x-proxy-cache
HIT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4BBD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 01:54:06 GMT
x-content-type-options
nosniff
age
480515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 01:54:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
20af33c0be89d14f2c17b03eb08dcaef47071286a3cb150c88274b5689732615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26885
x-xss-protection
0
server
sffe
etag
"1097 / 586 of 1000 / last-modified: 1641807633"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 10 Jan 2022 15:22:42 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Ddd24c2a7-4c9a-4d82-b6fd-74963291b292%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Ddd24c2a7-4c9a-4d82-b6fd-74963291b292%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=dd24c2a7-4c9a-4d82-b6fd-74963291b292&uid=882d9602-03ab-41de-998c-a69650e57f72
183 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=dd24c2a7-4c9a-4d82-b6fd-74963291b292&uid=882d9602-03ab-41de-998c-a69650e57f72
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
348aa2266f5811ad475710a8f767e364ffecd6b5144e9a78e71943c6fcf7b9db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=dd24c2a7-4c9a-4d82-b6fd-74963291b292&uid=882d9602-03ab-41de-998c-a69650e57f72
Date
Mon, 10 Jan 2022 15:22:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_dfbd3af8_08deb1ed_2
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_dfbd3af8_08deb1ed_2&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-K8OE.WRE2uEB4PmGxkpajZhiilOmIlwz~A
151 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-K8OE.WRE2uEB4PmGxkpajZhiilOmIlwz~A
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
88b822a554ba7ebeea1333dc38d31b3bac6dc879475f6e207f863f86412c6c8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.18.0
content-length
151
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-K8OE.WRE2uEB4PmGxkpajZhiilOmIlwz~A
date
Mon, 10 Jan 2022 15:22:42 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
445.json
id5-sync.com/g/v2/ 		213 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.198 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p20.id5-sync.com
Software
/
Resource Hash
614c848c1269c2ca7eb2f322a094bd4d7f598c5f561942184243649856737683
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Mon, 10 Jan 2022 15:22:41 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.sharedid.org/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.145.70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-145-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Jan 2022 15:22:42 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: dotesports.com
URL: https://dotesports.com/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.95.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.95.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
73ae35221ae76107c68be54d1631212e
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.95.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.95.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.themarysue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
x-cloud-trace-context
dce9882b340fc62f5b64ced4005c2491
date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
server
Google Frontend
content-length
0
via
1.1 google
alt-svc
clear
w_480_00000.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/ 		387 KB
387 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
72418fbda5f979af0f00665feccbbbfbe6fbb5121cb88560073c493becdaee1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
395928
last-modified
Tue, 16 Nov 2021 10:54:33 GMT
server
Tengine
etag
"f8bcc9f91d61827e50fcb39b797e6f88"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
QZqPnGi66wx9L1pngwOHim0rC1O5jCTXG1ACE7YcUV2d49PxPC4-UQ==
expires
Mon, 24 Jan 2022 15:22:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 01:54:06 GMT
x-content-type-options
nosniff
age
480516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 01:54:06 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.themarysue.com&callback=_gfp_s_&client=ca-pub-9356934496955375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2d757de68eae79256c48c2080123ba6bd7da67035cf07393e12b986f541e2f32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1C68 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 01:54:06 GMT
x-content-type-options
nosniff
age
480516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 01:54:06 GMT
integrator.js
adservice.google.se/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.themarysue.com%2F&tn=DIV&id=skin&cls=proper-ad-unit&ign=false&pw=1600&ph=1200&x=0&y=139.2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 28C2 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9356934496955375&output=html&adk=522671305&adf=1178619241&lmt=1641828162&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641828161425&bpp=3&bdt=209&idt=617&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8457917808720&frm=20&pv=2&ga_vid=479152982.1641828162&ga_sid=1641828162&ga_hid=418160425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1159412243048153&pem=764&tmod=979&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=645
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 10 Jan 2022 15:22:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
private
vid6192ee51d5524369869613_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613_thumb.jpg?cbuster=1637019940
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a914a37d097aba12202f68b9937d2e620b4fa3667a6cf81accd54e8920fa5257

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 23:46:38 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"1eab1ae3bb045a4623f5b61778c17fd7"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:42 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3124
x-amz-cf-id
kQra3yozSYDdoOQte3CUn46pWat2uuQ5_73H16vbVMJlgbivI01jAA==
x-proxy-cache
HIT
vid6193926898337253563781_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6193926898337253563781_thumb.jpg?cbuster=1637062448
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
68ed51b373caad0b18f95fbe8802c009b09da72191fbd56a3b99a1b7ec5d992a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 11:36:03 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"d97bf8ee93e62418f66a96b7f1107403"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:42 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3394
x-amz-cf-id
sXGqjCZvDaPUlneF-jiGFq6tTCZVY9aAxOuxmZXnNF1nnOSHJ6D36g==
x-proxy-cache
HIT
vid6193821c72d3b115576273_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6193821c72d3b115576273_thumb.jpg?cbuster=1637057244
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
9c2603e1c4e75d210896f2e40f940e1cd05958e7f831d87624a7d592c614d01f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 10:08:05 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"06e50a8827f2a3e3ae4ba9149e56ce9d"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:42 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2441
x-amz-cf-id
5yyACNSIwl-nQXF4AjcGYwbw-JK43oAnJx453YHZqAmRdz9VAI_z4A==
x-proxy-cache
HIT
vid6193973f9c9f4550254391_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6193973f9c9f4550254391_thumb.jpg?cbuster=1637063143
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
66db628dd87aa81737fe5c3ca8c7a32b478375e4993379031bb1f98eae8eb3e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 c3e656776c8a9f0e1ea24405ab1dcc84.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 11:46:34 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"c06102850d246889763eb702c90ee9f8"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:42 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3370
x-amz-cf-id
hRWXnvR61rQ5n94XGeqg0mkZ9mcJSFgdpVE-rV3TrgyzN5jjBJJP2Q==
x-proxy-cache
HIT
vid6192f1277098d113458440_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192f1277098d113458440_thumb.jpg?cbuster=1637020711
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
85e581f45acdc3396cef8ee7c6698441bfa26e191de83219b6870ef463a38979

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 23:59:31 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"979296689cbbc6dbc25afc95e43f8fb9"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:42 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3164
x-amz-cf-id
GxX7WFcCVTEpsveCoZP3-ZgUJPAov1pl-DGk5f7ohSocP55Gzhm-JA==
x-proxy-cache
HIT
vid61937399253a1916536397_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61937399253a1916536397_thumb.jpg?cbuster=1637053640
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
4a10238b0c05e889db1b59baa6e7057d6a386538445dd0eee1e33b0aac23ac02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 312b9f49a05a10af1e6462e1c59bae9a.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 09:07:51 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"28c1a8dac3b712237dc8a8885c100d7b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:42 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1823
x-amz-cf-id
Z5dMCPjOUao_4tt3LC7yhiAsnDzl9-R9AwakXt7cidNo0h5ZzaAP6w==
x-proxy-cache
HIT
v2duf4r0XzzD6ZFp7CoFmghOSti2yYXsNiEGj4s-ofNAWx1nLy9YTk20B2J7tbUmb1BN3xz1f_yeikOaSYw
superficialeyes.com/ 		209 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2duf4r0XzzD6ZFp7CoFmghOSti2yYXsNiEGj4s-ofNAWx1nLy9YTk20B2J7tbUmb1BN3xz1f_yeikOaSYw
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2hxy1I2DadD9_UqgflZCzeDduq1c01Waovlzw4IO3xzRl7hrwYLJWBwNH5vqt34i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
85ee585a920c17249cd63c187533d29762c90834525f420b4bf2924abb28410e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 10 Jan 2022 15:22:42 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
26187baf
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Mon, 10 Jan 2022 15:22:41 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5CC1 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
47533
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
date
Mon, 10 Jan 2022 02:10:30 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0m50NIpyFJUUVO1VVpB4vm0-djZiFWiuQeXy4lCr7Qki3vhudcY2Lg==
3129ccb0-c31b-4d44-8a1f-a364a0897614
https://www.themarysue.com/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.themarysue.com/3129ccb0-c31b-4d44-8a1f-a364a0897614
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
xhr
pre.ads.justpremium.com/v/2.0/t/ 		44 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1641828162120
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.49.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-49-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7961a1433b796f1546f9e9c53ce2bfbaa7c91742773edad8d9fa5ddf71898f0a

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6hyebUJszkf3PkJLaMDzyhiq&bidId=6hyebUJszkf3PkJLaMDzyhiq&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=dd24c2a7-4c9a-4d82-b6fd-74963291b292&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 10 Jan 2022 15:22:42 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=dESAilA5HXF6Rz4cOVKZ8zRA&bidId=dESAilA5HXF6Rz4cOVKZ8zRA&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=dd24c2a7-4c9a-4d82-b6fd-74963291b292&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 10 Jan 2022 15:22:42 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=QxTtv6aap0y632t3ocsEAT7O&bidId=QxTtv6aap0y632t3ocsEAT7O&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=dd24c2a7-4c9a-4d82-b6fd-74963291b292&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 10 Jan 2022 15:22:42 GMT
access-control-allow-credentials
true
vary
Origin
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1641828162122&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F&measurable=true&property=61aea1e3e80a27001e1bcc49&bids[0][bidId]=themarysue_728x90-1&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[1][bidId]=themarysue_160x600-1&bids[1][sizes][0][width]=160&bids[1][sizes][0][height]=600&bids[2][bidId]=themarysue_160x600-2&bids[2][sizes][0][width]=160&bids[2][sizes][0][height]=600&bids[3][bidId]=themarysue_300x250-1&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[4][bidId]=themarysue_300x250-2&bids[4][sizes][0][width]=300&bids[4][sizes][0][height]=250&bids[5][bidId]=themarysue_300x250-3&bids[5][sizes][0][width]=300&bids[5][sizes][0][height]=250&bids[6][bidId]=themarysue_300x600-1&bids[6][sizes][0][width]=300&bids[6][sizes][0][height]=600&bids[7][bidId]=themarysue_300x600-2&bids[7][sizes][0][width]=300&bids[7][sizes][0][height]=600&foo
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-91-80.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f6de3e2f72ef1f9675697454712d363127ff798aa79d20d81f30512d66dc5235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
x-powered-by
Express
etag
W/"38-N9PUZs2euoI/sE9QFkFMPrXZVGw"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.18.0&cb=88869594128&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
arj
propermedia-d.openx.net/w/1.0/ 		73 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=300x600%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%7C300x250%7C728x90%2C970x90&auid=551036772%2C551036773%2C551036774%2C551036775%2C551036776&aumfs=100%2C100%2C100%2C100%2C100&dddid=30629047-abe8-4fb7-ae9a-222fcd1da29d%2C8bcc90af-7a8d-47b8-b6b0-4889e361289b%2Ca1589b2f-1ac0-44bd-b15c-2e588b00347b%2C94556075-52e6-4b42-b4a8-070ed4b6998a%2C959f7a81-b9c2-4611-8f45-626066d75c19&divIds=openx-cf45c512-27e4-4af7-ba29-52f9e11d3ad9%2Copenx-caa004d8-1523-4cbf-b20b-25f2d48b97f2%2Copenx-5506d4ea-8858-471d-8dee-b61a04bcc12a%2Copenx-cac424b5-9303-4f27-a442-d30ce3ba6acd%2Copenx-6e964687-7073-417f-91a0-d291bf7fb5bc&be=1&bc=hb_pb_3.0.1&nocache=1641828162123&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&_pubcid=dd24c2a7-4c9a-4d82-b6fd-74963291b292
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
ed20c8dbf8897c2e6f737f7ec114a1c29fded0bf3d3012d226834f221060105a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cbc81bea578440658201addaa172f02601e0f466c3fd86c756b739c9e7882388
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
93860560-d2ab-48da-b0b0-3d6cd8270003
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		282 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228a311db38ba15aa6aa75%22%3A%228a311db38ba15aa6aa75%7C728x90%7C0.1%22%2C%22209775575b35341aca88%22%3A%22209775575b35341aca88%7C160x600%7C0.1%22%2C%223b3718792ba43287996a%22%3A%223b3718792ba43287996a%7C160x600%7C0.1%22%2C%22c2cb660426b08c6c338d%22%3A%22c2cb660426b08c6c338d%7C300x250%7C0.1%22%2C%22c79143fd09a5a4fe39d1%22%3A%22c79143fd09a5a4fe39d1%7C300x250%7C0.1%22%2C%22c19a3bac825004343486%22%3A%22c19a3bac825004343486%7C300x250%7C0.1%22%2C%22de684bf25025721a84ef%22%3A%22de684bf25025721a84ef%7C300x600%7C0.1%22%2C%22d82478e93591573e21db%22%3A%22d82478e93591573e21db%7C300x600%7C0.1%22%7D&ref=https%3A%2F%2Fwww.themarysue.com%2F&s=76c00e80-d03a-4cc9-9ddf-14830f19e7bf&pv=6f5f09d7-a608-487f-a7cf-897a0b1ba9b1&vp=desktop&lib_name=prebid&lib_v=5.18.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%22dd24c2a7-4c9a-4d82-b6fd-74963291b292%22%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
bb1229031c6597fb7a3beb861833e190f8014349542fbdaf00ce3a706198e510
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
209
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		715 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=399458&zone_id=2234776&size_id=2%3B15%3B15%3B15%3B10&alt_size_ids=55%3B9%2C10%3B9%3B%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=7f09ec29-43bc-48c7-ba6f-bab08f683be0%3Bb63d1f83-2e19-422f-8109-1b4242cc52fa%3B88c1e7a1-27c9-4551-8e50-225ab97d479e%3B067f014d-2f95-4bd3-baad-32dbc7ac9fb7%3B13ff59c6-c4cd-4b91-a9e8-81503662c481&p_screen_res=1600x1200&tg_fl.eid=2234776-5%3B2234776-2%3B2234776-3%3B2234776-4%3B2234776-1&rf=https%3A%2F%2Fwww.themarysue.com%2F&x_source.pchain=proper.io%3A48cb0d23-4635-11ec-91ed-06ef03bc0096&ppuid=dd24c2a7-4c9a-4d82-b6fd-74963291b292&eid_pubcid.org=dd24c2a7-4c9a-4d82-b6fd-74963291b292%5E1&rp_schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&slots=5&rand=0.8633370770459576
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
856b3c37ee24c03d7228c0a6d4f134c516fce1909ff97685290afa48244c9e5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
715
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		58 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=756014&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2267c24121-41a3-4de2-bfc4-ca1ab8ed72e6%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-ZY9K3%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-ZY9K3%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22160x600-1-xvwFu%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-xvwFu%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22160x600-2-Qt0AH%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-Qt0AH%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x250-1-swXfT%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-swXfT%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-YBMeY%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-YBMeY%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-T8e4D%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-T8e4D%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-rMCQ7%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-rMCQ7%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x600-2-z7V1f%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-z7V1f%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f5f04899e5a09be6330e63ce04a99ef449be420a98c6c28faa4d4bd81a8d0292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.133], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
58
x-ak-client-geo
12
expires
Mon, 10 Jan 2022 15:22:42 GMT
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ade6f4596e7cd10a285d917e64fe290724fd8bc5fead068f3e760385dc03ca7c

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2264bcb579b96d3dec5058a9f9bf953cd03e8ad2ec69c248f5deb3fc074cf415

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
abddd7e64702d60829e9037793a92e8dcf4db6a63f8ef39b6d9bb2785463ebbe

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
543ee2937bbdf4369fdb0b6e6ebeee9629e6ee97fdee02ceb6ad7ac45cac22ae

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
96de24ec1911155decf97f91fb666b51cef68d0b4c86ce83fc17152e105bc41f

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ 		115 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
392b523243f8da23e42f48ddb27a784aaea4a624b72eaaef2754d0ab601deeb1

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
110
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6672bb98464d7701512553e496c9a1e1b9647c88c2a3adb1b7e1fe5faf6c9d28

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
mvo
tag.1rx.io/rmp/243908/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/243908/0/mvo?z=1r&hbv=5.18,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		396 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.themarysue.com%2F
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
feb7b79d6fd419587c6804950ea925ac180fc7b625f97fbf077424bfd42edbc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
67
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
396
expires
0
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding
gzip
etag
1e39d25f07f5619925357b752ab10d04
age
629
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1N5660MRJCVXZ7J6PY16
date
Mon, 10 Jan 2022 15:12:19 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6qJtLdoLth-uLzNw696FvqHvWQLNZXBxTprbon2CHDOMyoTfmYV2VA==
auction
tlx.3lift.com/header/ 		19 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.18.0&referrer=https%3A%2F%2Fwww.themarysue.com%2F&tmax=1200
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.147.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-147-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pixel;r=540829448;labels=type.article%2Ctitle.The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe%2Csite.%40TheMarySue;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=540829448;labels=type.article%2Ctitle.The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe%2Csite.%40TheMarySue;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.themarysue.com%2F;uht=2;fpan=1;fpa=P0-1040221820-1641828162145;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=themarysue.com;je=0;sr=1600x1200x24;dst=0;et=1641828162145;tzo=0;ogl=locale.en_US%2Csite_name.The%20Mary%20Sue%2Ctype.article%2Ctitle.The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe%2Cdescription.The%20Mary%20Sue%20is%20the%20premier%20destination%20for%20entertainment%20geeks%252C%20female%20or%20other%2Curl.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2F%2Cimage.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2Fwp-content%2Fuploads%2F2020%2F12%2Fthemarysue-defult-social%252Ej%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2Fwp-content%2Fuploads%2F2020%2F12%2Fthemarysue-defult-social%252Ej
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame B418 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.208.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-208-72.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ Frame B418 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 10 Jan 2022 15:22:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
w_480_00000.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/ 		455 KB
456 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
e648916d4ad552298e9658a3b3632b292e8d22a13ddf7ca0431b23e2f3b107ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
466240
last-modified
Mon, 15 Nov 2021 23:51:33 GMT
server
Tengine
etag
"48fac79ae9ba866db4b5fedb722c04ea"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
GSfCYo49g-AUuXnSd3CflcW0vDPvMftjNOvNOT1zLrJb8bFdDndthA==
expires
Mon, 24 Jan 2022 15:22:42 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B418 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
47533
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
date
Mon, 10 Jan 2022 02:10:30 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
yy-50MCfkNwnaINrnUDHbBE4ahUBDSC3zBwoRxkAIH0Lp8cOi0TkcA==
PugMaster
image6.pubmatic.com/AdServer/ Frame 8D72 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55991745&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61dc4f4161be6%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-length
0
5b8efce0-c9e7-434a-af2a-8575378c95c6
https://www.themarysue.com/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.themarysue.com/5b8efce0-c9e7-434a-af2a-8575378c95c6
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
csync
sync.console.adtarget.com.tr/ Frame A6A0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 10 Jan 2022 15:22:43 GMT
Content-Length
0
Etag
9187662370288e5e

Redirect headers

date
Mon, 10 Jan 2022 15:22:42 GMT Mon, 10 Jan 2022 15:22:42 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 7149
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c46d2c204b0fb92438e9db48ca380a39bf4b8c7e2778009a3d2e1238078a14c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Mon, 10 Jan 2022 15:22:42 GMT
x-sid
AMS-746
content-encoding
gzip

Redirect headers

server
openresty
date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-746
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA5D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=149177
expires
Wed, 12 Jan 2022 08:48:59 GMT
date
Mon, 10 Jan 2022 15:22:42 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 08CE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
x-amz-version-id
6Aq591PsFKZg.nhWoLRNYsxuGl0lv087
server
AmazonS3
content-encoding
br
date
Mon, 10 Jan 2022 14:15:19 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6csKrMtyDT8zQ7yAP9f4UkarrmZKu3D0LZFSn3wJiFN8bJozH_A6vQ==
age
4043
cookie
cm.adform.net/ Frame DF3A 		43 B
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 152E 		251 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-storageserver
DE-51
cdn-fileserver
141
cdn-proxyver
1.02
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-cachedat
12/27/2021 07:28:04
cdn-edgestorageid
756
cdn-status
200
cdn-requestid
e0351ee41593e9cce456119c46451456
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 615C 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 10 Jan 2022 15:22:43 GMT
Content-Length
0
Etag
9187662370288e5e
csync
sync.console.adtarget.com.tr/ Frame CDB2 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
VertaMedia 1.0
Etag
9187662370288e5e
Content-Length
43
Content-Type
image/gif
cookie
cm.adform.net/ Frame 3843 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame C822 		251 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-storageserver
DE-51
cdn-fileserver
141
cdn-proxyver
1.02
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-cachedat
12/27/2021 07:28:04
cdn-edgestorageid
756
cdn-status
200
cdn-requestid
99dbde62cb1a96ab4d0d0cfacbf280fa
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 34A1 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 10 Jan 2022 15:22:43 GMT
Content-Length
0
Etag
9187662370288e5e
csync
sync.console.adtarget.com.tr/ Frame 733E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 10 Jan 2022 15:22:43 GMT
Content-Length
0
Etag
9187662370288e5e

Redirect headers

date
Mon, 10 Jan 2022 15:22:42 GMT Mon, 10 Jan 2022 15:22:42 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=RnjFrfAqoXQ8Ofa9bfx5&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame A7EB
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ccd8a2090f936a3bb2532e12097098622af0009a14763270dd84154c48d41469

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Mon, 10 Jan 2022 15:22:42 GMT
x-sid
AMS-746
content-encoding
gzip

Redirect headers

server
openresty
date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-746
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E765 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=149177
expires
Wed, 12 Jan 2022 08:48:59 GMT
date
Mon, 10 Jan 2022 15:22:42 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 0A1F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
x-amz-version-id
6Aq591PsFKZg.nhWoLRNYsxuGl0lv087
server
AmazonS3
content-encoding
br
date
Mon, 10 Jan 2022 14:15:19 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tpa-N6XGuMppa0FHq447f00v8i38LSimrMNlmTD7hw5Z8W2KakHbiw==
age
4043
csync
sync.console.adtarget.com.tr/ Frame 1685 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
VertaMedia 1.0
Etag
9187662370288e5e
Content-Length
43
Content-Type
image/gif
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5581863&ntv_pl=1024382
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=09f8be90-cf03-4ae2-a37b-66997af15f95&ntv_fl=CF4se3gYGjAPzQcMJoAeWQqsPt2l_q8KQYbuXRZcjU_IhgnV0RT6SW9Zktn2QO7gZZtqkOhSz7pLXrUZZ4I0HE_IiY96jMN9C9VnzB74BgKiAp-oGV2neco3RksB5-_CfYnmY3NkZZPLivb6FJ4eyGytidOBw5hJcpRWq9cs4gDyRTOeESvN-_xDuhwtAE_B&ntv_ht=Qk_cYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAfqEPA&ord=1641828162241&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=09c60d7a-7f7a-48cb-9229-025ec78f372a&ntv_fl=CF4se3gYGjAPzQcMJoAeWQ4Ag_rEUY9escSf7g_EwDSabFRSXUxEQZfvcM07deQ8Fr_cToAtf3iRq-VguJqrqlPFF414ps9KGK5_axNH7w9fpSczT6cuQImOI1UIxesYKjpM3tlkYN37aqVyoszpzGfpmalM8-YixVnYF0GaTvFDsxDYdMGCtknmbe8ZZtwp&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAhlwQA&ord=1641828162245&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=8e807be5-33ea-4235-b9ed-d62a278fc954&ntv_fl=CF4se3gYGjAPzQcMJoAeWd85f48hdcyhDBqA4yy99BAZ7vsWqVgkdLaIyb_EiCkZDhHf1v95z2bPf50GDOhazyjrhHaobORrhfcE7-akDrYnZ0WBBbe3gfIrM2RnjaUD1EIorhGf768OUcWuxp0ZxTcDun4CN_X1RLIVJzUG9FR8I_MDH3FfV8Yp9PMc3KVa&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAxvkQA&ord=1641828162245&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=d8eace07-83b7-48c1-8a80-0c63445b71f7&ntv_fl=CF4se3gYGjAPzQcMJoAeWev-HfnNSWDD1Y73RyypuVZhNGvSiYpXE5Li9Q_klcDvcKHC5YTFOfiV4TUzXea_2TgnTAGv_9UVVBXkComl4zmhOJQD5opeONfLmz4AmThhGbLDr7SoBjZItbhFzqGDilYC0hUy8vGzwSkC5ueL-E2x9zlInbVhDUlX63cwSore&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAh1wQA&ord=1641828162246&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ed7c5d9c-b238-46aa-8352-fd74a918f6c9&ntv_fl=CF4se3gYGjAPzQcMJoAeWad9BbOBKDv0xbROXKHnW30uWUjJhnd3q4jBKCoHnbE4ONg06Z2agBwkhZW6gEGPMdNM8lJLUzYX2KYYQRK-cBe9T5HoeTg_mcQJcVeA1Ytih7IPB9KzCe2qUI_XYlaSGy3N0l9e3hbcIggHRQI0whx_i1MJhQiHOvZTcWrHax7a&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAx_kQA&ord=1641828162246&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=94514dc2-9f6f-490a-b2a9-59718249903d&ntv_fl=CF4se3gYGjAPzQcMJoAeWdxnlwHUTI2-tyqwg-vGwE1aZtl8FIWnx_cPmUyoJdjM9fiwDiSoYCHDuDxoLgxjjHPkzmXCdifVu17pWpqd5Sgaid1nkrOJPQMgCwPhKDz7K_x24D_UM2t2n2L1kYZ7uPj5kUuWQahWoqarpIAk2mwhBFiAC6Ac9UuOjot2Bw6_&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAyPkQA&ord=1641828162247&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=46601c99-811e-403d-ac47-7f8655fd50bf&ntv_fl=CF4se3gYGjAPzQcMJoAeWfIYZs2lgp8c1XBwScmMlav6ql04FUWxFEtPlLUMVFRcduk_Kfpotdswb-jBRzQfVENOxe4pNkCydnW7VJeJLXj_fBHNs7bfbeI72X4FPE3ZNc-ZSt4Bc7S0BuMt0yx93t0EtNf0gK2Dp3ihy8PiGQjpT3pG64kbSSWh6SBsP7rQ&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAeXcQA&ord=1641828162248&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=a083eb1a-d403-4def-9ee9-30fef36d2199&ntv_fl=CF4se3gYGjAPzQcMJoAeWcV_25sXK3RIEdmu5BV7I25B_TYl3ply8E0OeYIxITQX2kXsFzYUir4L5PDYSQXHqxKMlXTV0WSvBnYq1dxB4Id-_3d-vSgyg9ByRRslgY7JOu5V2Y3BH7GA_9zIOSbwQHXJmgGM4zZV5xVZOn8UXnq-y8Kozsa74PoX_1V4OOVR&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAyfkQA&ord=1641828162248&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=df7bed4b-2383-4528-b45d-c62c8949666a&ntv_fl=CF4se3gYGjAPzQcMJoAeWQOmprLsHgIeqn35TTWxZGLaOfGc81IjGkTKiXe26VKas2MWoIvb3m-_J85DvjbVZsSnDuGHN2rtXK2ECkKwOxMxwKJX36LqclyMH5MdRpTKc-ATNS1mp6W5EvD8nt6XA6bdJ9G76Yd7QC8Re_qF5dcbGnGCysZMT0WOk-v9oOFb&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAyvkQA&ord=1641828162249&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=df7bed4b-2383-4528-b45d-c62c8949666a&ntv_fl=CF4se3gYGjAPzQcMJoAeWQOmprLsHgIeqn35TTWxZGLaOfGc81IjGkTKiXe26VKas2MWoIvb3m-_J85DvjbVZsSnDuGHN2rtXK2ECkKwOxMxwKJX36LqclyMH5MdRpTKc-ATNS1mp6W5EvD8nt6XA6bdJ9G76Yd7QC8Re_qF5dcbGnGCysZMT0WOk-v9oOFb&ntv_ht=Qk_cYQA&ntv_at=323&ntv_a=AAAAAAAAAAyvkQA&ntv_jtr=9&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=7b83182d-3590-4ac9-b0d4-92b7363ead67&ntv_fl=CF4se3gYGjAPzQcMJoAeWT8Uf4COhGFhQJXqFSGPJgJvC9f5qBIA1bfts1Fjy5QmBC6u97Vpqx__vxA3HjEfBjIvBflLcdj4QMSHJK3VEIDCZOTCQsWmKE6IgDZKeJsTCVr-zxQ7sBQ3AOgWA8FFWgiM3P3jKl-bRorxfQ7j9he8-LrjTctBdNWqOAS8lruu&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAencQA&ord=1641828162249&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=5436d6a2-068e-4e4f-bbac-184a23000135&ntv_fl=CF4se3gYGjAPzQcMJoAeWSIA6C_GZiyvPqB7KBp42aWYReMRQ84a4aZCJSHRuahmD-Gysk0HGaiuY9xloWhc-QcB3gfPBbC-zcpZ-r7LdbE6OHkaxGXCPPlXJGhEsZmQDlrenLHfoFy7Y4ZWfO-9kOk3q7qlejOWH31zhKJSJW0-qOPgYA9IXlHxHZs5cqvf&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAPPwQA&ord=1641828162250&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=8bb0eda2-2c1c-44f3-8596-2c9659a138b9&ntv_fl=CF4se3gYGjAPzQcMJoAeWej5eXZ_sJQFyBOSWHNXWkJVfXMg4zXANWLmpszpRpLFn1IXBPUUOPCfYAyY_Z6h-fjEu9VIUeDYm5vbdskM37bMw259eh9Wa--yOVz4stCjfsR4TCRu_ni4Ina8B0ISFgV8j4DhF2pI1t7tnLmgi146oUjfTV82i8mTEazwGUHZ&ntv_ht=Qk_cYQA&ntv_at=303&ntv_a=AAAAAAAAAAvfkQA&ord=1641828162250&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=8bb0eda2-2c1c-44f3-8596-2c9659a138b9&ntv_fl=CF4se3gYGjAPzQcMJoAeWej5eXZ_sJQFyBOSWHNXWkJVfXMg4zXANWLmpszpRpLFn1IXBPUUOPCfYAyY_Z6h-fjEu9VIUeDYm5vbdskM37bMw259eh9Wa--yOVz4stCjfsR4TCRu_ni4Ina8B0ISFgV8j4DhF2pI1t7tnLmgi146oUjfTV82i8mTEazwGUHZ&ntv_ht=Qk_cYQA&ntv_at=323&ntv_a=AAAAAAAAAAvfkQA&ntv_jtr=10&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1079161&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
v2wljZX53tvKz5-07DQGyz23Gt7HZ4RpNzbT1jWxOS99ATKb4yrUHyGZkl9elwU7rT7kYFjifre3feMvPkw
superficialeyes.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2wljZX53tvKz5-07DQGyz23Gt7HZ4RpNzbT1jWxOS99ATKb4yrUHyGZkl9elwU7rT7kYFjifre3feMvPkw
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2hxy1I2DadD9_UqgflZCzeDduq1c01Waovlzw4IO3xzRl7hrwYLJWBwNH5vqt34i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 10 Jan 2022 15:22:42 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
x-hostname
26187baf
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
pubads_impl_2022010405.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
4645ab9bfd6df40b764a38442029b1b8a1b2177aa42a26ed47889c85bb191036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120815
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 16:09:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 10 Jan 2022 15:22:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		244 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c29961849a7671f9ab16fc32cbe0b82a1574f8586791d2447102a7757439bf7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138
x-xss-protection
0
expires
Mon, 10 Jan 2022 15:22:42 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
47533
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
date
Mon, 10 Jan 2022 02:10:30 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
yobwHTJbChcFrB6cvNB5179TmP4ipWfmpIPO1R_atVIjHg4NFKyuxQ==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.themarysue.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
831eaf6f1c288f766382de0ff923046ec00f3e7346af39b1849c0630203215ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:24:43 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
server
Server
age
3478
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
1123
x-amz-cf-id
GOFpK9LslFVsbc5Hl5IxyRdnMKjRKlflQYBMCnrPmTMmPvN1mkdzGQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.themarysue.com%2F&pid=mOMXve3FFNHad&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
N1Y56XRRD931V1E6YRQY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
Jwrt3QIyKisMNSJVIFA-_q9CNuL5krTqU7V8Q6joWRRIyx1PtRkFwg==
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:24:26 GMT
content-encoding
br
age
17897
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
vary
Accept-Encoding
x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
ptm97nl-evdwhRJ-s4YTkd_ADHu8oITY0gyh1rVxvYJoduIFHQBhYw==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Mon, 10 Jan 2022 15:14:32 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10430
x-request-id
14353220
um
u-ams02.e-planning.net/ Frame 7149
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Da5351154be6af4da
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a5351154be6af4da
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a5351154be6af4da
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a5351154be6af4da
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 7149 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 09 Jan 2027 15:22:42 GMT
prebid
rtb.openx.net/sync/ Frame 7149 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Da5351154be6af4da%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
pdalh5o658knr099pcacnhv2bb59qb4b
ptag
a.audrte.com/ Frame 7149 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.192.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-192-53.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
5bbde81a5e7a66f28e8f7e41f03106050a10572c56092ed4d2c72075a2f4b3da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 7149 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 09 Jan 2027 15:22:42 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 7149
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Da5351154be6af4da
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 7149
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da5351154be6af4da%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a5351154be6af4da&uid=4891557269792591769
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a5351154be6af4da&uid=4891557269792591769
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8ef99e0f-f25c-4f9e-9ffe-f3a37125e2ef
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a5351154be6af4da&uid=4891557269792591769
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams02.e-planning.net/ Frame A7EB
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Da5351154be6af4da
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a5351154be6af4da
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a5351154be6af4da
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a5351154be6af4da
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame A7EB 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 09 Jan 2027 15:22:42 GMT
prebid
rtb.openx.net/sync/ Frame A7EB 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Da5351154be6af4da%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:41 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
rv63mvm802u7k2nh0eel4hmi13a37fhq
ptag
a.audrte.com/ Frame A7EB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.192.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-192-53.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
5bbde81a5e7a66f28e8f7e41f03106050a10572c56092ed4d2c72075a2f4b3da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame A7EB 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 09 Jan 2027 15:22:42 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame A7EB
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Da5351154be6af4da
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame A7EB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da5351154be6af4da%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a5351154be6af4da&uid=4891557269792591769
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a5351154be6af4da&uid=4891557269792591769
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ce24c33e-0bbc-4ce5-9811-237eb19d4f17
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a5351154be6af4da&uid=4891557269792591769
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uu
ih.adscale.de/ Frame 08CE
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1641828162
  • https://ih.adscale.de/uu?cbfn=receive&t=1641828162&nut&uu=a7f3d9f25b57463f88066eba4f341156
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1641828162&nut&uu=a7f3d9f25b57463f88066eba4f341156
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a20d401494a5f7715c84dea9a9b1f46481b872b7f4eb2cb54c1a3c4fef1b8e6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1641828162&nut&uu=a7f3d9f25b57463f88066eba4f341156
date
Mon, 10 Jan 2022 15:22:42 GMT
content-length
0
uu
ih.adscale.de/ Frame 0A1F
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1641828162
  • https://ih.adscale.de/uu?cbfn=receive&t=1641828162&nut&uu=e3b3ac4009974650afdf2e4ca8869e51
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1641828162&nut&uu=e3b3ac4009974650afdf2e4ca8869e51
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a20d401494a5f7715c84dea9a9b1f46481b872b7f4eb2cb54c1a3c4fef1b8e6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1641828162&nut&uu=e3b3ac4009974650afdf2e4ca8869e51
date
Mon, 10 Jan 2022 15:22:42 GMT
content-length
0
bundle.js
cdn.admatic.com.tr/user/ Frame 152E 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-199
cdn-cachedat
12/27/2021 09:53:15
cdn-pullzone
266102
server
BunnyCDN-DE1-756
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"604aed10-d908"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
018af943f39a0d66baa86626980b32b2
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
usync.html
eus.rubiconproject.com/ Frame 1256
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jan 2022 15:22:42 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Mon, 10 Jan 2022 15:22:42 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F43A 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da5351154be6af4da%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=149177
expires
Wed, 12 Jan 2022 08:48:59 GMT
date
Mon, 10 Jan 2022 15:22:42 GMT
vary
Accept-Encoding
bundle.js
cdn.admatic.com.tr/user/ Frame C822 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-199
cdn-cachedat
12/27/2021 09:53:15
cdn-pullzone
266102
server
BunnyCDN-DE1-756
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"604aed10-d908"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
8327fe496f5bdda343f5212385c5df33
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
usync.html
eus.rubiconproject.com/ Frame 2368
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jan 2022 15:22:42 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Mon, 10 Jan 2022 15:22:42 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C86E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da5351154be6af4da%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=149177
expires
Wed, 12 Jan 2022 08:48:59 GMT
date
Mon, 10 Jan 2022 15:22:42 GMT
vary
Accept-Encoding
user
ads3.admatic.com.tr/ Frame 152E 		77 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
0cb232ef297a2d08f6f5e1141da8ef31beb50c7c55198e8f26d8917186fc56ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
81
user
ads3.admatic.com.tr/ Frame C822 		51 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
09f3adc0d0724a762e8d87525f3510ffa0ec0577e316c4e7c8e4f899810b3d37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
55
/
geo.privacymanager.io/ 		28 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-65.fra50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 05:02:20 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
age
37222
x-amzn-requestid
2fe49b58-a8a8-4112-bdfb-3ec6ffc8d8c9
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61dbbddc-5e3a69123072df9e77dde7c9;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA50-C1
x-amz-apigw-id
LtqahFIgDoEFt_Q=
content-length
28
x-amz-cf-id
ds4mmGV6YTJ1VHRaGBPuewihl6vumPSwkASskilCohY_VpHVGy8hJA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
w_480_00001.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/ 		448 KB
449 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
b144ecda7df6018dbe55ea7d1035d383a5ed508b247b29306aebbd1baacabea8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 6ae82cc0c8a39c993134c2be90b4d121.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 10:54:33 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"909f86a474caa096dfbb65e533457e25"
content-type
video/mp2t
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:42 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
459096
x-amz-cf-id
T6k98B-j4ki3Cn8WHCHhjb0VBrv6EyLcs0Ormfn9CW2ZlMMLakV1Fg==
x-proxy-cache
HIT
userconnect.js
js.adscale.de/ Frame 08CE 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
.aJwg_KmjGd9NAOcsIdaU7E4wOJILkbc
content-encoding
br
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
server
AmazonS3
age
5611
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 10 Jan 2022 13:49:12 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Na-Yjqq41iFZGf35PKPE7DvFJ5gL3Zz6qQWEPz-x9-N2zgBWaPRymQ==
csync
sync.console.adtarget.com.tr/ Frame 08CE 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=e3b3ac4009974650afdf2e4ca8869e51
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
VertaMedia 1.0
Etag
1038685761534340
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 0A1F 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=e3b3ac4009974650afdf2e4ca8869e51
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
VertaMedia 1.0
Etag
1038685761534340
Content-Length
0
userconnect.js
js.adscale.de/ Frame 0A1F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
.aJwg_KmjGd9NAOcsIdaU7E4wOJILkbc
content-encoding
br
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
server
AmazonS3
age
5611
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 10 Jan 2022 13:49:12 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
dAXR_DRxsE959XCefC41WwTDx9awOzzax6GPnStIHUq8CBqCTDVbxw==
usermatch
ssum.casalemedia.com/ Frame 0C81 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ca6c1d0384cd985b09d49aca293e21b772fa0ea54bdfe0d3efbe905c293e1079

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|3|40|4|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1663
Expires
Mon, 10 Jan 2022 15:22:42 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Connection
keep-alive
navegg_2022_01.html
i.e-planning.net/esb/4/1/3fb8/a54faea9d0608df9/ Frame 6EF3 		1 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/a54faea9d0608df9/navegg_2022_01.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
83c0617525366a4c29fe5a998aaf4bbf72d3aa1dc2f48f032b5ab719ef171e33

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
content-length
618
x-cff
B
last-modified
Fri, 07 Jan 2022 17:55:34 GMT
etag
W/"61d87e96-5f2"
expires
Wed, 06 Jan 2027 18:06:40 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
1
x-cf-tsc
1641578803
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fB.fra2:co:1585621119:cacheN.fra2-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame FAE0 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 36B6 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a05e6a56e754576e3b128444222443fe60e373a540f442cfa777c5c25cfb90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6e70018bb68e5-FRA
content-encoding
br
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1159412243048153&correlator=2303847495389296&output=ldjh&impl=fifs&eid=31063978&vrg=2022010405&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=5376056%3A143457427%2Cthemarysue_side_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250%7C300x600%7C160x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D11262%26proper_site%3Dthemarysue%26proper_slot%3D3%26tags%3Dunknown_desktop%252Cunknown%26proper_floor%3D0.10%26s_depth%3D1%26proper_bidder%3Dthemarysue_appnexus%26proper_bid%3D0.20%26refresh_count%3D0&eri=1&cookie=ID%3D0bb842dfaa89ba77-22e4595719cd00c8%3AT%3D1641828162%3ART%3D1641828162%3AS%3DALNI_MZPFrhEHRxRRlDu_iW2jVRxBDdtHA&bc=31&abxe=1&lmt=1641828162&dt=1641828162538&dlt=1641828161216&idt=1202&frm=20&biw=1600&bih=1200&oid=2&adxs=1035&adys=274&adks=1903544406&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.themarysue.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x290&msz=300x0&ga_vid=479152982.1641828162&ga_sid=1641828162&ga_hid=418160425&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f9db8a840c564bf7111bdfa0a232750c193081e2d84328f7242675c89820d47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10916
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 94A7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 10 Jan 2022 15:22:42 GMT
expires
Tue, 10 Jan 2023 15:22:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
w_480_00001.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/ 		470 KB
471 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
0eda18a97a9bf13fe7de6a36d2ed79c2f0649437f592fd6c64b8fe5722f88612

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 9e9acb04b02acc35d5f161ce03745e26.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
481656
last-modified
Mon, 15 Nov 2021 23:51:33 GMT
server
Tengine
etag
"c71c625e9035f97b07b2d677df8b53da"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
sE1Ifz1cPmdJJHyTbjfKtchMu-k6HS7KvQ5gFIisr-vOPaZA5Bjz4Q==
expires
Mon, 24 Jan 2022 15:22:42 GMT
usermatch
ssum.casalemedia.com/ Frame E994 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ea6c5b6ccbb8f24a23c7e1054a7cff382b13035b081034dda596a392631fc26a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|191|51|105|176
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1554
Expires
Mon, 10 Jan 2022 15:22:42 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Connection
keep-alive
navegg_2022_01.html
i.e-planning.net/esb/4/1/3fb8/a54faea9d0608df9/ Frame 4679 		1 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/a54faea9d0608df9/navegg_2022_01.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
83c0617525366a4c29fe5a998aaf4bbf72d3aa1dc2f48f032b5ab719ef171e33

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
content-length
618
x-cff
B
last-modified
Fri, 07 Jan 2022 17:55:34 GMT
etag
W/"61d87e96-5f2"
expires
Wed, 06 Jan 2027 18:06:40 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
1
x-cf-tsc
1641578803
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fB.fra2:co:1585621119:cacheN.fra2-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame 3C3B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 5243 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1491e677237b41d3efe5d93a6970a6fa6f11072d03b971cba7be54c3deec9932

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6e70018c168e5-FRA
content-encoding
br
userconnect
ih.adscale.de/ Frame 08CE 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1641828162616&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-length
149
content-type
application/javascript
userconnect
ih.adscale.de/ Frame 0A1F 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1641828162618&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-length
149
content-type
application/javascript
usync.js
eus.rubiconproject.com/ Frame 1256 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7cd1e1a67dd272e7d13afc75667d41e1ce21ca15861b052dba20e84586186add

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45490
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Tue, 11 Jan 2022 04:00:52 GMT
usync.js
eus.rubiconproject.com/ Frame 2368 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7cd1e1a67dd272e7d13afc75667d41e1ce21ca15861b052dba20e84586186add

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45490
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Tue, 11 Jan 2022 04:00:52 GMT
new
ads3.admatic.com.tr/user/ Frame 152E 		145 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
fd9c06c8cdd724ceb785875dddbb0b6baac90ed871143b9c193825a1dcdd9bd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
br
etag
BmVtR3aLUmn6qsv7_8YgFOW0l7MnbO9o-FiX8Lg_6GucipB0dwGI8irVOQlYrs38s17-qNbij6dFkoXUZMhHqQ
last-modified
Mon, 10 Jan 2022 16:22:42 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
149
user
ads3.admatic.com.tr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
if-none-match
Origin
https://cdn.admatic.com.tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache
vary
Origin
server
AdMatic
access-control-allow-origin
https://cdn.admatic.com.tr
access-control-allow-credentials
true
access-control-allow-headers
if-none-match
x-powered-by
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
new
ads3.admatic.com.tr/user/ Frame C822 		145 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
1b5acb1f1f4e804e54d0e809292f93575962b98059560994045c66453b001101

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
br
etag
hgf0E_r-Kux7wYUof9VcxgWY7AZ7YrBFajTGMhzrrUWAzrn5wwHruiqCgmLGRnuIqBeVLF2rvaGg9ksD5j0pbw
last-modified
Mon, 10 Jan 2022 16:22:42 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
149
user
ads3.admatic.com.tr/ Frame C822 		145 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
970636c5135d5279ddf794897aa11b0b489026723bb4f8bb0782bb812c6e9ad0

Request headers

Referer
https://cdn.admatic.com.tr/
If-None-Match
undefined
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
br
etag
YJ1xdlXnw-cvfWoe-k6eQNcBMPL_NspDIykEqmG7Xakc5gdo_oWWYQGuWW0tgh0ZOxN-jBvhIFPVHrpqyiD3Yg
last-modified
Mon, 10 Jan 2022 16:22:42 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
149
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1256 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=KY8U3HRT-21-K3EL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
getuid
ib.adnxs.com/ Frame 36B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 36B6 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=56ad8642-950b-47bf-8e75-3a3e0de090a1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=56ad8642-950b-47bf-8e75-3a3e0de090a1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e701ed4f68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=56ad8642-950b-47bf-8e75-3a3e0de090a1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 36B6 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3...
  • https://mwzeom.zeotap.com/mw?cid=77347c28-e909-4568-b8d7-3bfdd731acbe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=77347c28-e909-4568-b8d7-3bfdd731acbe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7023e1568e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=77347c28-e909-4568-b8d7-3bfdd731acbe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 36B6 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 varnish
server
nginx
x-timer
S1641828163.794902,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4043-HHN
u
dmp.v.fwmrm.net/ad/ Frame 36B6 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f601:6e36:3d7b:dfb5:1567 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 36B6 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=0be184b7-15e5-49f7-9a76-e19ef05d508d&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0be184b7-15e5-49f7-9a76-e19ef05d508d&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7024e3168e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=0be184b7-15e5-49f7-9a76-e19ef05d508d&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=746c9983-ff74-43e6-671e-2f87ab3eb05e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=746c9983-ff74-43e6-671e-2f87ab3eb05e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=33109535426016893273654717955005951782&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=33109535426016893273654717955005951782&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7026e7768e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v026-0443902af.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
n98jqKOyRVY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=33109535426016893273654717955005951782&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 36B6 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=746c9983-ff74-43e6-671e-2f87ab3eb05e&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-83707-0.963142001641828165-2e5d9fff60e3f0b645bf4c9e93fd6904&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-83707-0.963142001641828165-2e5d9fff60e3f0b645bf4c9e93fd6904&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7022df668e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-83707-0.963142001641828165-2e5d9fff60e3f0b645bf4c9e93fd6904&zdid=533&env=mWeb
Date
Mon, 10 Jan 2022 15:22:45 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7051598261461973131&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7051598261461973131&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e701fd8268e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7051598261461973131&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 36B6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=746c9983-ff74-43e6-671e-2f87ab3eb05e
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=746c9983-ff74-43e6-671e-2f87ab3eb05e
95 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=746c9983-ff74-43e6-671e-2f87ab3eb05e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=746c9983-ff74-43e6-671e-2f87ab3eb05e
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=746c9983-ff74-43e6-671e-2f87ab3eb05e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=746c9983-ff74-43e6-671e-2f87ab3eb05e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=SKguW6tKT6/CxEs4ULF.Ze&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4f...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=SKguW6tKT6/CxEs4ULF.Ze&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7026e6768e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
last-modified
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=SKguW6tKT6/CxEs4ULF.Ze&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 36B6 		36 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=746c9983-ff74-43e6-671e-2f87ab3eb05e&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.104 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=746c9983-ff74-43e6-671e-2f87ab3eb05e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=746c9983-ff74-43e6-671e-2f87ab3eb05e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=8c6fb74eeb02f1af44958616005f6ab4&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=8c6fb74eeb02f1af44958616005f6ab4&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e702ffa168e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=8c6fb74eeb02f1af44958616005f6ab4&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
cache-control
no-cache
x-server
10.45.4.13
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-f78T.DRE2opnR62DrFN2OBj4m3hF1FkHjA--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-f78T.DRE2opnR62DrFN2OBj4m3hF1FkHjA--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7030fca68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 10 Jan 2022 15:22:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-f78T.DRE2opnR62DrFN2OBj4m3hF1FkHjA--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=zhh2kUJAhltYMhNbGF%2BlPs6shFnPr7ny%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=zhh2kUJAhltYMhNbGF%2BlPs6shFnPr7ny%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e702aefa68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=zhh2kUJAhltYMhNbGF%2BlPs6shFnPr7ny%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 36B6 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=746c9983-ff74-43e6-671e-2f87ab3eb05e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 36B6 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.6.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-6-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=40 t=1641828163
x-served-by
beacon-n021-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 36B6 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=746c9983-ff74-43e6-671e-2f87ab3eb05e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame 36B6 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641828163.941936,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4075-HHN
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e702ef9a68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
MT3 4133 baa842e master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 10 Jan 2022 15:22:42 GMT
usermatch.gif
beacon.krxd.net/ Frame 36B6
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318b...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
54.76.6.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-6-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1641828163
x-served-by
beacon-n021-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
date
Mon, 10 Jan 2022 15:22:43 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a004-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 36B6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=746c9983-ff74-43e6-671e-2f87ab3eb05e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=746c9983-ff74-43e6-671e-2f87ab3eb05e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=746c9983-ff74-43e6-671e-2f87ab3eb05e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G4XXR17W8MQC5NEQXX0P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FQ4SPE8ME8NZWB2781YY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=746c9983-ff74-43e6-671e-2f87ab3eb05e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=746c9983-ff74-43e6-671e-2f87ab3eb05e&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e703f9b968e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Mon, 10 Jan 2022 15:22:43 GMT
Connection
keep-alive
Content-Length
0
BK-Server
be1d
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 36B6
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e703689b68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
date
Mon, 10 Jan 2022 15:22:43 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 36B6 		557 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3c06b60ec5568bda7bda8d79bd6af0b927ae954b6d7886b426d3bbacc4f4316

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6cb6e7012baa68e5-FRA
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 15:22:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
pixel
cm.g.doubleclick.net/ Frame 0C81 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0C81
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
04QPW86DQWNYMF35Z512
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SNVVSGCAK54KB49F07JS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0C81
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdxPQRngm4F2ibcuoBZx0gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPafblrPb8oQMfPfxfSlcM0&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPafblrPb8oQMfPfxfSlcM0&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:22:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPafblrPb8oQMfPfxfSlcM0&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0C81 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 0C81
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:22:42 GMT

Redirect headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
MT3 4133 baa842e master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:22:41 GMT
rum
dsum-sec.casalemedia.com/ Frame 0C81
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8861882096168454252
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8861882096168454252
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:22:43 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8861882096168454252
pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 0C81 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.140.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-140-137.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams02.e-planning.net/ Frame 0C81 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=a5351154be6af4da&uid=YdxPQRngm4F2ibcuoBZx0gAA%261212
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
openresty
content-type
image/gif
getuid
ib.adnxs.com/ Frame 5243 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 5243 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=56ad8642-950b-47bf-8e75-3a3e0de090a1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=56ad8642-950b-47bf-8e75-3a3e0de090a1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e701ed5568e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=56ad8642-950b-47bf-8e75-3a3e0de090a1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 5243 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D2...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D2...
  • https://mwzeom.zeotap.com/mw?cid=77347c28-e909-4568-b8d7-3bfdd731acbe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=77347c28-e909-4568-b8d7-3bfdd731acbe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7023e1b68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=77347c28-e909-4568-b8d7-3bfdd731acbe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 5243 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 varnish
server
nginx
x-timer
S1641828163.794986,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4043-HHN
u
dmp.v.fwmrm.net/ad/ Frame 5243 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f601:6e36:3d7b:dfb5:1567 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5243 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=0be184b7-15e5-49f7-9a76-e19ef05d508d&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0be184b7-15e5-49f7-9a76-e19ef05d508d&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7024e2a68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=0be184b7-15e5-49f7-9a76-e19ef05d508d&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=52785652774475056901277143070551151788&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=52785652774475056901277143070551151788&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e702aef368e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v026-0f9ae3890.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
vo01cuRYQ14=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=52785652774475056901277143070551151788&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 5243 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-48444-0.965674001641828165-2e2eaad8be677d30c6aa9e28be4c6c64&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-48444-0.965674001641828165-2e2eaad8be677d30c6aa9e28be4c6c64&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7023e1f68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-48444-0.965674001641828165-2e2eaad8be677d30c6aa9e28be4c6c64&zdid=533&env=mWeb
Date
Mon, 10 Jan 2022 15:22:45 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7051598261462235275&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7051598261462235275&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7020d9768e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7051598261462235275&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 5243 		95 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=b39acc5a-117d-42ae-6826-b1d5bfc57a7f
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=SKguW6tKT6/CxEs4ULF.Ze&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=SKguW6tKT6/CxEs4ULF.Ze&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7026e6468e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
last-modified
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=SKguW6tKT6/CxEs4ULF.Ze&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 5243 		36 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.104 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=8c6fb74eeb02f1af44958616005f6ab4&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=8c6fb74eeb02f1af44958616005f6ab4&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e702ffa068e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=8c6fb74eeb02f1af44958616005f6ab4&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
cache-control
no-cache
x-server
10.45.8.179
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-f78T.DRE2opnR62DrFN2OBj4m3hF1FkHjA--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-f78T.DRE2opnR62DrFN2OBj4m3hF1FkHjA--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e7030fc568e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 10 Jan 2022 15:22:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-f78T.DRE2opnR62DrFN2OBj4m3hF1FkHjA--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=M3JySn%2Bm94FYMhNbGF%2BlPljsRAvUvElR%2BS41iYitP1U%3D
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=M3JySn%2Bm94FYMhNbGF%2BlPljsRAvUvElR%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e702aef768e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=M3JySn%2Bm94FYMhNbGF%2BlPljsRAvUvElR%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 5243 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 5243 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.6.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-6-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=44 t=1641828163
x-served-by
beacon-n016-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 5243 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame 5243 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641828163.960793,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4075-HHN
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e9...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e702ff9e68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 10 Jan 2022 15:22:42 GMT
usermatch.gif
beacon.krxd.net/ Frame 5243
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
54.76.6.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-6-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1641828163
x-served-by
beacon-n016-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
date
Mon, 10 Jan 2022 15:22:43 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a002-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5243
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-682...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-682...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AAF7KD2WS3SQ2HMF16D0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
939K31PTNN1895S4FY1H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e703f9bf68e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Mon, 10 Jan 2022 15:22:43 GMT
Connection
keep-alive
Content-Length
0
BK-Server
9b5a
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 5243
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
95 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6e70368a268e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
date
Mon, 10 Jan 2022 15:22:43 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 5243 		557 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbb2855602909899be814ef4b8c28f75ea54ea1dcf87dd9132fa71cd690ec23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6cb6e7012bc168e5-FRA
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 15:22:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
map
ih.adscale.de/ Frame B903 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb6e03056a4bbdb813e9a4b44cb501af4c8e4639a278f1692af6a2376b398e66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
map
ih.adscale.de/ Frame 8012 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f70ec51a6090be2b88fc2df03470a1f7781f9426f240a947bc8e57e9c013e4d7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
casale
match.adsrvr.org/track/cmf/ Frame E994 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E994
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdxPQRngm4F2ibcuoBZx0gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMvqEI5Mg86gVDy-b_79jJU&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMvqEI5Mg86gVDy-b_79jJU&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:22:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMvqEI5Mg86gVDy-b_79jJU&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E994 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E994
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E86B6G1BJMFVF651KR61
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PM4GW6KQ4SY3EXYMJCQT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxPQRngm4F2ibcuoBZx0gAABLwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame E994 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.67.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-67-215.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
last-modified
Mon, 10 Jan 2022 15:22:43 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 10 Jan 2022 15:22:44 GMT
sync
x.bidswitch.net/ Frame E994 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame E994
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:22:43 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 10 Jan 2022 15:22:43 GMT
server
nginx/1.20.0
content-length
76
113
match.deepintent.com/usersync/ Frame E994 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
content-length
0
server
a
um
u-ams02.e-planning.net/ Frame E994 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=a5351154be6af4da&uid=YdxPQRngm4F2ibcuoBZx0gAA%261212
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
server
openresty
content-type
image/gif
cs&eq_cc=1
um2.eqads.com/um/ Frame 136B
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da5351154be6af4da%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-10-151.compute-1.amazonaws.com
Software
/
Resource Hash
6cdb371375292d7fd2c21356d595dd9cddcc56939ce9889e4b37d6c38067a6d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 10 Jan 2022 15:22:43 GMT
pragma
no-cache

Redirect headers

date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
user
ads3.admatic.com.tr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
if-none-match
Origin
https://cdn.admatic.com.tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache
vary
Origin
server
AdMatic
access-control-allow-origin
https://cdn.admatic.com.tr
access-control-allow-credentials
true
access-control-allow-headers
if-none-match
x-powered-by
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
user
ads3.admatic.com.tr/ Frame 152E 		145 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
f03ee2341bf7a88f7a6fc58ffdccbd69096975fdc62e2beaab7d74b64fcca868

Request headers

Referer
https://cdn.admatic.com.tr/
If-None-Match
GTPp4D_Zzmb3FX5_nLo9p6TxpyFugys5o2seyukMJF-6rT968M8I14eyM0nDUCz0dUROGyCPNHuBFY3UFCeaHw
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
br
etag
ngX5jzqNY9dyDplAOsUr3XFp6h2fwjYCjs2boZEaVBwAvi3M2srFb09dqq2iVQwDjVGnss1AUZ1xISUr2JCU8g
last-modified
Mon, 10 Jan 2022 16:22:42 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
149
csync
sync.console.adtarget.com.tr/ Frame 152E 		0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=GTPp4D_Zzmb3FX5_nLo9p6TxpyFugys5o2seyukMJF-6rT968M8I14eyM0nDUCz0dUROGyCPNHuBFY3UFCeaHw
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
VertaMedia 1.0
Etag
719f356bea80f730
Content-Length
0
user
ads3.admatic.com.tr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
if-none-match
Origin
https://cdn.admatic.com.tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache
vary
Origin
server
AdMatic
access-control-allow-origin
https://cdn.admatic.com.tr
access-control-allow-credentials
true
access-control-allow-headers
if-none-match
x-powered-by
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
user
ads3.admatic.com.tr/ Frame C822 		145 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
ce82dd2238c5785a5a0d3a25678a841762c0c4b0b7379b4994907630e0f32e5a

Request headers

Referer
https://cdn.admatic.com.tr/
If-None-Match
GTPp4D_Zzmb3FX5_nLo9p6TxpyFugys5o2seyukMJF-6rT968M8I14eyM0nDUCz0dUROGyCPNHuBFY3UFCeaHw
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:42 GMT
content-encoding
br
etag
E8aI7IeLG_0AQzHyxshYct0sO9WN6HBi6nLyOy3ZtUoDoSWOSOQXRvqJhGPu3WzT_ec5dBhM0yffJUMMSq-GRw
last-modified
Mon, 10 Jan 2022 16:22:42 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
149
csync
sync.console.adtarget.com.tr/ Frame C822 		0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=GTPp4D_Zzmb3FX5_nLo9p6TxpyFugys5o2seyukMJF-6rT968M8I14eyM0nDUCz0dUROGyCPNHuBFY3UFCeaHw
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
VertaMedia 1.0
Etag
719f356bea80f730
Content-Length
0
match.js
js.adscale.de/ Frame 8012 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
fd5SxP75_inNwuwuiiECHv1D808VkMYU
content-encoding
br
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
server
AmazonS3
age
6767
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 10 Jan 2022 13:29:56 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GNZD24rdRjFqJy2ZhdgHlep24GbadcdZxZIBHiBy5Ba5QxVNCPZonA==
match.js
js.adscale.de/ Frame B903 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
fd5SxP75_inNwuwuiiECHv1D808VkMYU
content-encoding
br
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
server
AmazonS3
age
6767
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 10 Jan 2022 13:29:56 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
oEmfFQ3GfzTT8ri9Z4SYC-WpQdHSX1NSZrB2NGyVKXEpu5acdYo5yw==
w_480_00002.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/ 		358 KB
359 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
5b6d6637d2a690e98da9f9b1e43c585c99aefe2fe9cef206f6871e5c183bf1c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 3db7f91696447b8891fcb8247d1ed788.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 10:54:33 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"2870b1e535dcae5d84a6527cf60f8420"
content-type
video/mp2t
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 15:22:42 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
366600
x-amz-cf-id
yNbcaDm4OjCTc-vUKgwkVktvxkli-hWqrNulF7axCGwB61tMam5x9w==
x-proxy-cache
HIT
w_480_00002.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/ 		480 KB
481 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
180740360aa83b20008ac5050cdbe00840aff70bea7c60f6218954534efaccb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
491620
last-modified
Mon, 15 Nov 2021 23:51:33 GMT
server
Tengine
etag
"e79f67bea3aad096f5c9cb1c1074eb41"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
YhORalGbpRP7lPdy9bh9cCgs-5R0gPwVzhAggoPBskj2zdw2yV2KNg==
expires
Mon, 24 Jan 2022 15:22:42 GMT
cmp
spl.zeotap.com/ Frame 36B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6e7017c6f68e5-FRA
cmp
spl.zeotap.com/ Frame 5243 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6e7017c7268e5-FRA
img
ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162734/0/ Frame 8012
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=e3b3ac4009974650afdf2e4ca8869e51&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162734%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162734/0/img?tpid=101&tpuid=BBID-01-03165421628932046-16495416
49 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162734/0/img?tpid=101&tpuid=BBID-01-03165421628932046-16495416
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162734/0/img?tpid=101&tpuid=BBID-01-03165421628932046-16495416
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
img
ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/ Frame B903
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=e3b3ac4009974650afdf2e4ca8869e51&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=101&tpuid=BBID-01-03165421628934002-16495416
49 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=101&tpuid=BBID-01-03165421628934002-16495416
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=101&tpuid=BBID-01-03165421628934002-16495416
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
v1
ads.yahoo.com/cms/ Frame 1256
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY8U3HRT-21-K3EL&sigv=1&esig=2~c43617a0b023ab603ac6a7dde9db40225b64b7ca
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY8U3HRT-21-K3EL&sigv=1&esig=2~c43617a0b023ab603ac6a7dde9db40225b64b7ca
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY8U3HRT-21-K3EL&sigv=1&esig=2~c43617a0b023ab603ac6a7dde9db40225b64b7ca
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1256
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7zHt-r4GVbkCigiUyJzrx8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6620337673451116725
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6620337673451116725
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

date
Mon, 10 Jan 2022 15:22:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6620337673451116725
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 1256
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VTNIUlQtMjEtSzNFTA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VTNIUlQtMjEtSzNFTA==
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VTNIUlQtMjEtSzNFTA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 1256 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 1256 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641828163.861200,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4075-HHN
tap.php
pixel.rubiconproject.com/ Frame 1256
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&expires=28
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:22:41 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 1256 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1256
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFhOWNjNDIzMGQwMWEzYTNiYWE3N2ZmMzUyNWQ5ZmU0ZjQ5NjIyNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFhOWNjNDIzMGQwMWEzYTNiYWE3N2ZmMzUyNWQ5ZmU0ZjQ5NjIyNw
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFhOWNjNDIzMGQwMWEzYTNiYWE3N2ZmMzUyNWQ5ZmU0ZjQ5NjIyNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cc.js
tags.crwdcntrl.net/c/15238/ Frame 7149 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 04:58:20 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
37462
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
fMIAvtBXOkqDre4EHhXQH5xMzRbReXIUfYzjSvSbtE8lsqpF5VPQ7w==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame CC2B 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sat, 09 Jan 2027 15:22:42 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame C103 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AN9crRslRVFWX6xR
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Mon, 10 Jan 2022 15:22:43 GMT
Content-Length
0
Etag
07c005b68550b7b2
s2s
eb.proper.io/ 		373 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f4c16d1710f769cc7dfcbb17b812f9f8447e586ae602af94fcce6166821da4

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:271
cf-ray
6cb6e701de204a5b-FRA
expires
-1
w_480_00003.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/ 		387 KB
388 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
3fb1d601bbcab0d1b0e24d29a9079d2704851ad2352775e57e5a37fe37dfc2cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 9e9acb04b02acc35d5f161ce03745e26.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
396492
last-modified
Tue, 16 Nov 2021 10:54:33 GMT
server
Tengine
etag
"d3423988cfebbf0f4d89fcf27dbc7738"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
L607EPSr_g2kdD5BUj3aiX5Lscha0vGOv3mBRQQEK2XbwdJUwFEc3Q==
expires
Mon, 24 Jan 2022 15:22:42 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame A7EB 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 04:58:20 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
37462
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Dpjash2IivryPX2DSpNTxPkRXn1dXj6r8ykGwaQAJTOaqI7MEXnxxw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 94EE 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Mon, 10 Jan 2022 15:22:42 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sat, 09 Jan 2027 15:22:42 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame AE08 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AIRAktVatz9QMYeP
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Mon, 10 Jan 2022 15:22:43 GMT
Content-Length
0
Etag
07c005b68550b7b2
GS.d
js.cookieless-data.com/ Frame CC2B 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1641828162861
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
w_480_00003.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/ 		434 KB
435 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a35f0086821077e657d47f432e4406761f8359d4a910d7f2bb39919eddc6ae26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
444432
last-modified
Mon, 15 Nov 2021 23:51:33 GMT
server
Tengine
etag
"4b34f9a66e52c9f1b89511bd1ee88c25"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
ztnfJVk3QkU_wFBF_14nLhZ1DaLjSIV5Q6P6ULPdWURQ6GlUJkDNrg==
expires
Mon, 24 Jan 2022 15:22:42 GMT
GS.d
js.cookieless-data.com/ Frame 94EE 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1641828162892
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
w_480_00004.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/ 		450 KB
451 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
1d01446ecae8f452f1ed13a9442f67d739a2290d5e7fd93226e75fc0a9f45b93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
460412
last-modified
Tue, 16 Nov 2021 10:54:33 GMT
server
Tengine
etag
"44b5294512290d3b0c00c5146617c803"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
IeyadLuymNSki8fb2oF4zaQItTMFTqmMd9J2nr0Hl_5t3GVgYGeDlw==
expires
Mon, 24 Jan 2022 15:22:42 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame B903
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=1edc3435515d78b4ae9e502f9...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YdxPQRngm4F2ibcuoBZx0gAA%261212
49 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YdxPQRngm4F2ibcuoBZx0gAA%261212
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YdxPQRngm4F2ibcuoBZx0gAA%261212
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Mon, 10 Jan 2022 15:22:42 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 8012
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=1edc3435515d78b4ae9e502f9...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YdxPQRngm4F2ibcuoBZx0gAA%261212
49 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YdxPQRngm4F2ibcuoBZx0gAA%261212
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YdxPQRngm4F2ibcuoBZx0gAA%261212
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Mon, 10 Jan 2022 15:22:42 GMT
w_480_00004.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/ 		396 KB
396 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
864b4ffdc7762d6c4797bff9ebba0db966d70aa8f9b4d66ba482955767c4b569

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 76f038ba37b9e8fa604be08778b9f787.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
405140
last-modified
Mon, 15 Nov 2021 23:51:33 GMT
server
Tengine
etag
"aa19a206ce8258e3fa226ca250b011c2"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
geJtTIIbULVjAXI0jEDHZk5oC4RNS7HMJimy5LQ5r8uEZdhvXvB-Rw==
expires
Mon, 24 Jan 2022 15:22:42 GMT
w_480_00005.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/ 		488 KB
489 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
87bd78bd8951dbd104163998c570b4da2336b8b75daf1bafc76457c46d524981

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:42 GMT
via
1.1 8f9305e858931aa6ae96c1310e7ea597.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
499516
last-modified
Tue, 16 Nov 2021 10:54:33 GMT
server
Tengine
etag
"57c728deb891023d6191ce4b6a2d87af"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
_0VkrdGq5x2-_EXHnA4lTAQN4mllfjBFNuDKTxl1O2s_4jNzhKfyrQ==
expires
Mon, 24 Jan 2022 15:22:42 GMT
img
ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/ Frame 8012
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=6be982ad51678d36b193f6ccf1349ab72c773b54e79f88d4628b89d08fe2966a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=6be982ad51678d36b193f6ccf1349ab72c773b54e79f88d4628b89d08fe2966a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19...
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?tpid=42&gdpr=0&tpuid=5963704833846896809
49 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?tpid=42&gdpr=0&tpuid=5963704833846896809
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
server
nginx
location
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?tpid=42&gdpr=0&tpuid=5963704833846896809
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/ Frame B903
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=6be982ad51678d36b193f6ccf1349ab72c773b54e79f88d4628b89d08fe2966a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4d...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=6be982ad51678d36b193f6ccf1349ab72c773b54e79f88d4628b89d08fe2966a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf9...
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=42&gdpr=0&tpuid=2013461008473140927
49 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=42&gdpr=0&tpuid=2013461008473140927
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
server
nginx
location
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=42&gdpr=0&tpuid=2013461008473140927
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
w_480_00005.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/ 		435 KB
436 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid6192ee51d5524369869613.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
abe63c7c19cf7616de394934638e2ab084ee6752846e2be1f33ce52c4e2a89d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 8f9305e858931aa6ae96c1310e7ea597.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
445560
last-modified
Mon, 15 Nov 2021 23:51:33 GMT
server
Tengine
etag
"351594dbded73b0f2c5fe44ddb43c10e"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
loXgKJ0c_FyYHLfWFubLyVP8GIKPBND4mRHBiqiNZbg6pgQhyRisNA==
expires
Mon, 24 Jan 2022 15:22:43 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame B903
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=abf3c2de-7963-49a3-ab69-d7bb83d189a3&gdpr=0
49 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=abf3c2de-7963-49a3-ab69-d7bb83d189a3&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=abf3c2de-7963-49a3-ab69-d7bb83d189a3&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1926602
content-length
0
expires
Mon, 10 Jan 2022 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 136B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=6dfb7290-1bce-4850-b0a7-9d1ab2cec2cc&expiration=1649604163
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:22:43 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame B903
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=2b3ba936888134d88a62529e...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
49 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:22:42 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 4EEF 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4EEF 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4EEF 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4EEF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4EEF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0f988502fa2967b0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
truncated
/ Frame 4EEF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a989c6ac445ca6056e71e867a048538cbf62b55bb527d0bd8fb6e39c64fac5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
14919624577132833245
tpc.googlesyndication.com/simgad/ Frame 4EEF 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14919624577132833245
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
482d08c0cba11a554e08a31b04ea074aa68d2a554441d177d3d3fa06b513a603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 06:24:47 GMT
x-content-type-options
nosniff
age
550676
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50716
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 06:52:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 04 Jan 2023 06:24:47 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EEF 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
20465
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 11 Jan 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EEF 		295 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
19778
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 11 Jan 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 4EEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyOLJdBSYlYos8v9pa4kjPXgOjBHx6jWYRs38CnTxc4-SS79wG_hRmfK2_4wjcE5sh5bDrgkHrbkNS2Wubi7flzLuA1w
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ai.aspx
m.exactag.com/ Frame 4EEF 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=76429-gaw&extLi=6449654377&cb=1273560958&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Mo, 10 Jan 2022 03:22:43 GMT
Server
Microsoft-IIS/8.5
Date
Mon, 10 Jan 2022 15:22:42 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1787
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4EEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUs25Qk_cYeeOJKen3gO117KICsqp7PBbupDlpPgOu_ujqvMKEAEg2Oq2IGCV0qGCsAegAZq6if4CyAEDqQLGaKY7twGzPuACAKgDAcgDCKoE9AFP0FfVPHe9u2M6r6m-IrVnX29OcMV9zj7i0UHKQyPthuMCh_3sS9qnTZ3bZOZM4dLgGV0CI7c23KTjQ4CkrZ7XNQeFWED9YLy0HNJHrPZYvVH7AZmbVua8MOprQL3rCPqdrfBCwqcnhysQYVCqyEQsnOe_w3neB3KhEOueoMY1sWlWpIFUn7KACJGKAAdsOeTYVohe9VwQval4pZp6wJuSZbGNsDZVdvrQQKdtOx-X6X5IbzkKgDsJd5h2-wXA_jJ5COZmE0mPOvfHLvrCMlrgAOj-zoMutiHJ_lZzwehT43LWeoSoZWU5ZqSzOVQWwgIePTK9wASpnemBrQLgBAGSBQQIBBgBkgUECAUYBKAGA4AHtvX0gQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDazBXSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgPICwHYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjg5NzkwMjE5MTcxNDgzMxjQnBI&sigh=-IoUvq_puqs&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1159412243048153&correlator=1677693550302341&output=ldjh&impl=fifs&eid=31063978&vrg=2022010405&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=5376056%3A143457427%2Cthemarysue_skin%2Cthemarysue_sticky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C2x2%2C1x1%7C728x90%7C970x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D11262%26proper_site%3Dthemarysue%26proper_slot%3D2%26tags%3Dunknown_desktop%252Cunknown%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D11262%26proper_site%3Dthemarysue%26proper_slot%3D8%26tags%3Dunknown_desktop%252Cunknown%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie=ID%3D0bb842dfaa89ba77%3AT%3D1641828162%3AS%3DALNI_MbwoMGoH95O9AVqjmKjqCFCF-0YGQ&bc=31&abxe=1&lmt=1641828163&dt=1641828163250&dlt=1641828161216&idt=1202&frm=20&biw=1600&bih=1200&oid=2&adxs=-160%2C-12245933&adys=70%2C-12245933&adks=3881130180%2C1610557248&ucis=2%7C3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.themarysue.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C0x-1&msz=1760x-1%7C0x-1&ga_vid=479152982.1641828162&ga_sid=1641828162&ga_hid=418160425&ga_fc=true&fws=512%2C640&ohw=0%2C0&btvi=0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
0173a46d656009c3357e50edcc425f27155cfd24ca8525dff628f450467e953a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17223
x-xss-protection
0
google-lineitem-id
5836876057,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138372022798,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/ Frame B903
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e7...
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&gdpr=0&tpuid=CAESECzwGKQ97MRVsOGUZwE55kI...
49 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&gdpr=0&tpuid=CAESECzwGKQ97MRVsOGUZwE55kI&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&gdpr=0&tpuid=CAESECzwGKQ97MRVsOGUZwE55kI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4EEF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Mon, 10 Jan 2022 15:22:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pd
u.openx.net/w/1.0/ Frame DFA8 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Mon, 10 Jan 2022 15:22:43 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ADC4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=149176
expires
Wed, 12 Jan 2022 08:48:59 GMT
date
Mon, 10 Jan 2022 15:22:43 GMT
vary
Accept-Encoding
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame 5CC1 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641828163.391719,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4075-HHN
sync
ups.analytics.yahoo.com/ups/57304/ Frame 5CC1
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyODI1ZTM1Zi03MjI5LTExZWMtOGZmOC0wMjc1Yjk5OTMwM2E%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
date
Mon, 10 Jan 2022 15:22:43 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 5CC1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=77347c28-e909-4568-b8d7-3bfdd731acbe&_origin=1&gdpr=1&gdpr_consent=
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=77347c28-e909-4568-b8d7-3bfdd731acbe&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=77347c28-e909-4568-b8d7-3bfdd731acbe&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
img
ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/ Frame B903
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49bf914b4daa973f2953%2F1641828162740%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=75&tpuid=4891557269792591769&gdpr=0
49 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=75&tpuid=4891557269792591769&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 864.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c9d7a7ae-3e0b-4148-81bd-68c8f0157131
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/img?tpid=75&tpuid=4891557269792591769&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 8012
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=abf3c2de-7963-49a3-ab69-d7bb83d189a3&gdpr=0
49 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=abf3c2de-7963-49a3-ab69-d7bb83d189a3&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:42 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=abf3c2de-7963-49a3-ab69-d7bb83d189a3&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2932372
content-length
0
expires
Mon, 10 Jan 2022 00:00:00 GMT
js
ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/ Frame B903
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=aa157928c399dfb9c901fa5f610a3db3ea5cbc9d290447f1ed9898d8fedf0e39&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=aa157928c399dfb9c901fa5f610a3db3ea5cbc9d290447f1ed9898d8fedf0e39&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F6e71986bd1ea49...
  • https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/js?tpid=48&tpuid=eb5a155214890eb1362e0b3b27e24933
44 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/js?tpid=48&tpuid=eb5a155214890eb1362e0b3b27e24933
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4ed2872714e5465bc267d4b38de28848ec34029ee50caf330738cc3192b0bc42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/6e71986bd1ea49bf914b4daa973f2953/1641828162740/0/js?tpid=48&tpuid=eb5a155214890eb1362e0b3b27e24933
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Jan 2022 15:22:43 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 8012
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=2b3ba936888134d88a62529e...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
49 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:22:42 GMT
img
ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/ Frame 8012
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F845...
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&gdpr=0&tpuid=CAESECzwGKQ97MRVsOGUZwE55kI...
49 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&gdpr=0&tpuid=CAESECzwGKQ97MRVsOGUZwE55kI&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?uid=010ae8e080879868db42c31a4943efd60a880003136013e7bfe43818d508bffd&tpid=38&gdpr=0&tpuid=CAESECzwGKQ97MRVsOGUZwE55kI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2FF7 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=149176
expires
Wed, 12 Jan 2022 08:48:59 GMT
date
Mon, 10 Jan 2022 15:22:43 GMT
vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/57304/ Frame B418
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyODI1ZTM1Zi03MjI5LTExZWMtOGZmOC0wMjc1Yjk5OTMwM2E%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEG_n7DkccvlXcp1f6fTaAeA&google_cver=1&apid=UP2825e35f-7229-11ec-8ff8-0275b999303a
date
Mon, 10 Jan 2022 15:22:43 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame B418 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641828164.593252,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4075-HHN
sync
ups.analytics.yahoo.com/ups/55953/ Frame B418
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=77347c28-e909-4568-b8d7-3bfdd731acbe&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=77347c28-e909-4568-b8d7-3bfdd731acbe&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=77347c28-e909-4568-b8d7-3bfdd731acbe&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
img
ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/ Frame 8012
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41f19e37fd4ed3a8870b%2F1641828162735%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?tpid=75&tpuid=4891557269792591769&gdpr=0
49 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?tpid=75&tpuid=4891557269792591769&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:43 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 864.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9db15447-a703-401f-a1f6-be53edb5d803
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/img?tpid=75&tpuid=4891557269792591769&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sium
ih.adscale.de/ Frame B903 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 10 Jan 2022 15:22:43 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
user
ads3.admatic.com.tr/ Frame 152E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=P6a46eKibArOM15XK5hTYISa&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
35 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server
AdMatic
x-powered-by
AdMatic
etag
MJ9f5iJcrbgcA2TsS2P5baWMeCRtYC23e8s4_lZg17h6VAXd786AVQEcRKWMoacSh2pfwKrqG_L-EBsLOKL2gQ
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:43 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
js
ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/ Frame 8012
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=aa157928c399dfb9c901fa5f610a3db3ea5cbc9d290447f1ed9898d8fedf0e39&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F84576eb3e84a41...
  • https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/js?tpid=48&tpuid=eb5a155214890eb1362e0b3b27e24933
44 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/js?tpid=48&tpuid=eb5a155214890eb1362e0b3b27e24933
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4ed2872714e5465bc267d4b38de28848ec34029ee50caf330738cc3192b0bc42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/84576eb3e84a41f19e37fd4ed3a8870b/1641828162735/0/js?tpid=48&tpuid=eb5a155214890eb1362e0b3b27e24933
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
user
ads3.admatic.com.tr/ Frame C822
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1242f42f-28d9-4390-84ef-45de9455af5b&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
35 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server
AdMatic
x-powered-by
AdMatic
etag
TIUsKu_U5yijNpv8XDF0kZwwJovGImfRIDQLJJJYFvB0t4UGs3Qo4oRL7fcVf5hg_1juu_rCk_DatHZhuDddVg
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:43 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
ptrack
a.audrte.com/ Frame 7149 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.114.215.133&p=M1353665098&artime=2022-01-10T15:22:43.737Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.192.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-192-53.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ac4b161801dbe1f8454ae72d39c79f560752c6a25c2a820e8c48b2723f058928

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
ptrack
a.audrte.com/ Frame A7EB 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.114.215.133&p=M1353665098&artime=2022-01-10T15:22:43.740Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.192.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-192-53.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f0ebeac09c1fd041c7a6a08aca9bd3f217c78e9c67866a6c5186cbf2919a6156

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:43 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
user
ads3.admatic.com.tr/ Frame 152E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=a...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server
AdMatic
x-powered-by
AdMatic
etag
Ztht1zCo2SmQ1Y03YGCKrvdgWjVhzm6p6o6x9dbIUCqDJZpcFb6UC6Zikocd15J8eW1HcAdPhPxlu-YaH1_xWg
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:43 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame C822
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=882d9602-03ab-41de-998c-a69650e57f72
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=882d9602-03ab-41de-998c-a69650e57f72
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=61f188c6-0c2a-4e48-af0c-e5d82a0e374f&ssp=admatic&expires=30&user_group=5&bsw_param=882d9602-03ab-41de-998c-a69650e57f72
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:44 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server
AdMatic
x-powered-by
AdMatic
etag
QOHfMXB0mToK3PMkf-2VqBo_-0iekks4kQ65oN9dnQH4xTs7YKtcpKyrqcxcwn8WmKw1KhSUuJpSzxsudnhP_Q
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:43 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
view
securepubads.g.doubleclick.net/pcs/ Frame C1E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnhoVXJObm6qt9Ugs5WC6CLgg5toNTNu9FSp4ddsCpMBiOOPtTsdLMPsESyNkjrQgyhaln5Z9Lm5pJ_g66_GJILer7sWFWKSjF83_NVZvBZk8tf9-X-RgUub214kht5JH_K2AAgD68ibKI7jnwos_A-VbyPnwRMHCEF91oUEvJHJldmEUuiJVt_QW7yyO7fG_6mF8rlDtOpvHE_Xyl45s5OzP2iIIoPoSZU-gqJPXunXjZGxUQLkUrt2W5EqWUIJDNPR4L0H97LM2x-RSrVTVfnko3XT9WG1vSqgM5y_l1FJjhFlm-z5ahH2308eE&sig=Cg0ArKJSzGvk08qnHfU9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1E0 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:22:43 GMT
container.html
9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AAF8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 10 Jan 2022 15:22:42 GMT
expires
Tue, 10 Jan 2023 15:22:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sium
ih.adscale.de/ Frame 8012 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.144.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-144-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 10 Jan 2022 15:22:43 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
match
ps.eyeota.net/ Frame A7EB
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5963704833846896809
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEDj8GdIjEWVGKq2er5MPc70&google_cver=1
  • https://ps.eyeota.net/match?bid=kh51m51&uid=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame A7EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cbdEKmdok4HQvGF9MurDlFlEQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cbdEKmdok4HQvGF9MurDlFlEQ&gdpr=0&gdpr_consent=&google_gid=CAESEDj8GdIjEWVGKq2er5MPc70&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
34.206.192.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-192-53.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame A7EB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=cbdEKmdok4HQvGF9MurDlFlEQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/ Frame 7149
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5963704833846896809
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEDj8GdIjEWVGKq2er5MPc70&google_cver=1
  • https://ps.eyeota.net/match?bid=kh51m51&uid=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 7149
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=&google_gid=CAESEDj8GdIjEWVGKq2er5MPc70&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
34.206.192.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-192-53.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 7149 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=cbdNEdYVSwRRs21tzmerPhV1w&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
truncated
/ Frame C1E0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4a9a7e4be20e1dd427a17b2913bd5a2af739c7217e50d10414604b96cccfd53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C1E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6xI2p0cJk2PwiDFG64rv6vdTKFeUZhmEZIcC1A0pdaKv95cOJFywAG7g26yZIvHUvbxA-DqxdWw-JCecaQPsSbbJWPdoNh2HjSpcgRvQUSDRiZEuwYexCogGugTLSOP_Q4DYzWS-xIHSCt70UPSAbbxrHBIZxBhGKFn1lxTB3AzDhZOi8EFU7EUSooGazz1Yz02krGctq5c4OO3p6utsvwctBu5BW4PLmkW-2rYf7MD49r9Ir-2etTzOCFWh8nTgH7EvibWVb29ubhrmLMxm8HllCuujGvY4fMfti7MkLRGqaE7m0txYncZhIxgyp6A&sig=Cg0ArKJSzJyyALKxi4-BEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 10 Jan 2022 15:22:44 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Jan 2022 15:22:44 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
pixel
googleads.g.doubleclick.net/xbbe/ Frame 70DD 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDO4qEBGPyHr70BMAE&v=APEucNVS9_rzcdTWxuCmVX9D13cbqSx_rwty4Tsz2L1XpyqWf-gWMPisqyxvpG8pPfseHLGf5qK0e278EWDa-dR-PfbU2n-ylC-mvJqxhDnaJi4iP8FyLPJKbttbU0xMOOUvpHLqZurWwAnCmS0kD6VzoZH4XwvK3tMU7V6OekM1qlgNSqbnUSMbEGJDYqjH8o2r0BgZjEu1
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 10 Jan 2022 15:22:44 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame AAF8 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWJ4mqTVGXluOvFf8h4ATrs85ERaxXePZYu8ehLD6HWcBe3nkwoUe3Ydu8QjQ4E08k4Mm2Mz6kRs4iCAEIcvN5tIR66RE229siLmOeKmqab84s4jFukjRyu5Nw6vxk6AM1eMj_N7JzAuJbMy7tLVIO3UiJqg&cry=1&dbm_d=AKAmf-Dp5mFHcQIPcE7gNjryJZGhVYKsino8IZZ31RyJN8xlqys6X2lWYab1fxrcwEASwsFHOdFXX__DPwn0Zn1lo14rxkPkjf9NOoEy1j8_x5yLNY0HB4aYUPw5DDqpbTzsNvUpwBoND9KjEsSV1zWan883uzr5HNvs2DSQWPZ9_o6pCv7o-jxcAnp30mEbXrf3uA-p4RK6q3CpwJt-twLcYFIgXdI0Tz_ki7GIE0_6CzeQaJ_2W51zs6tjk7_eEsoLi8v0zvbKdfqJdWfpsH7W1-yBuWawlpBqio_rVi_Wri0KZT-MB3zgMphFqWy58woOqoprvmYyoWeZhL-ArMChOeIfoEbebKjbC059dP4_DkjB2onuVH-M6Z2mCYnNDnvxR6K92rPitSEp0mEfpk50gGHHskg8INLCYU0zH0aPrT0arPJKYCEBc3BRc-t4CN0h6W-0ILzY2rDzE5JpwK6UkkktD4BETFNObpdnLjkHMpIFtfkfD74hQqk-pFOudMlnkLiYbDS2Zk51WL5MQRIXhHZD77Q36xi5ZWZw_kaEqzQaTcFaom-4ny3UVkzt6InYDcezcEbqan1TKajzNBD17T_IxoJVMRX8uEfBGdPzRPyepMpoZZJihZMx9LsleE6uCBw21aa8z1l9N1c_vwPBCNkmuypBoh1LAFr0eU6Ff6VbjoQI9Au5eiJdS7twtqpTuk070IujqdE56evwwUiNGJSy2voPevD4VPZ6xtH1xPLQrJM8DdTzX0xsh9gTHNmq-4UiHcXE34kvxBKkS3FwACDDrwLUu67kyghiViqgDIB3dyRrL1hDl6N8qMrt3GC_XzI3J2UdIjdfcD2brkcaJdBHZJLZrn0fr2fIf2xieKK4IMIRY4rXibNNzs4EW-T74rTfVui6_IWxgK-W5hRagEf9Ry6p_cIt_UOtRNWn0Fb0VszJiAciksZjepMcdJ685Maskfz98paIP6oFgrYyKpSCLvRhCeXqnAtiF5phDvbiIyF2jH75hM2WbR7TDnRKy-TKGMejRj4ChJJNY46st0Aqt0slhssQ6fy474fFdkxisFO-ID84rDCPVmvOXDLowcBKI3t7FIEA8TkvsjQO1xFDTxOglCqfo0rFrDM1lckckE8k_HKaKHf1za-wod1PLIWaD4ZV42rLlpOH12bF-Fcq7hKB0OL11m_erAt9tpmmMtnnXTeXKUoH0FjJj_veGtjd3W1xNmD4MSTRPj7EDfTrYg3FPmmZRpe4kmpxG3GjLycfAlICtBngE1gpcur2YCczoEaqFCa5oI5OuUYhqHcsnNpJIfHSXHqkIZKWvhRB3RzXee8pAb9xEjaIKq7SHD7Hb8ygqOSWRgkvgAzyzA9m7YY2DicDHZVJTn9AERw3roygdMHdxuWCKY0BoJDh_iQ6FrLgBAg0-KdV5X0KSr4rU_wYe8XBjXrvTQvCtS4FJleIKebSxmF-RI61imST9rN22DsYw1knJqLJXW9R5cbaUnN1RfLfdGrj_yUeg_6fzeyHn4bJJFXG67EfxpzRexI5NqZTYMPKy9HqWLCusSrNVKo1eFyn3GI-p2y1hiMIxUoVEvL7M8U5ra5Ch5UBiAJrSLQMTD2pAGH_qq-SWEyROuYGg-9Qu569NP4w8enHpmh3gUoiUYuNVkYXuV7EXs-Im2B6vUD6zQNf1PjNX4yJCYoBic-HO_QfeI7YqEOowJYBhDhBZySLRDhKSNWcdsgtSKNBHg8W5mQElxSHKbIa5wNmGxQHYq3sY3iNXjMvJjY14BLQcL-fxjL0mztjmViC2RBaScyR4pb3cmW08mmNSgZkxGwjSi5xhs9ENimoYlTR9fJniuQKcD977iI1u4qBc2a2zEkWKQIoyjdqNnqgSFubOP7sVaPf4ujlHXx6o__eOPTQicEusceL1t-9VRDNnn360JkP0mqnNvdmhGyySK2UUxRDcnVBfsMT1JtogDEhpyJPIKdlHqxEniAfEGv7sUBGWjIX8hciblkyJZMyAyCIfQmeU8P2_FLBik8A39zj-8q7t0knV6yyDrsWMnsSeo8yIH7fRD6d_PGmB16E6osu0SPRxl8sfmG21wqMyOA9VSYbrU93ydsPoi1LmhJeOHBfY4ArQBw1M--cihgXkAYshq8eCfPjRkNji0_GlHBMA373jzqgLbPQrgHpj-3sBr72PwVWBXO9PTTDFaZ-tajA7_w4l956BLnnRiN31u715LPc3Xh9GckbgwbDkwNSgZELHp3xP27MO456ktTVdfQ1-f1AL2caTSCZS0j8WvnvGkBtEVCt0Bh-FC1gVVdL_kTUP2rtj92B_XaJvVv0fmoM63iRcKh_roOMCJ7ibrmhRZDcLhyphvKoOkIQBsQ1HCaspOBHUrv0tatEFbzXsv4ZwltAJwvSKQZuK70aFYLIb8Qjv9Htnd8s6aMYU4fujHqFYrQBIQ7tVaOTE4IdwdvvhQFlMudYB4NcA4JcsaAvsZ_raspB1gS0d5Y4fOgJlammCZdQl_eBNSNCTXmTgks8GoGC38FoVmKwjpvcb5GL0tml3y-YSyqj58pZFrvIyV0ksqN7yFH6UEwW0bF7ygmZLwXHizG-p5a3YOvILa_wMbqLgP7lttY-sheaVQI-I-qisxinS6FUuadvb54c7HrX-nbfKW5e-QZtuVITPUY0RZFtaz0ABUPcGh1_oODwzm7U0w3MnDH8xgSonRsYkwjWZb3nUbbnjOLd811jGCc49SGEMzpxraXxnuFou-g095ogOtyMGQGLIY5haNk6m5u_9cS6ENdGFR9CupQFsKX14MWKu9XNBzkI6qy9hvJP1nEAWf3wfkyYYOWMo9fLIl0auLzM2y9KMok1vsy4eNT-QhDctu9R4ELhUxBKQK6E49bWzzSzoCtM0GUQwhUwO2yR0UflmMuZ22pzSp29OjUnQoQ_3Mr3jcBXA6wfORY9aid5xKsXtsO_gXta3yFiNXm7P4UL2yza1aufwmzAD_K8pLLO5TDqn4HwnKr3lN-UmA_f_3MxfUAasCFjuTFRUDPO9oTQ5uRpEakdafAXDuq8TD3iGu2Pr0EOhb_Xi_3Y2NVCt-BztuqYnR6-_NfhrMOe4a5_OPtQhM5jsCdeI27wIusqBez8Mpmuones2ELjCxiKHeIHgG-7TnwRfc0YI3MANeOF8trDTU1hziSAVHpRLfSz7pI5WT5D6wz8lxnxflbWWN-oQ4u7UJ2tokWkDaf6J1JRR0CoRFtegzKZbrmX_OiATOQe359eYveygLx1ssM9KqgRu0eU8jsn-_cAxV6YWd3lWIyFmiYM52Nt0hWXg29z6e19Ucfud4FXaG-sxWcPii75mKXrLdfxDR9vQtvjUA&cid=CAASEuRoBjIWwswNcTQVNiJ3zKIiCQ&rfl=1%2Chttps%253A%252F%252Fwww.themarysue.com%252F%240
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
736342d9c7a0292dcd6b3be56051f3f414dbbe6df098a0bdb76cf14e7df94bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14224
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAF8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdQW-yLNHI8uvnestTfz31s3cYOsWEUP23PsndtlluW7xH-KM02vUnDNZmwJbjMP8mSvw_M8-0pJJXHBhDGo4qEB2HapdxvaIk6mjdQs6TvLjlYqk
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame AAF8 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=15401031&campId=53040723&pubId=1&chanId=42385568980&placementId=397132796&dealId=&adsafe_par&impId=ABAjH0gQzWE11gCwm9BaNZTdw6Gz&bidurl=https://www.themarysue.com/
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.209.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-209-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b88294c98b4c1fce241902bb41252c6db190ee4f192d3b92c686045de4163029

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
content-encoding
gzip
x-f1
1
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame AAF8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
830
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:08:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AAF8 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:22:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame AAF8 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:18:32 GMT
l
www.google.com/ads/measurement/ Frame AAF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUgIGkyiZy-47_eWRpPp9MuymWsGV8BNZ5SED9oHc4XmNrpqzT9dJZwyLGaAC-BlgpK7QE55fv67ALKHh2mMgUFod0gA
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 70DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxYuqoJfuCCrQqZG-LvPCo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxYuqoJfuCCrQqZG-LvPCo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDO4qEBGPyHr70BMAE&v=APEucNVS9_rzcdTWxuCmVX9D13cbqSx_rwty4Tsz2L1XpyqWf-gWMPisqyxvpG8pPfseHLGf5qK0e278EWDa-dR-PfbU2n-ylC-mvJqxhDnaJi4iP8FyLPJKbttbU0xMOOUvpHLqZurWwAnCmS0kD6VzoZH4XwvK3tMU7V6OekM1qlgNSqbnUSMbEGJDYqjH8o2r0BgZjEu1
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:22:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxYuqoJfuCCrQqZG-LvPCo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 70DD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdxPQRngm4F2ibcuoBZx0gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxYuqoJfuCCrQqZG-LvPCo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxYuqoJfuCCrQqZG-LvPCo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDO4qEBGPyHr70BMAE&v=APEucNVS9_rzcdTWxuCmVX9D13cbqSx_rwty4Tsz2L1XpyqWf-gWMPisqyxvpG8pPfseHLGf5qK0e278EWDa-dR-PfbU2n-ylC-mvJqxhDnaJi4iP8FyLPJKbttbU0xMOOUvpHLqZurWwAnCmS0kD6VzoZH4XwvK3tMU7V6OekM1qlgNSqbnUSMbEGJDYqjH8o2r0BgZjEu1
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:22:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxYuqoJfuCCrQqZG-LvPCo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 70DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELHxP9PTtALffdcahYrLXPw&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELHxP9PTtALffdcahYrLXPw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDO4qEBGPyHr70BMAE&v=APEucNVS9_rzcdTWxuCmVX9D13cbqSx_rwty4Tsz2L1XpyqWf-gWMPisqyxvpG8pPfseHLGf5qK0e278EWDa-dR-PfbU2n-ylC-mvJqxhDnaJi4iP8FyLPJKbttbU0xMOOUvpHLqZurWwAnCmS0kD6VzoZH4XwvK3tMU7V6OekM1qlgNSqbnUSMbEGJDYqjH8o2r0BgZjEu1
Protocol
HTTP/1.1
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:44 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
56ccf614-0088-4735-a2a7-1c5f11e5f5f3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELHxP9PTtALffdcahYrLXPw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 70DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg5MTU1NzI2OTc5MjU5MTc2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg5MTU1NzI2OTc5MjU5MTc2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDO4qEBGPyHr70BMAE&v=APEucNVS9_rzcdTWxuCmVX9D13cbqSx_rwty4Tsz2L1XpyqWf-gWMPisqyxvpG8pPfseHLGf5qK0e278EWDa-dR-PfbU2n-ylC-mvJqxhDnaJi4iP8FyLPJKbttbU0xMOOUvpHLqZurWwAnCmS0kD6VzoZH4XwvK3tMU7V6OekM1qlgNSqbnUSMbEGJDYqjH8o2r0BgZjEu1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:44 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
20dbfd05-2767-43f4-83cc-e8eed1ded7d7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg5MTU1NzI2OTc5MjU5MTc2OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame AAF8 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWJ4mqTVGXluOvFf8h4ATrs85ERaxXePZYu8ehLD6HWcBe3nkwoUe3Ydu8QjQ4E08k4Mm2Mz6kRs4iCAEIcvN5tIR66RE229siLmOeKmqab84s4jFukjRyu5Nw6vxk6AM1eMj_N7JzAuJbMy7tLVIO3UiJqg&cry=1&dbm_d=AKAmf-Dp5mFHcQIPcE7gNjryJZGhVYKsino8IZZ31RyJN8xlqys6X2lWYab1fxrcwEASwsFHOdFXX__DPwn0Zn1lo14rxkPkjf9NOoEy1j8_x5yLNY0HB4aYUPw5DDqpbTzsNvUpwBoND9KjEsSV1zWan883uzr5HNvs2DSQWPZ9_o6pCv7o-jxcAnp30mEbXrf3uA-p4RK6q3CpwJt-twLcYFIgXdI0Tz_ki7GIE0_6CzeQaJ_2W51zs6tjk7_eEsoLi8v0zvbKdfqJdWfpsH7W1-yBuWawlpBqio_rVi_Wri0KZT-MB3zgMphFqWy58woOqoprvmYyoWeZhL-ArMChOeIfoEbebKjbC059dP4_DkjB2onuVH-M6Z2mCYnNDnvxR6K92rPitSEp0mEfpk50gGHHskg8INLCYU0zH0aPrT0arPJKYCEBc3BRc-t4CN0h6W-0ILzY2rDzE5JpwK6UkkktD4BETFNObpdnLjkHMpIFtfkfD74hQqk-pFOudMlnkLiYbDS2Zk51WL5MQRIXhHZD77Q36xi5ZWZw_kaEqzQaTcFaom-4ny3UVkzt6InYDcezcEbqan1TKajzNBD17T_IxoJVMRX8uEfBGdPzRPyepMpoZZJihZMx9LsleE6uCBw21aa8z1l9N1c_vwPBCNkmuypBoh1LAFr0eU6Ff6VbjoQI9Au5eiJdS7twtqpTuk070IujqdE56evwwUiNGJSy2voPevD4VPZ6xtH1xPLQrJM8DdTzX0xsh9gTHNmq-4UiHcXE34kvxBKkS3FwACDDrwLUu67kyghiViqgDIB3dyRrL1hDl6N8qMrt3GC_XzI3J2UdIjdfcD2brkcaJdBHZJLZrn0fr2fIf2xieKK4IMIRY4rXibNNzs4EW-T74rTfVui6_IWxgK-W5hRagEf9Ry6p_cIt_UOtRNWn0Fb0VszJiAciksZjepMcdJ685Maskfz98paIP6oFgrYyKpSCLvRhCeXqnAtiF5phDvbiIyF2jH75hM2WbR7TDnRKy-TKGMejRj4ChJJNY46st0Aqt0slhssQ6fy474fFdkxisFO-ID84rDCPVmvOXDLowcBKI3t7FIEA8TkvsjQO1xFDTxOglCqfo0rFrDM1lckckE8k_HKaKHf1za-wod1PLIWaD4ZV42rLlpOH12bF-Fcq7hKB0OL11m_erAt9tpmmMtnnXTeXKUoH0FjJj_veGtjd3W1xNmD4MSTRPj7EDfTrYg3FPmmZRpe4kmpxG3GjLycfAlICtBngE1gpcur2YCczoEaqFCa5oI5OuUYhqHcsnNpJIfHSXHqkIZKWvhRB3RzXee8pAb9xEjaIKq7SHD7Hb8ygqOSWRgkvgAzyzA9m7YY2DicDHZVJTn9AERw3roygdMHdxuWCKY0BoJDh_iQ6FrLgBAg0-KdV5X0KSr4rU_wYe8XBjXrvTQvCtS4FJleIKebSxmF-RI61imST9rN22DsYw1knJqLJXW9R5cbaUnN1RfLfdGrj_yUeg_6fzeyHn4bJJFXG67EfxpzRexI5NqZTYMPKy9HqWLCusSrNVKo1eFyn3GI-p2y1hiMIxUoVEvL7M8U5ra5Ch5UBiAJrSLQMTD2pAGH_qq-SWEyROuYGg-9Qu569NP4w8enHpmh3gUoiUYuNVkYXuV7EXs-Im2B6vUD6zQNf1PjNX4yJCYoBic-HO_QfeI7YqEOowJYBhDhBZySLRDhKSNWcdsgtSKNBHg8W5mQElxSHKbIa5wNmGxQHYq3sY3iNXjMvJjY14BLQcL-fxjL0mztjmViC2RBaScyR4pb3cmW08mmNSgZkxGwjSi5xhs9ENimoYlTR9fJniuQKcD977iI1u4qBc2a2zEkWKQIoyjdqNnqgSFubOP7sVaPf4ujlHXx6o__eOPTQicEusceL1t-9VRDNnn360JkP0mqnNvdmhGyySK2UUxRDcnVBfsMT1JtogDEhpyJPIKdlHqxEniAfEGv7sUBGWjIX8hciblkyJZMyAyCIfQmeU8P2_FLBik8A39zj-8q7t0knV6yyDrsWMnsSeo8yIH7fRD6d_PGmB16E6osu0SPRxl8sfmG21wqMyOA9VSYbrU93ydsPoi1LmhJeOHBfY4ArQBw1M--cihgXkAYshq8eCfPjRkNji0_GlHBMA373jzqgLbPQrgHpj-3sBr72PwVWBXO9PTTDFaZ-tajA7_w4l956BLnnRiN31u715LPc3Xh9GckbgwbDkwNSgZELHp3xP27MO456ktTVdfQ1-f1AL2caTSCZS0j8WvnvGkBtEVCt0Bh-FC1gVVdL_kTUP2rtj92B_XaJvVv0fmoM63iRcKh_roOMCJ7ibrmhRZDcLhyphvKoOkIQBsQ1HCaspOBHUrv0tatEFbzXsv4ZwltAJwvSKQZuK70aFYLIb8Qjv9Htnd8s6aMYU4fujHqFYrQBIQ7tVaOTE4IdwdvvhQFlMudYB4NcA4JcsaAvsZ_raspB1gS0d5Y4fOgJlammCZdQl_eBNSNCTXmTgks8GoGC38FoVmKwjpvcb5GL0tml3y-YSyqj58pZFrvIyV0ksqN7yFH6UEwW0bF7ygmZLwXHizG-p5a3YOvILa_wMbqLgP7lttY-sheaVQI-I-qisxinS6FUuadvb54c7HrX-nbfKW5e-QZtuVITPUY0RZFtaz0ABUPcGh1_oODwzm7U0w3MnDH8xgSonRsYkwjWZb3nUbbnjOLd811jGCc49SGEMzpxraXxnuFou-g095ogOtyMGQGLIY5haNk6m5u_9cS6ENdGFR9CupQFsKX14MWKu9XNBzkI6qy9hvJP1nEAWf3wfkyYYOWMo9fLIl0auLzM2y9KMok1vsy4eNT-QhDctu9R4ELhUxBKQK6E49bWzzSzoCtM0GUQwhUwO2yR0UflmMuZ22pzSp29OjUnQoQ_3Mr3jcBXA6wfORY9aid5xKsXtsO_gXta3yFiNXm7P4UL2yza1aufwmzAD_K8pLLO5TDqn4HwnKr3lN-UmA_f_3MxfUAasCFjuTFRUDPO9oTQ5uRpEakdafAXDuq8TD3iGu2Pr0EOhb_Xi_3Y2NVCt-BztuqYnR6-_NfhrMOe4a5_OPtQhM5jsCdeI27wIusqBez8Mpmuones2ELjCxiKHeIHgG-7TnwRfc0YI3MANeOF8trDTU1hziSAVHpRLfSz7pI5WT5D6wz8lxnxflbWWN-oQ4u7UJ2tokWkDaf6J1JRR0CoRFtegzKZbrmX_OiATOQe359eYveygLx1ssM9KqgRu0eU8jsn-_cAxV6YWd3lWIyFmiYM52Nt0hWXg29z6e19Ucfud4FXaG-sxWcPii75mKXrLdfxDR9vQtvjUA&cid=CAASEuRoBjIWwswNcTQVNiJ3zKIiCQ&rfl=1%2Chttps%253A%252F%252Fwww.themarysue.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
521
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9529
x-xss-protection
0
server
cafe
etag
16937460792814555877
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:14:03 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AAF8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWJ4mqTVGXluOvFf8h4ATrs85ERaxXePZYu8ehLD6HWcBe3nkwoUe3Ydu8QjQ4E08k4Mm2Mz6kRs4iCAEIcvN5tIR66RE229siLmOeKmqab84s4jFukjRyu5Nw6vxk6AM1eMj_N7JzAuJbMy7tLVIO3UiJqg&cry=1&dbm_d=AKAmf-Dp5mFHcQIPcE7gNjryJZGhVYKsino8IZZ31RyJN8xlqys6X2lWYab1fxrcwEASwsFHOdFXX__DPwn0Zn1lo14rxkPkjf9NOoEy1j8_x5yLNY0HB4aYUPw5DDqpbTzsNvUpwBoND9KjEsSV1zWan883uzr5HNvs2DSQWPZ9_o6pCv7o-jxcAnp30mEbXrf3uA-p4RK6q3CpwJt-twLcYFIgXdI0Tz_ki7GIE0_6CzeQaJ_2W51zs6tjk7_eEsoLi8v0zvbKdfqJdWfpsH7W1-yBuWawlpBqio_rVi_Wri0KZT-MB3zgMphFqWy58woOqoprvmYyoWeZhL-ArMChOeIfoEbebKjbC059dP4_DkjB2onuVH-M6Z2mCYnNDnvxR6K92rPitSEp0mEfpk50gGHHskg8INLCYU0zH0aPrT0arPJKYCEBc3BRc-t4CN0h6W-0ILzY2rDzE5JpwK6UkkktD4BETFNObpdnLjkHMpIFtfkfD74hQqk-pFOudMlnkLiYbDS2Zk51WL5MQRIXhHZD77Q36xi5ZWZw_kaEqzQaTcFaom-4ny3UVkzt6InYDcezcEbqan1TKajzNBD17T_IxoJVMRX8uEfBGdPzRPyepMpoZZJihZMx9LsleE6uCBw21aa8z1l9N1c_vwPBCNkmuypBoh1LAFr0eU6Ff6VbjoQI9Au5eiJdS7twtqpTuk070IujqdE56evwwUiNGJSy2voPevD4VPZ6xtH1xPLQrJM8DdTzX0xsh9gTHNmq-4UiHcXE34kvxBKkS3FwACDDrwLUu67kyghiViqgDIB3dyRrL1hDl6N8qMrt3GC_XzI3J2UdIjdfcD2brkcaJdBHZJLZrn0fr2fIf2xieKK4IMIRY4rXibNNzs4EW-T74rTfVui6_IWxgK-W5hRagEf9Ry6p_cIt_UOtRNWn0Fb0VszJiAciksZjepMcdJ685Maskfz98paIP6oFgrYyKpSCLvRhCeXqnAtiF5phDvbiIyF2jH75hM2WbR7TDnRKy-TKGMejRj4ChJJNY46st0Aqt0slhssQ6fy474fFdkxisFO-ID84rDCPVmvOXDLowcBKI3t7FIEA8TkvsjQO1xFDTxOglCqfo0rFrDM1lckckE8k_HKaKHf1za-wod1PLIWaD4ZV42rLlpOH12bF-Fcq7hKB0OL11m_erAt9tpmmMtnnXTeXKUoH0FjJj_veGtjd3W1xNmD4MSTRPj7EDfTrYg3FPmmZRpe4kmpxG3GjLycfAlICtBngE1gpcur2YCczoEaqFCa5oI5OuUYhqHcsnNpJIfHSXHqkIZKWvhRB3RzXee8pAb9xEjaIKq7SHD7Hb8ygqOSWRgkvgAzyzA9m7YY2DicDHZVJTn9AERw3roygdMHdxuWCKY0BoJDh_iQ6FrLgBAg0-KdV5X0KSr4rU_wYe8XBjXrvTQvCtS4FJleIKebSxmF-RI61imST9rN22DsYw1knJqLJXW9R5cbaUnN1RfLfdGrj_yUeg_6fzeyHn4bJJFXG67EfxpzRexI5NqZTYMPKy9HqWLCusSrNVKo1eFyn3GI-p2y1hiMIxUoVEvL7M8U5ra5Ch5UBiAJrSLQMTD2pAGH_qq-SWEyROuYGg-9Qu569NP4w8enHpmh3gUoiUYuNVkYXuV7EXs-Im2B6vUD6zQNf1PjNX4yJCYoBic-HO_QfeI7YqEOowJYBhDhBZySLRDhKSNWcdsgtSKNBHg8W5mQElxSHKbIa5wNmGxQHYq3sY3iNXjMvJjY14BLQcL-fxjL0mztjmViC2RBaScyR4pb3cmW08mmNSgZkxGwjSi5xhs9ENimoYlTR9fJniuQKcD977iI1u4qBc2a2zEkWKQIoyjdqNnqgSFubOP7sVaPf4ujlHXx6o__eOPTQicEusceL1t-9VRDNnn360JkP0mqnNvdmhGyySK2UUxRDcnVBfsMT1JtogDEhpyJPIKdlHqxEniAfEGv7sUBGWjIX8hciblkyJZMyAyCIfQmeU8P2_FLBik8A39zj-8q7t0knV6yyDrsWMnsSeo8yIH7fRD6d_PGmB16E6osu0SPRxl8sfmG21wqMyOA9VSYbrU93ydsPoi1LmhJeOHBfY4ArQBw1M--cihgXkAYshq8eCfPjRkNji0_GlHBMA373jzqgLbPQrgHpj-3sBr72PwVWBXO9PTTDFaZ-tajA7_w4l956BLnnRiN31u715LPc3Xh9GckbgwbDkwNSgZELHp3xP27MO456ktTVdfQ1-f1AL2caTSCZS0j8WvnvGkBtEVCt0Bh-FC1gVVdL_kTUP2rtj92B_XaJvVv0fmoM63iRcKh_roOMCJ7ibrmhRZDcLhyphvKoOkIQBsQ1HCaspOBHUrv0tatEFbzXsv4ZwltAJwvSKQZuK70aFYLIb8Qjv9Htnd8s6aMYU4fujHqFYrQBIQ7tVaOTE4IdwdvvhQFlMudYB4NcA4JcsaAvsZ_raspB1gS0d5Y4fOgJlammCZdQl_eBNSNCTXmTgks8GoGC38FoVmKwjpvcb5GL0tml3y-YSyqj58pZFrvIyV0ksqN7yFH6UEwW0bF7ygmZLwXHizG-p5a3YOvILa_wMbqLgP7lttY-sheaVQI-I-qisxinS6FUuadvb54c7HrX-nbfKW5e-QZtuVITPUY0RZFtaz0ABUPcGh1_oODwzm7U0w3MnDH8xgSonRsYkwjWZb3nUbbnjOLd811jGCc49SGEMzpxraXxnuFou-g095ogOtyMGQGLIY5haNk6m5u_9cS6ENdGFR9CupQFsKX14MWKu9XNBzkI6qy9hvJP1nEAWf3wfkyYYOWMo9fLIl0auLzM2y9KMok1vsy4eNT-QhDctu9R4ELhUxBKQK6E49bWzzSzoCtM0GUQwhUwO2yR0UflmMuZ22pzSp29OjUnQoQ_3Mr3jcBXA6wfORY9aid5xKsXtsO_gXta3yFiNXm7P4UL2yza1aufwmzAD_K8pLLO5TDqn4HwnKr3lN-UmA_f_3MxfUAasCFjuTFRUDPO9oTQ5uRpEakdafAXDuq8TD3iGu2Pr0EOhb_Xi_3Y2NVCt-BztuqYnR6-_NfhrMOe4a5_OPtQhM5jsCdeI27wIusqBez8Mpmuones2ELjCxiKHeIHgG-7TnwRfc0YI3MANeOF8trDTU1hziSAVHpRLfSz7pI5WT5D6wz8lxnxflbWWN-oQ4u7UJ2tokWkDaf6J1JRR0CoRFtegzKZbrmX_OiATOQe359eYveygLx1ssM9KqgRu0eU8jsn-_cAxV6YWd3lWIyFmiYM52Nt0hWXg29z6e19Ucfud4FXaG-sxWcPii75mKXrLdfxDR9vQtvjUA&cid=CAASEuRoBjIWwswNcTQVNiJ3zKIiCQ&rfl=1%2Chttps%253A%252F%252Fwww.themarysue.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 11:40:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
531741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jan 2023 11:40:23 GMT
bsredirect5.js
rtbcdn.doubleverify.com/ Frame AAF8 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_662069057705
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:185::4469 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1f932f6b67da2b8fd660807f4ba5945669d07d155c284c4544ab4c6ecd2adaf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 06:23:11 GMT
Server
Microsoft-IIS/10.0
ETag
"b4e1f13fcebd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2892 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 04 Jan 2022 11:40:23 GMT
expires
Wed, 04 Jan 2023 11:40:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
531741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
pagead2.googlesyndication.com/bg/ Frame 2892 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 12:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
96974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13292
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 12:26:30 GMT
bsredirect5_internal74.js
rtbcdn.doubleverify.com/ Frame AAF8 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal74.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_662069057705
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:185::4469 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
222ccc320d76314b189ce4d71f14f40861354d0bec2e4209fe52a8ce2e59edbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 06:23:27 GMT
Server
Microsoft-IIS/10.0
ETag
"80d94f1cfcebd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13161
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2892 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFH1FRE_cYcurBsmU7_UPoqeOmAUAAAAAOAHgBAI&bg=!jI-lj8vNAAbDtiZlw7Y7ACkAdvg8WtEo_wpMpD7WvWHNgWnvGTwztqR2f2byz49CcF764tyJRxc5FAIAAABLUgAAAAtoAQcKADDC4GB-1Qcpt10BwkTCv3qC0ZqickPcOivOLTYxPCDFhJmLk41CZQ5oeUO-o8wJhV-ZAtgLZQLirZy0odQc5reTo-nRAZYGPd23sCBsfg4OBDFfGrpihSFLVOO6bvojI9c531YrfV2jyd2yx8NqFSPhV22DONwvilpnnYO_QB3vHGJktUvf_Nliaub4Z0lNxTKTQw-Wu-1MIQgbEPeRaI4WcGG34XJ4fXGaroeEbVtsZKzStlD1QPhHlnmk3EJYbuytyOukqdBcW2y1i8xMk2CgOpZK4aXLJnk3EmOKZX5lpis9o8Iz3wF5I3eg1jddE5zTpngaijgZaefYSUhPKNxHRaxls3jP7stMRj2xUFdhQjsI3ipaCgxP5bhmrrn1UvT_U2h3kg8Orv0s48vjuSuVU1ef4_hYpBICVMZogHJvsR8NqiBG8KvkN8Hl-hR9QXkE0MImoLeQ9ExyoGGroFleaJn5aQF2JhWLvZVHJ4-9WDBA_8U5V-wpSGCyZT_Wtx8xagsxTnGkoUqcboimtNGAlYT5APY9vYKx_a_9-dWeymGfIYFVcSXQIWZxbnjHouoxI-jGbHxVEEtZMxmfrnXUQIBnPfql8-8iRaU3AWJRqDsA0eCrAjveg-CYYBmdTEFVt7UV-EN2o4Sw22gEVIqIQoA2te_5YoXMJf_50W6y0uwo0OfCuld3OJPDTFoCpfQso5k5p9HExGBGhx8ZFpCMyrNQGzlUHxM_AclpRntT-7wlOpfHbzni-D0F5IayhJngTW5KX3W3rl7beR6nIhnm125z4bMfPY-c-AKsh-B2Vz3AGV-K0cUUeg8Lo42DD4IdrvRtuAFgCg5UIo_Rqe3W9MsdqIROMJ0s4CI5CkXOWSOu4aRTDjOnRHlxaXYcd52EIO03wJtjrS9uVG-TFg1gZXappYKRKVVLPMaVr5XcspUj-tf23hdSnMhj3mWFbvnHbrFg9EIXpR6ImAjrcVhfjoNlfBnTy8Kt_bmmObWnbczY_NsF-XCHxh77A-lCZomtEpKKEz4zcCDP-g
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
verifyc.js
rtb0.doubleverify.com/ Frame AAF8 		1 KB
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=26792913&plc=322809360&sid=5700506&num=5&srcurlD=0&callback=__verify_callback_662069057705&jsTagObjCallback=__tagObject_callback_662069057705&ssl=1&refD=1&htmlmsging=1&guid=1641828164336873&brid=3&brver=97&bridua=3&dvp_strhd=0.40&dvpx_strhd=0.40&m1=13&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTauHHH%5DE96%3E2CJDF6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%3E2CJDF6%5D4%40%3ETar9EEADTbpTauTauh33e%60g7b44_666252%60c%6073_7fhd7fcb3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&ver=103&dvp_exetime=3.60
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal74.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
9fdbd6a5d5391db6ac87c070a5b30aa6b5e9b1ec9ccbaa0fe80d71dd808e5096

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Mon, 10 Jan 2022 15:22:44 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
1/9/2022 3:22:44 PM
activeview
pagead2.googlesyndication.com/pcs/ Frame 4EEF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssu6cebzbSs80Yj3jhHCSUZ1V5IdQn10_tjULCAEWkew4VfM3IqblL27qF7v9wf4VUzOyb2buu67K2HcLjlIBsIqGNooEiCcFnK5vEx5mCLa-8H9AR0-il9E6ISVpxWpGvWVCsfDfTbdNeb&sai=AMfl-YQ9-fBw7B56jOuAuoz92aR9a8LBY_qgHlhbrdOA7tsZHb0iUzudTuKMq7Jjby9GQdlR0C6MTUG2OXw6D2LTDZyKdMfalJ966kOqyXg-zBGxEHHicdXjUmvOA1g&sig=Cg0ArKJSzOtNo_Rk79d4EAE&cid=CAASF-RoyQP5BM3P24d26bRXw9eNV_56Jj03&id=ampim&o=1035,129&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=90&tls=1091&g=100&h=100&tt=1091&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1903544406
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
tps20522.doubleverify.com/ Frame AAF8 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20522.doubleverify.com/bsevent.gif?impid=0875f91156b44101b0b7196a011bfeed&vfdur=107&cbust=1641828164448413
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal74.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
1/9/2022 3:22:44 PM
globalpassback_728x90.gif
cdn.besafe.global/ Frame AAF8 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.besafe.global/globalpassback_728x90.gif
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5800:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db4a67617b6be8a7e51017e4c994206bd238e35db41d2e70e1efcb9d922d51f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 04:38:01 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
last-modified
Mon, 28 Oct 2019 18:58:12 GMT
server
AmazonS3
age
38835
etag
"22f3923c56222a82263c1112dd44f5fb"
x-amz-meta-sha256
db4a67617b6be8a7e51017e4c994206bd238e35db41d2e70e1efcb9d922d51f9
content-type
image/gif
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
12928
x-amz-cf-id
iVkkXFcWtZX2S0OvCeoqLvVvx2QNlft6PWZRw1axjbFXHaGWYa_c4w==
x-amz-meta-s3b-last-modified
20190925T124242Z
main.gr.19.8.278.js
static.adsafeprotected.com/ Frame AAF8 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.278.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=15401031&campId=53040723&pubId=1&chanId=42385568980&placementId=397132796&dealId=&adsafe_par&impId=ABAjH0gQzWE11gCwm9BaNZTdw6Gz&bidurl=https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bed38040df1f2a4980f67d6ee53bf3b5beed8cf09624280b5984087e1d6616f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 18:42:39 GMT
content-encoding
gzip
age
506405
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 04 Jan 2022 18:27:07 GMT
server
AmazonS3
etag
W/"fe3aa9b2e53c97a75b950ad15d62c7d0"
vary
Accept-Encoding
x-amz-version-id
zdF5YWCVsbThwQ1AlRCr7haUE5FvU9pr
via
1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Zf4enQHAkaPfiIXfOr2bq6hnpfHcB1oRpIxuyJKgDue7SKdf1N7KXw==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9137 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 10 Jan 2022 13:26:12 GMT
expires
Tue, 11 Jan 2022 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
6992
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame AAF8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48f015e358796af79d540a3daca0544eb4d1971063197312bc3d1d8d415cff2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 9137 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEH96OELhVVC-4oYjUGW1Rdk&google_cver=1&google_push=AYg5qPKCh_n7agXRXU6p2Qf_XtSCo5rKIQnBYUBZiHL_D6wBRpQC4mWVyVkzKcPmsWY0TcNRKJY1Ww_svi8nTY0tp8PHKH8awqd3
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 9137 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIf3idClXJnPhVfkD0dREj4&google_cver=1&google_push=AYg5qPIC97lftxhjfAOY_UmbJSi80jMgiKiA6vAU1qIhDhFssT3854sGltSohirJyP95SY0_9izAAMwyQTi5CKM9ySX3c1mNXuqN
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641828165.503692,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4075-HHN
pixel
cm.g.doubleclick.net/ Frame 9137
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEM2XJUaaCO09-RosgkPCz7A&google_cver=1&google_push=AYg5qPJygIWQwiulb2KtfyHM9YmF-iQtQAtclhMAHlSAFHxVBEYPLOZ6H9WH5M5vvSWcjssmkE0Q1...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPJygIWQwiulb2KtfyHM9YmF-iQtQAtclhMAHlSAFHxVBEYPLOZ6H9WH5M5vvSWcjssmkE0Q1YMheQCpIuYISL-Ku6C7CU5O
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPJygIWQwiulb2KtfyHM9YmF-iQtQAtclhMAHlSAFHxVBEYPLOZ6H9WH5M5vvSWcjssmkE0Q1YMheQCpIuYISL-Ku6C7CU5O
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 10 Jan 2022 15:22:44 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 2246431B645440A6BED1E6D97E49C3AF Ref B: FRAEDGE0713 Ref C: 2022-01-10T15:22:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPJygIWQwiulb2KtfyHM9YmF-iQtQAtclhMAHlSAFHxVBEYPLOZ6H9WH5M5vvSWcjssmkE0Q1YMheQCpIuYISL-Ku6C7CU5O
x-li-proto
http/2
content-length
0
x-li-uuid
AAXVO+iIRd51P4Ia3l6sZQ==
pixel
cm.g.doubleclick.net/ Frame 9137
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO7U5qkCmUw1pBaA20OEbCE&google_cver=1&google_push=AYg5qPI0hoAiA1dbQZsYkF03YgywqxlBdh4BRjP0gWXEvaEPxEMRp_rkzEnJW-FJTsWqzP9y5_vavk3L...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2MzcwNDgzMzg0Njg5NjgwOQ&google_push=AYg5qPI0hoAiA1dbQZsYkF03YgywqxlBdh4BRjP0gWXEvaEPxEMRp_rkzEnJW-FJTsWqzP9y5_vavk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2MzcwNDgzMzg0Njg5NjgwOQ&google_push=AYg5qPI0hoAiA1dbQZsYkF03YgywqxlBdh4BRjP0gWXEvaEPxEMRp_rkzEnJW-FJTsWqzP9y5_vavk3LR3NLOQdO1GZtO_RmHFM
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2MzcwNDgzMzg0Njg5NjgwOQ&google_push=AYg5qPI0hoAiA1dbQZsYkF03YgywqxlBdh4BRjP0gWXEvaEPxEMRp_rkzEnJW-FJTsWqzP9y5_vavk3LR3NLOQdO1GZtO_RmHFM
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
exptsync
ads.yieldmo.com/ Frame 9137 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEA5l1AS9JfeOn2R74v2BLJw&google_cver=1&google_push=AYg5qPKCj4-rjdNBUxj3g5iuCvu26DQGlw5LSUtYIXgEIF9M2Sk14G8H08V8fGzsq9HB94DqwSHEMd4xJVM1yq6_-E_b8TkQBUTY
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.97.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-97-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:44 GMT
dot.gif
s0.2mdn.net/ Frame 9137 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMExBlz7R6r-2cXSXRGucFg&google_cver=1&google_push=AYg5qPI50xdmCHg1NYUtFXX7EJTCBet14_xerCyPdBQNi5lSNvA9e3Aitl_fyvrBru-HIL5VSMs9r_BCPYOiuyx_vqEob37V3ebwNA
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jan 2022 15:22:44 GMT
0.gif
id5-sync.com/i/495/ Frame 9137
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEFXUizrwkBFWlIU1jpqUvTk&google_cver=1&google_push=AYg5qPJyAKT-8EskCltLixq4-gLbiZOZkpQhJrGA1yHWn-O2Kp3ZBjedxTQ7mhghPu2fhXKKsyLE5yFAWbNO8VWsCSgZFyLKrR1F2A
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26gdpr_consent%3D%26gdpr%3D&gdpr_consent=&gdpr=
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26gdpr_consent%3D%26gdpr%3D&gdpr_consent=&gdpr=
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
51.89.7.198 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p20.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Date
Mon, 10 Jan 2022 15:22:44 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
182
X-XSS-Protection
0
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN
Expect-CT
max-age=0
Vary
Accept
X-Download-Options
noopen
Content-Type
text/plain; charset=utf-8
Location
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26gdpr_consent%3D%26gdpr%3D&gdpr_consent=&gdpr=
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
attr
cm.g.doubleclick.net/pixel/ Frame 9137 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlFFWlgi20h0c9dMHIHTF9c3JE1wGW5DuH6S8tS-cIjEjEaCzyKq_XDKTMKfp7c6yqn-H1hgU
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sca.17.5.12.js
static.adsafeprotected.com/ Frame 736D 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 10:01:19 GMT
content-encoding
gzip
age
4080086
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Z_XOru2QU1GTNRCSSU65Upd9c-7IdhIPjJZ6dNcV4rdebXYtkzutcg==
mon
pixel.adsafeprotected.com/ Frame AAF8 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=15401031&campId=53040723&pubId=1&chanId=42385568980&placementId=397132796&dealId=&adsafe_par&impId=ABAjH0gQzWE11gCwm9BaNZTdw6Gz&bidurl=https://www.themarysue.com/&adsafe_url=https%3A%2F%2Fwww.themarysue.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9f060f65-4277-a6e3-d861-6c0023cd9084,c:Un27P,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-75754cfb94-fj5zd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:61,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:84,oid:28987c00-7229-11ec-b7b8-5ea99f97b565,v:19.8.278,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.209.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-209-198.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:44 GMT
x-server-name
app29.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un288,pingTime:-3,time:103,type:v,im:%7BpBlk:97%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:84%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:103,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:0,renddet:IMG.qs.bi%7D&br=c
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un289,pingTime:-6,time:104,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:0,renddet:IMG.qs.bi%7D&tpiLookup=ao:www.themarysue.com*&br=c
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un28e,pingTime:-2,time:109,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:654,beZ:655,mfA:715,cmA:717,inA:717,inZ:722,prA:722,prZ:733,si:739,poA:739,bl:751,poZ:751,cmZ:751,mfZ:751,loA:758,loZ:759,ltA:764,ltZ:764%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:84%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.qs.bi,sinceFw:24,readyFired:true%7D&br=c
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un29d,time:170,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:170,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:0,renddet:IMG.qs.bi%7D&br=c
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un2cO,pingTime:-10,time:393,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1641828164842%7C%7C46cbd28db06c0a79dfc851a4ce754fc4%7C%7C8866308252d63f9bf74b74e606896148%7C%7C2fe527916918d3de9ced9f897db9ea9e%7C%7C22d68584e6940e42023d18b867b6d5cf%7C%7Cec38432279d712cdaaa8f4ed55e12275%7C%7Cd7b4d2268d6b2321bd236c313212318e%7C%7Ce5baed3c5cd8ca4ec07ecf2fb5b72bb0%7C%7C1629390669%7D
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame C1E0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4f9oByvq2iDBtSxCRYQ_-kZpY-TGVdkiX1FLj1Uk-TlkF3AoLeb6g5vt-9NltEUFwo3g3Pq8VZCbs9_bh3hjzSXJ0M_e6z11IyNuIr9SgLQTXWXqv&sig=Cg0ArKJSzL4YZK7TL-u0EAE&id=lidar2&mcvt=1000&p=85,720,86,721&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220105&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3881130180&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641828163781&rpt=277&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un2gw,time:623,type:e,im:%7Bpci:%7Btdr:505%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:623,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B559~0%5D,as:%5B559~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame AAF8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAmAw6re6qVd8neWbqbOHviOfWFyVWaF8hIvy1aK1NZWenLIjqmbiN2JR8RoiCy7ceOX5p3gBQY7-hpQmRJ2Mxj6jidoYr0H9-CM7ZHXa338UB0wUfBA&sai=AMfl-YSTMFsQnb2yO6OhN1f0NgB9JNYpKzcGZb4fq3CL4WZnhzUem5e2N3CNnwEKirzsC53T7xAnhKNd0XiY6ZilpbUoInsU6l6tG_Qs9yf9DDQe7PgoUW4fshbIwEU&sig=Cg0ArKJSzCB5HTGdHX-QEAE&cid=CAASEuRoBjIWwswNcTQVNiJ3zKIiCQ&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1610557248&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641828163795&rpt=761&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un2oq,pingTime:0,time:1113,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:84%7D,%7Bpiv:100,vs:i,r:,t:1113%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0,0~100%5D,as:%5B1048~728.90%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1048~0,0~100%5D,as:%5B1048~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:923,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: 9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
URL: https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220104&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95cfcdecb75ce9b5600c36566be9d29c798284192fb5c381e5ea1c6c570d2898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8746
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un2rP,time:1324,type:e,im:%7BpLoad:1290%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:211,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0,1~100%5D,as:%5B1049~728.90%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B210~100%5D,as:%5B210~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:177,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:22:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDA5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 10 Jan 2022 14:53:56 GMT
expires
Tue, 10 Jan 2023 14:53:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1729
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 20B6 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eb573c339cdc0a3f770ba7f2c79d72877971db1b1d5d74b74f90c2c53625d9a7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+1SlglJup0thEb4xhecwJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 10 Jan 2022 15:22:45 GMT
date
Mon, 10 Jan 2022 15:22:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+1SlglJup0thEb4xhecwJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=836581916/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame E8BC 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=836581916/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
65dcdec8cf65ad0346e89bfe6e893a75b28bfd7bbd2be30be331339b621dfb1e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:22:45 GMT
content-type
text/html;charset=utf-8
content-length
1331
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.15.250
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
sodar
pagead2.googlesyndication.com/pagead/ Frame 20B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220104&jk=1159412243048153&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=315935515/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame EC5E 		1004 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=315935515/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2d0b892314983576c7271f64c9a061963cd62bf831e6cfd032a7deb9cc01a66d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:22:45 GMT
content-type
text/html;charset=utf-8
content-length
1004
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.15.86
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
pagead2.googlesyndication.com/bg/ Frame CDA5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 12:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
96975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13292
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 12:26:30 GMT
bsTd8NdE
sync-tm.everesttech.net/upi/pid/ Frame E8BC 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=836581916/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641828166.885060,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4075-HHN
qmap
sync.crwdcntrl.net/ Frame E8BC
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=836581916/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.182
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Mon, 10 Jan 2022 15:22:45 GMT
Server
MT3 4133 baa842e master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:22:44 GMT
tpid=51c7489c-8508-4aea-995d-9fe784f1aba5
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame E8BC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=8c6fb74eeb02f1af44958616005f6ab4&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=51c7489c-8508-4aea-995d-9fe784f1aba5
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=51c7489c-8508-4aea-995d-9fe784f1aba5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=836581916/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.39
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=51c7489c-8508-4aea-995d-9fe784f1aba5
date
Mon, 10 Jan 2022 15:22:45 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
tpid=52785652774475056901277143070551151788
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame E8BC
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=8c6fb74eeb02f1af44958616005f6ab4&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=52785652774475056901277143070551151788
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=52785652774475056901277143070551151788
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=836581916/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.192
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-2-v026-03e8f7cdc.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4+Ymmg+7Qa8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=52785652774475056901277143070551151788
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
5907
tags.bluekai.com/site/ Frame E8BC 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=e66f307311e4ca97ce5d92f65e99387f
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=836581916/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:46 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tpid=8861882096168454252
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame E8BC
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/8c6fb74eeb02f1af44958616005f6ab4/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8861882096168454252
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8861882096168454252
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=836581916/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.118
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8861882096168454252
pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
identity
c.cintnetworks.com/ Frame EC5E 		0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/identity?a=5461&id=Lotame:8c6fb74eeb02f1af44958616005f6ab4
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=315935515/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:45 GMT
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity
true
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5
Content-Length
0
image.sbxx
global.ib-ibi.com/ Frame EC5E 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=8c6fb74eeb02f1af44958616005f6ab4
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=315935515/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.182 Broomfield, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
usermatch.gif
beacon.krxd.net/ Frame EC5E 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=8c6fb74eeb02f1af44958616005f6ab4
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=315935515/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.6.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-6-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1641828165
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame EC5E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OGM2ZmI3NGVlYjAyZjFhZjQ0OTU4NjE2MDA1ZjZhYjQ
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=315935515/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame EC5E 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=315935515/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
generic
match.adsrvr.org/track/cmf/ Frame EC5E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=315935515/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generate_204
tpc.googlesyndication.com/ Frame CDA5 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pkgWug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220104&jk=1159412243048153&bg=!bm2lbSnNAAbDtiZlw7Y7ACkAdvg8WmR420LwH3upSwEjy1QdhRnkr7Ij8yrE8k80miCXpjNZr5oEDQIAAABYUgAAAAtoAQeZAoJVnNVQ_bTsyt0TMtflZLxY4hNkJpfpts1uHK7H62uBPta5zA6sPMru47yCqoXheU-jCyrc-UgpXV7INc-uoRq6eclZ8fxFB9zKLT8-AYcenGgf-YE4ieaula3__MKeSH9NsoqOfM6QhnvrxgfD8PO_x_WvxbC1UxEjjji9uW172fVUIr1t-7kYJ24y1P9bCYLd4tmGlK5phca2Ag-5_5Q-4ywsSfO9iH4v-_VYK-f55_G8vmXwn7CY0TPZV-J9mkepqkqHZJpsExfF-6EVR3LLz20kaPP-3ixMCklCowdGKE2Yj4xORZVnM8aSzhr78Du9vwzdbosoI5mGUTBUo2zsDh8YuUG1BdcngRsGbqU5Iw15SVCO90v-XGeTP6pSSH_s2UrknmsB01JlJIOsaB9q7t1DClzntWPyroO7YEAhNZ4gA1Ef_mBt_-n5otJuTo8sCshvFCujGBx6sBNSdunC70pLcI94QQFPuE8Se37TQ3R3THG72IHp-QH9ldCiWm9gTnHDDL47Lj3crgShU_JRFx1oGqbowvkCFhIOjOhn-PC7D6m0wVRLl3uWr5_xWf66Yg41dkAU0lRzV8AoXDg_-oW5ea_SJXC_TfsL9NB0-FQ909cieyWezfvYUDIzdwpRBUthJiiL3QDbpLs5fc3mnVWQHAndY9ZYwDIVtuCMgJLE2JDTIv3i8IR7PcAyZi_vEdUEJjzc3eVylc4pxLXZb22OtcNKRfQs5cLRXuJXTpf_Lj57HUD0xgm4R3fn22j7pCmZCKziyoCcw5As5YS3B8xldBvGUFYZbQGv0DPZQxxND1v2ryr9QvzLDFaYpe3pq38j826qbxkYlMkjXXhZd64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame DB88 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-185.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 10 Jan 2023 15:22:46 GMT
Date
Mon, 10 Jan 2022 15:22:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
mantodea.mantisadnetwork.com/prebid/ Frame EF30 		241 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828161539&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-91-80.compute-1.amazonaws.com
Software
/ Express
Resource Hash
493d5bec5f978cdb88656bf1365ca187581a94bf8785547a7a6486e16ccd5a8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
content-type
text/html; charset=utf-8
content-length
241
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"f1-KNkhDP+hS5YoBq6ibxOwN06jBUc"
sync
pre.ads.justpremium.com/v/1.0/t/ Frame E454 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=alle0mi1641828161966
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.49.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-49-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f7e5e88fe574a6c2a04a4161bc0cb0a21a642dbe3b9a66b9c76d38beed4f300a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3DDA 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=133906
expires
Wed, 12 Jan 2022 04:34:32 GMT
date
Mon, 10 Jan 2022 15:22:46 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 581B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jan 2022 15:22:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 581B 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7cd1e1a67dd272e7d13afc75667d41e1ce21ca15861b052dba20e84586186add

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45486
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Tue, 11 Jan 2022 04:00:52 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3DDA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37629944&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
53fb4d61a235ecc97ac8fe7e375f1d5e2178bb6b0512370a21fd94be24daa94c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:45 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
secure.adnxs.com/ Frame DB88 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:46 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7dbff807-22eb-4008-a738-ab0054d224f9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 4858 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=560F4D6D-37BF-4EB8-8A26-A891946B576C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:22:46 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame E58E
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8030464049716842991
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8030464049716842991
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:22:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug026:0:426
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8030464049716842991
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 0F68
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:22:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug009:0:385
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Mon, 10 Jan 2022 15:22:46 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Mon, 10 Jan 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1268041
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame 29F9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051598261462235275
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051598261462235275
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:22:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug007:0:482
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 10 Jan 2022 15:22:46 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051598261462235275
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3DDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Vg9NbTe_TriKJqiRlGtXbA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=149173
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 12 Jan 2022 08:48:59 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 3DDA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 10 Jan 2022 15:22:46 GMT
Server
MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:22:45 GMT
/
pixel.onaudience.com/ Frame 3DDA
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=560F4D6D-37BF-4EB8-8A26-A891946B576C
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ce649bd30018e6a77de722d303ec4f9d
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ce649bd30018e6a77de722d303ec4f9d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Server
141.94.170.77 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-6.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Mon, 10 Jan 2022 15:22:46 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ce649bd30018e6a77de722d303ec4f9d
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3DDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTYwRjRENkQtMzdCRi00RUI4LThBMjYtQTg5MTk0NkI1NzZD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:666
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3DDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENd1goOa1NMkrDgLNx61mRk&google_cver=1
42 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENd1goOa1NMkrDgLNx61mRk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:507
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENd1goOa1NMkrDgLNx61mRk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3DDA 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 09 Jan 2022 15:22:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3DDA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug026:0:823
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 10 Jan 2022 15:22:46 GMT
Server
MT3 4133 baa842e master zrh-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:22:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3DDA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5963704833846896809
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5963704833846896809
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5963704833846896809
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3DDA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=77347c28-e909-4568-b8d7-3bfdd731acbe
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=77347c28-e909-4568-b8d7-3bfdd731acbe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:974
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=77347c28-e909-4568-b8d7-3bfdd731acbe
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 3DDA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4891557269792591769&gdpr=0&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4891557269792591769&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:491
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:46 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f3abcdab-2f85-4dbc-933d-2455b046843c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4891557269792591769&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 3DDA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=560F4D6D-37BF-4EB8-8A26-A891946B576C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SWtNVP9E2uUILaz8d0ExybrIW.LHIvQ-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SWtNVP9E2uUILaz8d0ExybrIW.LHIvQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 13:33:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SWtNVP9E2uUILaz8d0ExybrIW.LHIvQ-~A&gdpr=0&gdpr_consent=
date
Mon, 10 Jan 2022 15:22:46 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
560F4D6D-37BF-4EB8-8A26-A891946B576C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3DDA 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/560F4D6D-37BF-4EB8-8A26-A891946B576C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:2114:2cbc:c6ab:b127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
fltiu.js
pixel.yabidos.com/ Frame EF30 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=www.themarysue.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828161539&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:20:06 GMT
server
cloudflare
age
2249
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6cb6e717fbf44e7a-FRA
content-length
1168
expires
Mon, 10 Jan 2022 17:22:46 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame EF30
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=77347c28-e909-4568-b8d7-3bfdd731acbe
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=77347c28-e909-4568-b8d7-3bfdd731acbe
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828161539&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F
Protocol
H2
Server
3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-91-80.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=77347c28-e909-4568-b8d7-3bfdd731acbe
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
flimpobj.js
pixel.yabidos.com/ Frame EF30 		31 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1641828166419&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=4qkgsfbpru92&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=www.themarysue.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:20:06 GMT
server
cloudflare
age
2248
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6cb6e7183c634e7a-FRA
content-length
24217
expires
Mon, 10 Jan 2022 17:22:46 GMT
bsevent.gif
tps20522.doubleverify.com/ Frame AAF8 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20522.doubleverify.com/bsevent.gif?impid=0875f91156b44101b0b7196a011bfeed&nav_pltfrm=Linux%20x86_64&cbust=1641828166448662
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal74.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.12 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
1/9/2022 3:22:46 PM
vbl.gif
pre.glotgrx.com/ Frame EF30 		26 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1641828166485&rnd=4qkgsfbpru92&ifm=1&uai=1&cid=1041&s=www.themarysue.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828161539&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:19:57 GMT
server
cloudflare
age
2344
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6cb6e718eb864aa3-FRA
content-length
26
expires
Mon, 10 Jan 2022 17:22:46 GMT
nflrc.gif
pre.glotgrx.com/ Frame EF30 		26 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1641828166473772&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=www.themarysue.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=4qkgsfbpru92&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=8bc4b1d79e408f99c0da59b34ff29ffd&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=31&icp=https%253A//www.themarysue.com/&irfl=31&irf=https%253A//www.themarysue.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-18-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9.1_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=19
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828161539&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:46 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:19:57 GMT
server
cloudflare
age
2345
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6cb6e718eb874aa3-FRA
content-length
26
expires
Mon, 10 Jan 2022 17:22:46 GMT
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un2Ez,pingTime:1,time:2114,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:84%7D,%7Bpiv:100,vs:i,r:,t:1113%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0,1~100%5D,as:%5B1049~728.90%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:181,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un2EA,pingTime:1,time:2115,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:84%7D,%7Bpiv:100,vs:i,r:,t:1113%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0,1~100%5D,as:%5B1049~728.90%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:181,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un2EB,pingTime:1,time:2116,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:84%7D,%7Bpiv:100,vs:i,r:,t:1113%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0,1~100%5D,as:%5B1049~728.90%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:181,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:46 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sync
eb2.3lift.com/ Frame 3EBA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
0be7f182a14d8a18c29c96626cfd68c54b3a23f9e82c3ccbb4750597837eaf2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

date
Mon, 10 Jan 2022 15:22:47 GMT
content-type
text/html; charset=utf-8
content-length
460
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
pd
u.openx.net/w/1.0/ Frame A4C4 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Mon, 10 Jan 2022 15:22:47 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
beacon
ap.lijit.com/ Frame 6CDF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13412165
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

Server
nginx
Date
Mon, 10 Jan 2022 15:22:47 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1
v2
de.tynt.com/deb/ Frame DE80 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=dthix2tgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:22:48 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:22:47 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 51A0 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=dxcdREtgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:22:48 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:22:47 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
generic
match.adsrvr.org/track/cmf/ Frame 3EBA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=94X7M424M&dongle=u6nf
eb2.3lift.com/ Frame 3EBA
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=94X7M424M&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=94X7M424M&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:47 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=94X7M424M&dongle=u6nf
date
Mon, 10 Jan 2022 15:22:47 GMT
via
1.1 google
alt-svc
clear
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 3EBA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3EBA
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxNDg0NTA1ODE3OTA4NTkyNDA%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxNDg0NTA1ODE3OTA4NTkyNDA%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxNDg0NTA1ODE3OTA4NTkyNDA%3D
date
Mon, 10 Jan 2022 15:22:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 3EBA 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12148450581790859240&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:47 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: CA33B0202E4344898943F8738AAFBBC1 Ref B: FRAEDGE0713 Ref C: 2022-01-10T15:22:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXVO+i5kJCAxeYi8iNJcQ==
xuid
eb2.3lift.com/ Frame 3EBA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12148450581790859240?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-YFz9JolE2oSXp3Fjbb1zSi83OruVxb0trnOocWpH_Q--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YFz9JolE2oSXp3Fjbb1zSi83OruVxb0trnOocWpH_Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 10 Jan 2022 15:22:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YFz9JolE2oSXp3Fjbb1zSi83OruVxb0trnOocWpH_Q--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 3EBA 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=12148450581790859240&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:22:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 3EBA 		42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=12148450581790859240&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:47 GMT
etag
"f95a3e4769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FF8CBBBDEA9B445F9067EAAC6F909C0E Ref B: FRAEDGE1410 Ref C: 2022-01-10T15:22:47Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 3EBA
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12148450581790859240
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12148450581790859240&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12148450581790859240&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C43T7ZNJ3VF8SM37G67B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12148450581790859240&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3EBA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:22:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
SPug
simage4.pubmatic.com/AdServer/ Frame 3DDA 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user
ads3.admatic.com.tr/ Frame 152E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=77347c28-e909-4568-b8d7-3bfdd731acbe&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
35 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:48 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server
AdMatic
x-powered-by
AdMatic
etag
mSOYz_lEOLBrqoIpfu_Fu3cmfgqMmcrIsfiKwttQKQYiueL8pDDRdA7vQfNrZ1Q4ZWsNbyR3X4LPMiQE-HDokQ
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:48 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame C822
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admatic
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5963704833846896809&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
35 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:48 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server
AdMatic
x-powered-by
AdMatic
etag
rw_YqLQwBu8pDg0BcAgjUler4cv2PuWtnVHpQdcBWMYnIbacU1YqeaVBcbksMkWads_zYq5XVO0lcTPCGQSU0g
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:48 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame 152E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=P6a46eKibArOM15XK5hTYISa&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
35 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:48 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server
AdMatic
x-powered-by
AdMatic
etag
lfkIVvHyPKBx1S82If143YUjl1ZA9d12Jrn1qWELQhsbinFvXpgkXISLE9qG9O-1TJmWLCELwUEj_bOnZHeMAw
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:48 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame C822
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f21585c7-0d12-530a-ab1f-f96fcac3b626&ssp=admatic&expires=30&user_group=1
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
35 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:22:48 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
server
AdMatic
x-powered-by
AdMatic
etag
XcbTyOqDJlZIwiwnnXT8skShqrM--G3oTm3RuHrAoPvpxPyx_5U2nVyv-8xDowZgRJoV0QDmhN1IVYdcmUoY7g
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:22:48 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=882d9602-03ab-41de-998c-a69650e57f72&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
v2
de.tynt.com/deb/ Frame DE8A 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=dH1YR2tgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:22:49 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:22:49 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 9CD9 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=dChRSAtgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:22:49 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:22:49 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame DA7C 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=dorQpQtgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:22:49 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:22:48 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY0MTtlODE2MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nl4jLwQ2OTIhNmEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkZGM0ZwQkNwFvZTYzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQkODI4MTY5NmA1JaVcZD1TZWgcozRiU1BfYXyypwYkZGM0ZwQkN2RvZTIzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:48 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY0MTtlODE2MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nl4jLwQ2OTIhNmEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkZGM0ZwQkNmt1OWEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQkODI4MTY5ODA3JaVcZD1TZWgcozRiU1BfYXyypwYkZGM0ZwQkOGIlYmEzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:48 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ Frame AAF8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9f060f65-4277-a6e3-d861-6c0023cd9084&tv=%7Bc:Un3H5,pingTime:5,time:6114,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:84%7D,%7Bpiv:100,vs:i,r:,t:1113%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0,1~100%5D,as:%5B1049~728.90%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:180,fm:sU7ZESB+111%7C112%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C1822%7C18231%7C1824%7C1825%7C1826%7C1827%7C1828%7C183%7C1841%7C185%7C186%7C187%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1d51%7C1d52%7C1d53%7C1d54%7C1d55%7C1d56%7C1d57%7C1d58%7C1d6%7C1d71%7C1e%7C1f%7C1g%7C1h%7C1i*.10933%7C1i1%7C1i2%7C1i3%7C1i4,idMap:1i*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.100.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-100-127.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:22:50 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=72

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| onsecuritypolicyviolation object| onslotchange object| phpProps object| Cookies function| admiral object| googletag object| special_ops object| propertag function| gtag object| dataLayer object| GlobalSnowplowNamespace function| snowplow boolean| haveWeGotAds function| powerpress_pinw function| documentInitOneSignal function| OneSignal object| FB object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent436 object| google_tag_manager function| 4dm1r11545242527 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_data string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint boolean| payload_loaded function| constructsekindoParent10 object| webVitals function| nativoLoadFooter string| disqus_shortname object| countVars object| wp number| lazyEmbedsYMargin number| lazyEmbedsTimeout object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| properSpecialOps object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId object| gaplugins object| gaGlobal object| gaData object| DISQUSWIDGETS undefined| disqus_domain function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| sekindoFlowingPlayerOn undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 string| proper_ad_page_uuid function| proper_a9bcb4bb_d3d0084b_1 function| proper_dfbd3af8_08deb1ed_2 string| proper_ad_session_uuid function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| x object| apstag object| link1 object| link2 string| placementId object| response boolean| apstagLOADED object| ats object| ID5 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| ebData

138 Cookies

Domain/Path Name / Value
www.themarysue.com/ Name: pmpro_visit
Value: 1
www.themarysue.com/ Name: _sp_ses.8cf7
Value: *
www.themarysue.com/ Name: _sp_id.8cf7
Value: 7b47780e-bbb1-463b-822c-1dc018ce2946.1641828161.1.1641828161.1641828161.7de6a9a0-128d-4dff-9edf-48bfd1935a33
.themarysue.com/ Name: _ga
Value: GA1.2.479152982.1641828162
.themarysue.com/ Name: _gid
Value: GA1.2.284248088.1641828162
.themarysue.com/ Name: _gat_gtag_UA_21433528_1
Value: 1
.3lift.com/ Name: tluid
Value: 12148450581790859240
.spotxchange.com/ Name: audience
Value: 27266149-7229-11ec-aa4c-1a7ccaea0306
.casalemedia.com/ Name: CMID
Value: YdxPQRngm4F2ibcuoBZx0gAA
.casalemedia.com/ Name: CMPS
Value: 3194
.themarysue.com/ Name: _sp_cookie
Value: d6f98118-3b33-4c3d-bd33-641c0f19fd4f
.casalemedia.com/ Name: CMPRO
Value: 1212
.adnxs.com/ Name: uuid2
Value: 4891557269792591769
www.themarysue.com/ Name: _lr_retry_request
Value: true
www.themarysue.com/ Name: _lr_env_src_ats
Value: false
.bidswitch.net/ Name: tuuid
Value: 882d9602-03ab-41de-998c-a69650e57f72
.bidswitch.net/ Name: c
Value: 1641828161
.yahoo.com/ Name: A3
Value: d=AQABBEJP3GECEFVTc_H_gcd0j3bLLvEfZe4FEgEBAQGg3WHmYQAAAAAA_eMAAA&S=AQAAAtLFtf-D__EQRq7-BmvKm_E
.postrelease.com/ Name: opt_out
Value: 1
.quantserve.com/ Name: mc
Value: 61dc4f42-282f5-64be9-0ce48
.bidswitch.net/ Name: tuuid_lu
Value: 1641828162
.themarysue.com/ Name: __qca
Value: P0-1040221820-1641828162145
www.themarysue.com/ Name: ntvSession
Value: {"id":5581863,"placementID":1024382,"lastInteraction":1641828162239,"sessionStart":1641828162239,"sessionEndDate":1641859200000,"experiment":""}
.themarysue.com/ Name: _awl
Value: 2.1641828162.0.5-91e20a873ef7b65ab4dd661bfe597e4b-6763652d6575726f70652d7765737431-0
.go.sonobi.com/ Name: HAPLB5A
Value: s568|YdxPR
.creativecdn.com/ Name: ts
Value: 1641828162
.creativecdn.com/ Name: u
Value: RnjFrfAqoXQ8Ofa9bfx5
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AIRAktVatz9QMYeP
.rubiconproject.com/ Name: khaos
Value: KY8U3HRT-21-K3EL
.rubiconproject.com/ Name: rsid
Value: 1|BtChNFAAr+7XdnWQ2t0CNhncoYRhePLF0nQ3IpbyMw0bpo2XNG6PTqqHZbuL5+nLKRys2mn9YQuneRSLAnarFwv0pGxR1x1SrC96OoGPFnIhzD/9S89fU6s=
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpLiRigIG+FhczzH/SUMvpGs1wMD2ZZQDKr5SX0FILXDFRTLRv+q83UT2Auwp9voJN7U3HAScTA0OCAnekPgJibWwUZhu5bAzzc6UO785F0Pw==
.adscale.de/ Name: uu
Value: e3b3ac4009974650afdf2e4ca8869e51
.adnxs.com/ Name: icu
Value: ChgIh758EAoYASABKAEwwp7xjgY4AUABSAEQwp7xjgYYAA..
www.themarysue.com/ Name: sharedid
Value: %7B%22id%22%3A%2201FS29B7098HSHBH2NJF8RQD1B%22%2C%22ts%22%3A1641828162570%2C%22ns%22%3Atrue%7D
www.themarysue.com/ Name: sharedid_last
Value: Mon%2C%2010%20Jan%202022%2015%3A22%3A42%20GMT
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 2b3c5e0cc673ff293e2280700eede1cd5e856e50cd6bc5467474bd96537910c9
.zeotap.com/ Name: zc
Value: b39acc5a-117d-42ae-6826-b1d5bfc57a7f
.zeotap.com/ Name: zsc
Value: %5Dj%9B%60%D3c%CC4%CC%C4%FB%B1cG%FA%8B%B3%0A%EB%FE%3D%D4D%D8%D3%A9%96%A0Z%DE%3EIDImC%DA%8B%E7%16%B6%A4%E4%CC%DB%00Cb%E4%08%FCJ%3F%05%81%A2%86%90%D2%1F%26%08%C7%B5%F8S%A3%7B%3CV%AC%C5%1E%DBu%C2%88%0E%DD%16i%E7A%D2%1Ah%96xBmk%A5%C5%CA%12ej5%BA%EB%3E%BDM%18%0D%B2%7B%0B%5B%3C%7D7i%5D%95%F5%3B%96%82%BF%DFl%9F%9Ahv%AD%87%E4m%E6%8D%B5%DBWF%C0%16m%18%E7%7F%F1%B1jm%8E%FE%A7%3C%D3V%F9%AD%A1%A8Bf%5CO%A2%0A%191%AC%26%D8%5C
www.themarysue.com/ Name: _lr_geo_location
Value: DE
.richaudience.com/ Name: avcid-zeo-uid
Value: b39acc5a-117d-42ae-6826-b1d5bfc57a7f
.mathtag.com/ Name: uuid
Value: 05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
.proper.io/ Name: mediagrid
Value: 882d9602-03ab-41de-998c-a69650e57f72
.proper.io/ Name: verizon_media
Value: y-K8OE.WRE2uEB4PmGxkpajZhiilOmIlwz~A
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.mathtag.com/ Name: mt_mop
Value: 9:1641828162
.tapad.com/ Name: TapAd_TS
Value: 1641828162810
.tapad.com/ Name: TapAd_DID
Value: 51c7489c-8508-4aea-995d-9fe784f1aba5
.adsrvr.org/ Name: TDID
Value: 77347c28-e909-4568-b8d7-3bfdd731acbe
.tidaltv.com/ Name: tidal_ttid
Value: 0be184b7-15e5-49f7-9a76-e19ef05d508d
.adfarm1.adition.com/ Name: UserID1
Value: 7051598261462235275
.weborama.fr/ Name: AFFICHE_W
Value: ctT8o5B2vFFy98
.admatic.com.tr/ Name: __adm_ui
Value: BjWu0ONDDVrx3uSl_cnBEfgbHDtSkne1qRcYv-5SpiGzZr1zkjoTMz4XV9IyyQwNxWt0Gi-lcCPOBZXxvVzk1w
.ibillboard.com/ Name: ibbid
Value: BBID-01-03165421628934002-16495416
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0srQ0tjK0MAIAlJrThQkAAAA="
.theadex.com/ Name: tis_ogL
Value: ogLeAswv
.theadex.com/ Name: axd
Value: 4282648536777889788
.dpm.demdex.net/ Name: dpm
Value: 52785652774475056901277143070551151788
.demdex.net/ Name: demdex
Value: 52785652774475056901277143070551151788
.agkn.com/ Name: ab
Value: 0001%3A2D1f%2FqtEqDXa07G4eoNytN8ocnQVmmpx
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 8c6fb74eeb02f1af44958616005f6ab4
.adform.net/ Name: C
Value: 1
.eqads.com/ Name: EQUser
Value: UID=6dfb7290-1bce-4850-b0a7-9d1ab2cec2cc
.krxd.net/ Name: _kuid_
Value: Ol-592_3
.proper.io/ Name: __cf_bm
Value: Rn6ftdrW8XN0ts6qeTeEyb5IFCLXFS9Mw4qgaoH3aWs-1641828161-0-AcFKZfM5IaD0HLxy19RGeVxKBxYaW2LAQ2kcF3LUdUML4qbKfhBWQqOlUdk4sV4VMz8v59qBD4JgQILMzx%2BAsTkHiOAnMySRSQCc7iQ4bsFg
.criteo.com/ Name: uid
Value: abf3c2de-7963-49a3-ab69-d7bb83d189a3
.doubleclick.net/ Name: IDE
Value: AHWqTUl5CVP78yhmEdLkrR8ExNz6nW0JbAuInNzdV9_VoxZjB9N8kzwBXUmLRl9xyfY
.themarysue.com/ Name: __gads
Value: ID=0bb842dfaa89ba77:T=1641828162:S=ALNI_MbwoMGoH95O9AVqjmKjqCFCF-0YGQ
.fwmrm.net/ Name: _uid
Value: "e923a_7051598265737062091"
.turn.com/ Name: uid
Value: 8861882096168454252
.adform.net/ Name: uid
Value: 5963704833846896809
.advertising.com/ Name: APID
Value: UP2825e35f-7229-11ec-8ff8-0275b999303a
.yahoo.com/ Name: APID
Value: UP2825e35f-7229-11ec-8ff8-0275b999303a
.yahoo.com/ Name: APIDTS
Value: 1641828163
.doubleclick.net/ Name: DSID
Value: NO_DATA
.m6r.eu/ Name: test
Value: true
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.m6r.eu/ Name: id
Value: eb5a155214890eb1362e0b3b27e24933
.console.adtarget.com.tr/ Name: a307080
Value: RnjFrfAqoXQ8Ofa9bfx5
.console.adtarget.com.tr/ Name: a307442
Value: AIRAktVatz9QMYeP
.ih.adscale.de/ Name: tu
Value: 4#2302889948#48~eb5a155214890eb1362e0b3b27e24933~456063~0~0#101~BBID-01-03165421628932046-16495416~456063~0~0#38~CAESECzwGKQ97MRVsOGUZwE55kI~456063~0~0#39~05fd61dc-4f42-4b00-8cc2-04e2a4e0b945~456063~0~0#40~abf3c2de-7963-49a3-ab69-d7bb83d189a3~456063~0~0#42~5963704833846896809~456063~0~0#75~4891557269792591769~456063~0~0#63~YdxPQRngm4F2ibcuoBZx0gAA&1212~456063~0~0
.adscale.de/ Name: cct
Value: 1641828163671
.m6r.eu/ Name: cct
Value: 1641828163741
.themarysue.com/ Name: properSessionData
Value: eyJ1dWlkIjoiNzllOGMxYmEtOTNlYi00ZDYyLWI0NDgtZmU4ZjA5NjYyZDVmIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDMyLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwiaW5kZXgiOjEsIm9wZW54IjoxLCJzb3ZybiI6MSwiY3JpdGVvIjoxLCJtYW50aXMiOjEsInNvbm9iaSI6MSwicnViaWNvbiI6MSwibWVkaWFuZXQiOjEsInB1Ym1hdGljIjoxLCJhZHlvdWxpa2UiOjEsInJoeXRobW9uZSI6MSwidHJpcGxlbGlmdCI6MSwianVzdHByZW1pdW0iOjEsInNoYXJldGhyb3VnaCI6MSwidGhpcnR5dGhyZWVhY3Jvc3MiOjF9LCJsYXN0X3RocmVzaG9sZCI6MH0=
.console.adtarget.com.tr/ Name: a314221
Value: GTPp4D_Zzmb3FX5_nLo9p6TxpyFugys5o2seyukMJF-6rT968M8I14eyM0nDUCz0dUROGyCPNHuBFY3UFCeaHw
.console.adtarget.com.tr/ Name: a307565
Value: e3b3ac4009974650afdf2e4ca8869e51
.console.adtarget.com.tr/ Name: vmuid
Value: 719f356bea80f730
.erne.co/ Name: u
Value: P6a46eKibArOM15XK5hTYISa
.rqtrk.eu/ Name: browser_id
Value: 1:77b08a9b-4f2a-408b-8290-21b953fc0a1f
.eyeota.net/ Name: SERVERID
Value: 19032~DM
.scoota.co/ Name: tuuid
Value: 1242f42f-28d9-4390-84ef-45de9455af5b
.scoota.co/ Name: c
Value: 1641828164
.scoota.co/ Name: tuuid_lu
Value: 1641828164
.casalemedia.com/ Name: CMST
Value: YdxPQWHcT0QA
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: fd48fdfce0a8a5ee9ef087e663ce5f736643dae86708feff50456fa28bdc3c76
.casalemedia.com/ Name: CMRUM3
Value: 2861dc4f4327606dfb7290-1bce-4850-b0a7-9d1ab2cec2cc&0361dc4f42276005fd61dc-4f42-4b00-8cc2-04e2a4e0b945&2761dc4f420b40&f161dc4f4205a0&e661dc4f422760&bf61dc4f4205a0&0461dc4f4327608861882096168454252&2d61dc4f442760CAESEDxYuqoJfuCCrQqZG-LvPCo&b061dc4f4205a00&3361dc4f4205a0&6961dc4f4305a00
.creative-serving.com/ Name: tuuid
Value: 61f188c6-0c2a-4e48-af0c-e5d82a0e374f
.creative-serving.com/ Name: c
Value: 1641828164
.creative-serving.com/ Name: tuuid_lu
Value: 1641828164
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb7u]-7j!@wnfH8K6pQK`!5=E<*L5?%M#YI`O2.Nhx)0W9sw6EHgff@w4+Bn@b=S-yl[%nugO%v4VB%nn)_*2p58
.audrte.com/ Name: arcki2
Value: cbdNEdYVSwRRs21tzmerPhV1w!20210804!1641828164208
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&463ef75e-3b37-483f-8f03-311269146829"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDE4MjgxNjQ7MjswMjGQ9UNF8TeQU3AqWvHmTZO0PkqlwQGLO5f5wYgKf4E+Pw==
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2382:u=1:x=1:i=1641828164:t=1641914564:v=2:sig=AQFGoRjkKeoHrIYk59By1vKMANuBsoAw"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIvOPvCqSgAAAXNwHS"
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsEg2S0syN0lNTTIwSjNMTDMxsTS1MDM0MzAwTTNLTDJhAILEO%2F6uf%2F%2F%2F%2F88P4oAB18RJL1QZ28oZ%2FjMyMrxbMocFxt6977IAjP3xsyWMefzoIWYY%2B%2FBihPLjm6bAtU4%2FoQ5TMuPaJR0Y%2BxmScgCA6Tgc"
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 560F4D6D-37BF-4EB8-8A26-A891946B576C
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 109126:2
.pubmatic.com/ Name: DPSync3
Value: 1642982400%3A197_219_201%7C1641859200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1642982400%3A71_161_54_7_56_3_220_21_13%7C1644364800%3A203%7C1642377600%3A223%7C1643068800%3A35
.analytics.yahoo.com/ Name: IDSYNC
Value: "190z~22l3:187s~22l3:18z8~22l3"
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjy_pOT-ZWqOhAFOAFaB3JqcnF2OGtgAg..
.onaudience.com/ Name: cookie
Value: 12f3ffa035bdd193
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7051598261462235275
.pubmatic.com/ Name: PugT
Value: 1641828166
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5963704833846896809&KRTB&23263-5963704833846896809
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&KRTB&16736-uid:05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&KRTB&23019-uid:05fd61dc-4f42-4b00-8cc2-04e2a4e0b945&KRTB&23208-uid:05fd61dc-4f42-4b00-8cc2-04e2a4e0b945
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-77347c28-e909-4568-b8d7-3bfdd731acbe&KRTB&22918-77347c28-e909-4568-b8d7-3bfdd731acbe&KRTB&23031-77347c28-e909-4568-b8d7-3bfdd731acbe
.de17a.com/ Name: guid2
Value: 1.8030464049716842991
.exelator.com/ Name: EE
Value: "ce649bd30018e6a77de722d303ec4f9d"
.simpli.fi/ Name: suid
Value: 773636390D1E4258BAF12F9C157BAEBE
.pubmatic.com/ Name: SPugT
Value: 1641821584
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENd1goOa1NMkrDgLNx61mRk&KRTB&16514-CAESENd1goOa1NMkrDgLNx61mRk&KRTB&23025-CAESENd1goOa1NMkrDgLNx61mRk
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4891557269792591769&KRTB&23339-4891557269792591769
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE51czEMinF2MDA0CLVLNHcPCXV3MgIyDdOTTZJs0xZXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0ilzlnFOXnpq4AC4W5Bi2yNF%252BSX5SZvsjFdXFRShrDopLiU8H7lbwBjT0pzA%253D%253D"
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8030464049716842991

18 Console Messages

Source Level URL
Text
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.themarysue.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=72' from origin 'https://www.themarysue.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=746c9983-ff74-43e6-671e-2f87ab3eb05e&reqId=3edb500c-4d57-4fdf-5f28-9fb7318ba94a&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D746c9983-ff74-43e6-671e-2f87ab3eb05e%26reqId%3D3edb500c-4d57-4fdf-5f28-9fb7318ba94a%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b39acc5a-117d-42ae-6826-b1d5bfc57a7f&reqId=27819e94-bf50-45ae-6bc2-ce08302b189a&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db39acc5a-117d-42ae-6826-b1d5bfc57a7f%26reqId%3D27819e94-bf50-45ae-6bc2-ce08302b189a%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIf3idClXJnPhVfkD0dREj4&google_cver=1&google_push=AYg5qPIC97lftxhjfAOY_UmbJSi80jMgiKiA6vAU1qIhDhFssT3854sGltSohirJyP95SY0_9izAAMwyQTi5CKM9ySX3c1mNXuqN
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=94X7M424M&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9bb618f3cc0eeeada141fb0f795f743b.safeframe.googlesyndication.com
a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
ads.yieldmo.com
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
adservice.google.se
am22.mediaite.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
b1sync.zemanta.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bids.proper.io
bn01.er.bemail.it
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.cintnetworks.com
c1.adform.net
cdn.admatic.com.tr
cdn.ampproject.org
cdn.besafe.global
cdn.id5-sync.com
cdn.onesignal.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
csync.loopme.me
d.adroll.com
d.turn.com
d5p.de17a.com
dclk-match.dotomi.com
de.tynt.com
dis.criteo.com
disqus.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dotesports.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb.proper.io
eb2.3lift.com
ecs.mantisadnetwork.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
global.ib-ibi.com
global.proper.io
googleads.g.doubleclick.net
green.erne.co
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
js.adscale.de
js.cookieless-data.com
live.primis.tech
loada.exelator.com
loadeu.exelator.com
m.exactag.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
pre.glotgrx.com
prebid.media.net
primis-d.openx.net
propermedia-d.openx.net
ps.eyeota.net
px.ads.linkedin.com
r.scoota.co
rtb.openx.net
rtb0.doubleverify.com
rtbcdn.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.ntv.io
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spc.themarysue.com
spl.zeotap.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
superficialeyes.com
sync-tm.everesttech.net
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.inmobi.com
sync.intentiq.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.tidaltv.com
tag.1rx.io
tags.bluekai.com
tags.crwdcntrl.net
themarysue.disqus.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps20522.doubleverify.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
um.simpli.fi
um2.eqads.com
unpkg.com
ups.analytics.yahoo.com
usermatch.krxd.net
usync.proper.io
video.primis.tech
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.themarysue.com
x.bidswitch.net
api.rlcdn.com
104.111.215.191
104.16.201.58
141.94.170.77
142.250.184.226
142.250.186.98
143.204.95.188
143.204.98.13
143.204.98.65
143.204.98.71
143.204.98.75
151.1.205.165
151.101.192.134
151.101.66.49
168.119.146.39
169.50.137.184
178.162.133.150
178.250.0.163
178.250.0.165
18.157.144.230
18.157.246.64
18.197.73.85
18.213.10.151
184.30.20.185
184.30.20.198
184.30.20.241
184.30.21.59
185.184.8.65
185.255.84.150
185.29.132.245
185.33.220.241
185.33.221.14
185.64.189.112
185.64.190.80
185.64.190.81
185.94.180.126
188.132.147.235
194.213.62.37
198.47.127.19
199.232.192.134
2.18.233.201
20.72.149.136
2001:678:cb4:bbbb::13
2001:df2:a300:bbbb::135
205.234.175.175
209.54.177.54
212.82.100.182
212.83.160.162
213.155.156.168
213.19.147.42
213.202.235.8
213.254.244.12
216.46.185.182
216.52.2.48
23.37.38.181
23.37.42.132
23.79.143.124
23.88.75.186
2600:1f18:6593:f601:6e36:3d7b:dfb5:1567
2600:9000:2156:1200:6:44e3:f8c0:93a1
2600:9000:2156:1400:f:4f64:8940:93a1
2600:9000:2156:5800:8:455e:4a00:93a1
2600:9000:2156:9a00:8:48e:53c0:93a1
2602:803:c003:200::31
2606:4700:10::6816:1857
2606:4700:10::6816:3b6e
2606:4700:10::6816:93d
2606:4700:10::ac43:14a1
2606:4700::6810:79c3
2606:4700::6810:7eaf
2606:4700::6811:4f22
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:808::2001
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2008
2a02:26f0:e300:185::4469
2a02:fa8:8806:13::1370
2a03:2880:f02d:100:face:b00c:0:3
2a04:4e42:200::300
2a05:d018:24:b001:e806:2ca:d089:17f3
2a05:d018:d29:3601:2114:2cbc:c6ab:b127
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.120.57.143
3.125.147.153
3.126.56.137
3.127.178.105
3.214.91.80
3.228.147.119
3.33.220.150
34.102.163.6
34.107.148.139
34.111.95.79
34.149.20.76
34.200.155.146
34.206.192.53
34.210.253.33
34.254.143.3
34.98.64.218
34.98.67.61
35.156.119.137
35.158.49.43
35.162.100.127
35.164.52.163
35.190.39.246
35.201.81.244
35.227.248.159
35.227.252.103
35.244.174.68
37.157.2.235
37.157.4.39
37.252.173.213
38.91.45.7
44.239.145.70
46.105.202.126
46.249.52.248
46.249.52.249
5.178.65.252
51.144.7.192
51.89.7.198
51.89.9.253
52.17.105.123
52.17.84.146
52.198.7.102
52.214.119.250
52.214.209.198
52.29.208.72
52.95.125.22
54.175.169.36
54.216.137.191
54.246.97.45
54.247.140.137
54.36.172.109
54.69.67.215
54.76.6.59
62.149.0.72
63.250.56.23
63.250.60.64
66.155.71.150
66.155.71.25
67.202.105.34
69.173.144.139
70.42.32.223
72.251.244.140
76.223.111.18
85.114.159.118
87.98.228.78
89.163.159.104
89.187.169.47
96.46.183.20
0173a46d656009c3357e50edcc425f27155cfd24ca8525dff628f450467e953a
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
093e113d0b31988bff87427756f4eba991ba841569e2eeba9cb3fac10ef59b48
09f3adc0d0724a762e8d87525f3510ffa0ec0577e316c4e7c8e4f899810b3d37
0a989c6ac445ca6056e71e867a048538cbf62b55bb527d0bd8fb6e39c64fac5f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb5daf3e21b8b835fa819df2db948ea039dc04f14d1a2bfe502df59136a3847
0be7f182a14d8a18c29c96626cfd68c54b3a23f9e82c3ccbb4750597837eaf2c
0cb232ef297a2d08f6f5e1141da8ef31beb50c7c55198e8f26d8917186fc56ab
0d79fd3d1033cb51c92447ca53facd3f87d7a28e8cac7055094c23920f129bf0
0eda18a97a9bf13fe7de6a36d2ed79c2f0649437f592fd6c64b8fe5722f88612
0f8b77ac9fc036f206d787696fafc9f9a1debd05bd97b4cf92a8cd76be7bb0de
10adb91612cc57ef59c7648bec3d6233cb56bf7c36fa1f2dbe272ab1bb894ec3
10e2f32b584ba1e0811bdd21889949c60d5b994f32fee8e4379f441e039eaa20
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
1491e677237b41d3efe5d93a6970a6fa6f11072d03b971cba7be54c3deec9932
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
16fb437d5b1222c957b5aed4c451f469374789bd87527bdff66c62aa748858b2
180740360aa83b20008ac5050cdbe00840aff70bea7c60f6218954534efaccb4
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b5acb1f1f4e804e54d0e809292f93575962b98059560994045c66453b001101
1d01446ecae8f452f1ed13a9442f67d739a2290d5e7fd93226e75fc0a9f45b93
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f
1ed6ea6756aa83b3ba38eabb7db0a52a388d7237f142ca7971a531fc574e7ea6
1f932f6b67da2b8fd660807f4ba5945669d07d155c284c4544ab4c6ecd2adaf0
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20af33c0be89d14f2c17b03eb08dcaef47071286a3cb150c88274b5689732615
222ccc320d76314b189ce4d71f14f40861354d0bec2e4209fe52a8ce2e59edbd
2264bcb579b96d3dec5058a9f9bf953cd03e8ad2ec69c248f5deb3fc074cf415
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22a05e6a56e754576e3b128444222443fe60e373a540f442cfa777c5c25cfb90
230fde7e009c89d5201e982ac3621e29842e1aef473434d64a0d3c8954be30cb
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23aa569e3d78c44702c26913021359bdc197a5b92d92d3a81c6da87a667953f0
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac
24dbbc10ff72f8969701af960a1ddf24f4313c699018096d0b31d9904ab1132e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ce79c20d06e8bfdcbfa1d1e7385f63d71bd79afdab7a941433bb5091ff8d3d6
2d0b892314983576c7271f64c9a061963cd62bf831e6cfd032a7deb9cc01a66d
2d757de68eae79256c48c2080123ba6bd7da67035cf07393e12b986f541e2f32
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30b582e9bfdbf0af2563f1220ace33de65ad5f1b73d0a0542ffd9c02788cf2be
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
348aa2266f5811ad475710a8f767e364ffecd6b5144e9a78e71943c6fcf7b9db
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38191cdc172275927524007a8754c10ebce00a30164d612315339e67163dcc6e
392b523243f8da23e42f48ddb27a784aaea4a624b72eaaef2754d0ab601deeb1
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b9cceef0655b024537abf9206db411c98bd619d11c85367545572595ac815d2
3cac6419ab04f9ee52dc1f2eb7528ce32f765bb34fa8e3e224b83405ec80c7bf
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e6aee43ce232f5c967d532d699c8dd2366873b4a61a6d6cbebb3606174a4a61
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fb1d601bbcab0d1b0e24d29a9079d2704851ad2352775e57e5a37fe37dfc2cd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4645ab9bfd6df40b764a38442029b1b8a1b2177aa42a26ed47889c85bb191036
482d08c0cba11a554e08a31b04ea074aa68d2a554441d177d3d3fa06b513a603
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f015e358796af79d540a3daca0544eb4d1971063197312bc3d1d8d415cff2f
493d5bec5f978cdb88656bf1365ca187581a94bf8785547a7a6486e16ccd5a8d
4a10238b0c05e889db1b59baa6e7057d6a386538445dd0eee1e33b0aac23ac02
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec14af51e485577a790275a456ae6849a31c4316070cf9bd367a603104d2ec5
4ed2872714e5465bc267d4b38de28848ec34029ee50caf330738cc3192b0bc42
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53fb4d61a235ecc97ac8fe7e375f1d5e2178bb6b0512370a21fd94be24daa94c
543ee2937bbdf4369fdb0b6e6ebeee9629e6ee97fdee02ceb6ad7ac45cac22ae
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
590d8903c8f030db7ecbbc44266ec1ac30407c511d3da171db7cfd50256f7f46
5a5cda828fc0013a7ea47e3e851255258be9ae9cf2370d5af2916bdb9fec0576
5b6d6637d2a690e98da9f9b1e43c585c99aefe2fe9cef206f6871e5c183bf1c5
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5bbde81a5e7a66f28e8f7e41f03106050a10572c56092ed4d2c72075a2f4b3da
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cbb2855602909899be814ef4b8c28f75ea54ea1dcf87dd9132fa71cd690ec23
614c848c1269c2ca7eb2f322a094bd4d7f598c5f561942184243649856737683
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
65dcdec8cf65ad0346e89bfe6e893a75b28bfd7bbd2be30be331339b621dfb1e
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6672bb98464d7701512553e496c9a1e1b9647c88c2a3adb1b7e1fe5faf6c9d28
66db628dd87aa81737fe5c3ca8c7a32b478375e4993379031bb1f98eae8eb3e3
672adcd6d8978f5cc162c211792c390769c89d9be11af99188047240048d954b
6829e036a70ec0db65da1037d5308787bcd3a8d4b4f891949c8189ca62435c85
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68ed51b373caad0b18f95fbe8802c009b09da72191fbd56a3b99a1b7ec5d992a
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cdb371375292d7fd2c21356d595dd9cddcc56939ce9889e4b37d6c38067a6d1
6d861557eb9ebf623f534bda4f9524c02b1533bb40b086f9c4873cc7e6265b7c
72418fbda5f979af0f00665feccbbbfbe6fbb5121cb88560073c493becdaee1f
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
736342d9c7a0292dcd6b3be56051f3f414dbbe6df098a0bdb76cf14e7df94bd8
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
78bf02bd396cfa1ac64341a6bdc2b1ecd70e3c93dfe83bb454b35bc010597f13
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7961a1433b796f1546f9e9c53ce2bfbaa7c91742773edad8d9fa5ddf71898f0a
79bde0be9e7fd0079142bb8a0e3f8c32e5c0e7934d7257b783195b4da5995071
7acea219cb7b63627b89ba6ec72f2f14b305819741ea04d05e733e1e7cdcd226
7cd1e1a67dd272e7d13afc75667d41e1ce21ca15861b052dba20e84586186add
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80eac18dfb0b66e5dcb184e0e43980693e693efdc50258487923b3a94f953916
831eaf6f1c288f766382de0ff923046ec00f3e7346af39b1849c0630203215ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c0617525366a4c29fe5a998aaf4bbf72d3aa1dc2f48f032b5ab719ef171e33
84ea58775b41062c7e837aeb0c2682959b40d7bfc2249339a4019e7edeb90d83
856b3c37ee24c03d7228c0a6d4f134c516fce1909ff97685290afa48244c9e5e
85787242bd88d0b4a05e0a38ecac59a2ebd32216b9f9e04a1939ca6c02254be2
85e581f45acdc3396cef8ee7c6698441bfa26e191de83219b6870ef463a38979
85ee585a920c17249cd63c187533d29762c90834525f420b4bf2924abb28410e
864b4ffdc7762d6c4797bff9ebba0db966d70aa8f9b4d66ba482955767c4b569
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87bd78bd8951dbd104163998c570b4da2336b8b75daf1bafc76457c46d524981
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
88b822a554ba7ebeea1333dc38d31b3bac6dc879475f6e207f863f86412c6c8f
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8bed38040df1f2a4980f67d6ee53bf3b5beed8cf09624280b5984087e1d6616f
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8c94b64ed2663171b5f9fcb0984f85c668ec6ca9282e95614a350ca60e29335a
8d670ed5b8e199d0e9e6648a410c7dce93be0ae10ed1259f7ac75e47c3df5231
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8fc43c27b7d662813c058fddb3b89757049d99d1457452758a88800ffd27cb
8df46046effa30ba22f79dbdd78ef028b6f4aa16b1544a74cd09d9780d8f2e8f
916c45faee55e744eb2befc2da3332a1f9ac341d139aed9d11b81fce36a2efbd
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
95cfcdecb75ce9b5600c36566be9d29c798284192fb5c381e5ea1c6c570d2898
9680b2d6c8f8067f79fbcced42415032d7717ea062f1f55a4e3bb0f0043e24c9
96de24ec1911155decf97f91fb666b51cef68d0b4c86ce83fc17152e105bc41f
970636c5135d5279ddf794897aa11b0b489026723bb4f8bb0782bb812c6e9ad0
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
98cd0c3553f86027dace3f80514db47b7f234687984851cc73675e72b15a64fe
98f4c16d1710f769cc7dfcbb17b812f9f8447e586ae602af94fcce6166821da4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7
9c2603e1c4e75d210896f2e40f940e1cd05958e7f831d87624a7d592c614d01f
9cae44a5899e97f4c5969c101f1566ad5e1a3ca8fcaff50d2b4c2887c320d59c
9dae1718fb696dd98f6a22b91672f05be01c312512e3a74be21aafd9d8592682
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9e14fa6032f55f3750b785d3538194e591ed060bd8355728cc8bc0c6b91f72b3
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9fdbd6a5d5391db6ac87c070a5b30aa6b5e9b1ec9ccbaa0fe80d71dd808e5096
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20d401494a5f7715c84dea9a9b1f46481b872b7f4eb2cb54c1a3c4fef1b8e6f
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a35f0086821077e657d47f432e4406761f8359d4a910d7f2bb39919eddc6ae26
a3f2d7e0526e78c547cb135b82450b2559a1fe75e13e45c81792402c26aac3de
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a9a7e4be20e1dd427a17b2913bd5a2af739c7217e50d10414604b96cccfd53
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a914a37d097aba12202f68b9937d2e620b4fa3667a6cf81accd54e8920fa5257
abddd7e64702d60829e9037793a92e8dcf4db6a63f8ef39b6d9bb2785463ebbe
abe63c7c19cf7616de394934638e2ab084ee6752846e2be1f33ce52c4e2a89d5
ac4b161801dbe1f8454ae72d39c79f560752c6a25c2a820e8c48b2723f058928
ad2433c5b91ef4e812b11a59b299cd988a427b27a8927dba48086f4acc05fff5
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ade6f4596e7cd10a285d917e64fe290724fd8bc5fead068f3e760385dc03ca7c
afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0aa364c57a89e21cbac7b173cb9ca5a5cbe72cf6b2c0d613446f6e7284220d3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b144ecda7df6018dbe55ea7d1035d383a5ed508b247b29306aebbd1baacabea8
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b5fe3057aa6dcd8b0d0b5a451a738a0ebc998f888e06e8413b0782a22413d4c7
b88294c98b4c1fce241902bb41252c6db190ee4f192d3b92c686045de4163029
bb1229031c6597fb7a3beb861833e190f8014349542fbdaf00ce3a706198e510
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6e03056a4bbdb813e9a4b44cb501af4c8e4639a278f1692af6a2376b398e66
bd1e679461909bf647b2e10e9941278ce2e9e008c2c6db5caf4863ebf4627cca
bfb422fe58ef270d4fd0368480898ca3fe02a624b4e41a835ee33b699d669d50
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29961849a7671f9ab16fc32cbe0b82a1574f8586791d2447102a7757439bf7a
c332349100e41dab1e7e159c6709730e4fac9c324e61c81432f641cc61ca3f37
c46d2c204b0fb92438e9db48ca380a39bf4b8c7e2778009a3d2e1238078a14c5
c7446458448ebfa160267ccd8ef25445162337066d42359a33b46542a606d616
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6c1d0384cd985b09d49aca293e21b772fa0ea54bdfe0d3efbe905c293e1079
ca8e9d60c5e086a57199aa751e54f7645d2cbe4136b7d31ef49ee956604e6dea
cbc81bea578440658201addaa172f02601e0f466c3fd86c756b739c9e7882388
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccd8a2090f936a3bb2532e12097098622af0009a14763270dd84154c48d41469
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
ce82dd2238c5785a5a0d3a25678a841762c0c4b0b7379b4994907630e0f32e5a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0227266e7f6a755f6edcdd4ced8e12f1fbed6f02e51e9ec2dfaba60bde53d4b
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d3c06b60ec5568bda7bda8d79bd6af0b927ae954b6d7886b426d3bbacc4f4316
d44c371fdfecd4b7eb1e994e893e18cf7175c94ee7a0a52180e46a4c7b981c60
d47dc16ecbb8d70cc1cc2e6148b066b16fde82566386bab27c7a78caf849aa03
d6099b3eb651980b598379233f054c2ec5b6ab88137b4a6cf9bcd3b9ab9f50f4
db4a67617b6be8a7e51017e4c994206bd238e35db41d2e70e1efcb9d922d51f9
dca0cb53d70088aa4136f2414930436e0d4057b270db1f025b5dca1039ecdfe6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df4f3632c137908c059c07c2f89bec5c6ceb2ff174924664909fd6baafe2a629
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55119bdeddc64e99c3807f7cad4fe107d3c5a12b0ad917ec281ae5a340922a6
e5e90f6bf5f177fe87400da87543d9972babd6045132e7feec88972f0d05c9dd
e648916d4ad552298e9658a3b3632b292e8d22a13ddf7ca0431b23e2f3b107ff
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
ea0beac43de8bc019880d83c4c3767e2ce6a27123f1842102186b41d5b52e22f
ea6c5b6ccbb8f24a23c7e1054a7cff382b13035b081034dda596a392631fc26a
eb573c339cdc0a3f770ba7f2c79d72877971db1b1d5d74b74f90c2c53625d9a7
eb5a91ed8358b8a192fad4ad9f95d514a0b01e958136ab027670d7a6481fccd1
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed20c8dbf8897c2e6f737f7ec114a1c29fded0bf3d3012d226834f221060105a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03ee2341bf7a88f7a6fc58ffdccbd69096975fdc62e2beaab7d74b64fcca868
f0ebeac09c1fd041c7a6a08aca9bd3f217c78e9c67866a6c5186cbf2919a6156
f4ccf2942489bb44fa7923b2cb00f6c5e41faad154c568903446f825507ad4c2
f5f04899e5a09be6330e63ce04a99ef449be420a98c6c28faa4d4bd81a8d0292
f6de3e2f72ef1f9675697454712d363127ff798aa79d20d81f30512d66dc5235
f70ec51a6090be2b88fc2df03470a1f7781f9426f240a947bc8e57e9c013e4d7
f7e5e88fe574a6c2a04a4161bc0cb0a21a642dbe3b9a66b9c76d38beed4f300a
f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5
f9db8a840c564bf7111bdfa0a232750c193081e2d84328f7242675c89820d47d
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56
faebe75c664887c36b6ae7384255e7cb5b34f393568fac001f993d26363b3f58
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083
fd9c06c8cdd724ceb785875dddbb0b6baac90ed871143b9c193825a1dcdd9bd7
fdc93167a818655607dcc0c8d40615ffc4f27de296bb95ffec37d1bf92fdedbe
feb7b79d6fd419587c6804950ea925ac180fc7b625f97fbf077424bfd42edbc1