urlscan.io logo urlscan.io
SecurityTrails logo

www.themarysue.com Open in urlscan Pro
2606:4700:10::6816:4185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.themarysue.com/
Effective URL: https://www.themarysue.com/
Submission: On April 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 10 countries across 68 domains to perform 229 HTTP transactions. The main IP is 2606:4700:10::6816:4185, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.themarysue.com. The Cisco Umbrella rank of the primary domain is 130126.
TLS certificate: Issued by E1 on March 15th 2022. Valid for: 3 months.
This is the only time www.themarysue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.20.157.141 16625 (AKAMAI-AS)
1 209.250.233.142 20473 (AS-CHOOPA)
22 2600:9000:224... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (STACKPATH...)
6 35.190.39.246 15169 (GOOGLE)
1 35.201.96.133 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 18.64.79.57 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 151.101.192.134 54113 (FASTLY)
5 199.232.196.134 54113 (FASTLY)
2 23.205.241.117 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
4 34.120.157.206 396982 (GOOGLE-CL...)
3 142.250.186.98 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
8 3.213.149.116 14618 (AMAZON-AES)
6 99.84.95.10 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 23.35.236.201 16625 (AKAMAI-AS)
2 2 185.94.180.126 35220 (SPOTX-AMS)
4 35.244.159.8 15169 (GOOGLE)
1 2a0c:5c81:509... 55081 (24SHELLS)
2 3 3.120.28.2 16509 (AMAZON-02)
1 1 23.88.75.189 24940 (HETZNER-AS)
3 4 2.20.157.55 16625 (AKAMAI-AS)
2 2 76.223.111.18 16509 (AMAZON-02)
4 6 69.173.144.139 26667 (RUBICONPR...)
2 2 37.252.172.249 29990 (ASN-APPNEX)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
4 185.167.97.84 41436 (CLOUDWEBM...)
1 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 37.157.6.248 198622 (ADFORM)
2 35.157.246.167 16509 (AMAZON-02)
7 8 23.35.229.117 16625 (AKAMAI-AS)
2 213.19.147.42 3356 (LEVEL3)
1 81.17.55.112 60781 (LEASEWEB-...)
2 184.31.84.150 16625 (AKAMAI-AS)
1 18.196.159.207 16509 (AMAZON-02)
2 34.107.148.139 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
8 62.149.0.72 15497 (COLOCALL ...)
3 2600:9000:215... 16509 (AMAZON-02)
1 37.157.6.245 198622 (ADFORM)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 13 3.127.195.44 16509 (AMAZON-02)
2 54.185.32.160 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
2 51.89.7.198 16276 (OVH)
1 52.89.97.240 16509 (AMAZON-02)
1 178.250.2.131 44788 (ASN-CRITE...)
1 2602:803:c004... 26667 (RUBICONPR...)
1 178.162.133.150 60781 (LEASEWEB-...)
1 2.18.232.7 16625 (AKAMAI-AS)
4 34.149.20.76 15169 (GOOGLE)
1 52.59.80.165 16509 (AMAZON-02)
1 216.52.2.30 29791 (VOXEL-DOT...)
1 34.237.150.112 14618 (AMAZON-AES)
1 54.93.106.38 16509 (AMAZON-02)
2 3.123.118.27 16509 (AMAZON-02)
1 37.252.173.215 29990 (ASN-APPNEX)
1 143.204.98.49 16509 (AMAZON-02)
1 23.206.210.112 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 13.225.80.116 16509 (AMAZON-02)
1 1 62.209.227.211 13036 (TMOBILE-)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 74.121.143.245 30419 (MEDIAMATH...)
4 6 142.250.186.34 15169 (GOOGLE)
1 1 37.252.173.228 29990 (ASN-APPNEX)
2 2 72.251.244.142 29791 (VOXEL-DOT...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 52.208.103.128 16509 (AMAZON-02)
1 3 3.33.220.150 16509 (AMAZON-02)
2 23.205.235.133 16625 (AKAMAI-AS)
1 23.35.228.23 16625 (AKAMAI-AS)
1 1 18.134.84.15 16509 (AMAZON-02)
2 2 52.213.21.147 16509 (AMAZON-02)
1 1 2a05:d018:d29... ()
2 2 3.65.16.69 ()
1 72.251.241.204 ()
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2 209.54.176.128 16509 (AMAZON-02)
229 83
35    2606:4700:10::6816:4185 (United States)

ASN13335 (CLOUDFLARENET, US)
www.themarysue.com
themarysue.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2.20.157.141 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-141.deploy.static.akamaitechnologies.com
s.ntv.io
1    209.250.233.142 (Frankfurt am Main, Germany)

ASN20473 (AS-CHOOPA, US)
PTR: haproxyfe1.production.fra.vultr.georiot.com
geniuslinkcdn.com
22    2600:9000:2240:c00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
6    35.190.39.246 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 246.39.190.35.bc.googleusercontent.com
superficialeyes.com
1    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
terrifictooth.com
5    2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
abcheck.proper.io
eb.proper.io
4    18.64.79.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-57.txl50.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.192.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
5    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
themarysue.disqus.com
2    23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
4    34.120.157.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.themarysue.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:2156:f400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    3.213.149.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-149-116.compute-1.amazonaws.com
jadserve.postrelease.com
6    99.84.95.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-95-10.muc50.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
primis-d.openx.net
propermedia-d.openx.net
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
3    3.120.28.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-28-2.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
4    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
js-sec.indexww.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2600:1f18:612b:4232:dec:f48c:c120:9a90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
60687.publishers.tremorhub.com
4    185.167.97.84 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
video.primis.tech
1    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
8    23.35.229.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-117.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    213.19.147.42 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    81.17.55.112 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
2    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    18.196.159.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-207.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    2600:9000:2156:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
8    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
3    2600:9000:2156:1c00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
1    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
13    3.127.195.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    54.185.32.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-32-160.us-west-2.compute.amazonaws.com
usync.proper.io
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    51.89.7.198 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p20.id5-sync.com
id5-sync.com
1    52.89.97.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-97-240.us-west-2.compute.amazonaws.com
bids.proper.io
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    52.59.80.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-80-165.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
1    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    34.237.150.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-150-112.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
1    54.93.106.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    3.123.118.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-118-27.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    143.204.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-49.fra50.r.cloudfront.net
ats.rlcdn.com
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    13.225.80.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-116.fra2.r.cloudfront.net
geo.privacymanager.io
1    62.209.227.211 (Brno, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    74.121.143.245 (United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    37.252.173.228 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
adscale-emea.adnxs.com
2    72.251.244.142 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-03.ams2.m6r.eu
tracking.m6r.eu
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    18.134.84.15 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-15.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    52.213.21.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-21-147.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a05:d018:d29:3605:9290:fe02:2ee8:2378 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    3.65.16.69 (None, )

ASN- ()
pm.w55c.net
1    72.251.241.204 (None, )

ASN- ()
cm.adgrx.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
39 themarysue.com
www.themarysue.com — Cisco Umbrella Rank: 130126
themarysue.com — Cisco Umbrella Rank: 127944
spc.themarysue.com — Cisco Umbrella Rank: 548117
513 KB
26 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2980
video.primis.tech — Cisco Umbrella Rank: 5969
1 MB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7114
ih.adscale.de — Cisco Umbrella Rank: 5512
16 KB
10 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1106
fastlane.rubiconproject.com — Cisco Umbrella Rank: 458
eus.rubiconproject.com — Cisco Umbrella Rank: 567
token.rubiconproject.com — Cisco Umbrella Rank: 675
15 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
160 KB
9 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5421
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5813
4 KB
8 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 669
6 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302
s.amazon-adsystem.com — Cisco Umbrella Rank: 281
83 KB
8 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1183
5 KB
8 proper.io
global.proper.io — Cisco Umbrella Rank: 8320
abcheck.proper.io — Cisco Umbrella Rank: 9861
usync.proper.io — Cisco Umbrella Rank: 11087
bids.proper.io — Cisco Umbrella Rank: 8894
eb.proper.io — Cisco Umbrella Rank: 11908
130 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 758
dis.criteo.com — Cisco Umbrella Rank: 706
gum.criteo.com — Cisco Umbrella Rank: 383
mug.criteo.com — Cisco Umbrella Rank: 2668
2 KB
6 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1137
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
pr-bh.ybp.yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1132
2 KB
6 disqus.com
disqus.com — Cisco Umbrella Rank: 2748
themarysue.disqus.com — Cisco Umbrella Rank: 255412
7 KB
6 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 82402
212 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2989
r.skimresources.com — Cisco Umbrella Rank: 2852
t.skimresources.com — Cisco Umbrella Rank: 3002
p.skimresources.com — Cisco Umbrella Rank: 4088
20 KB
5 adform.net
adx.adform.net — Cisco Umbrella Rank: 3977
cm.adform.net — Cisco Umbrella Rank: 2148
track.adform.net — Cisco Umbrella Rank: 4449
2 KB
5 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556
htlb.casalemedia.com — Cisco Umbrella Rank: 463
ssum.casalemedia.com — Cisco Umbrella Rank: 1353
3 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 461
hbopenbid.pubmatic.com Failed
image6.pubmatic.com — Cisco Umbrella Rank: 622
18 KB
4 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1496
908 B
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 438
ib.adnxs.com — Cisco Umbrella Rank: 248
adscale-emea.adnxs.com — Cisco Umbrella Rank: 17343
4 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 709
primis-d.openx.net — Cisco Umbrella Rank: 11909
propermedia-d.openx.net — Cisco Umbrella Rank: 11581
719 B
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
3 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
1 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 699
cdn.id5-sync.com — Cisco Umbrella Rank: 1681
12 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1206
contextual.media.net — Cisco Umbrella Rank: 527
10 KB
3 gstatic.com
fonts.gstatic.com
61 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 400
tlx.3lift.com — Cisco Umbrella Rank: 569
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 289
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3059
onesignal.com — Cisco Umbrella Rank: 1122
73 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
162 KB
2 w55c.net
pm.w55c.net
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 503
1 KB
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 12948
1 KB
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1312
id.rlcdn.com — Cisco Umbrella Rank: 601
38 KB
2 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1077
231 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 677
721 B
2 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
348 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1879
24 KB
2 tremorhub.com
60687.publishers.tremorhub.com
646 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 531
1 KB
2 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 4327
l3.aaxads.com — Cisco Umbrella Rank: 5264
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
85 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 897
2 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
705 B
1 adgrx.com
cm.adgrx.com
408 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4481
511 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 723
2 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1709
339 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 445
696 B
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 18336
550 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1433
593 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1654
17 KB
1 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 10552
343 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 607
759 B
1 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 5542
683 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1209
250 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1668
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 903
2 KB
1 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1356
560 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 975
10 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 985
241 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 565
483 B
1 terrifictooth.com
terrifictooth.com — Cisco Umbrella Rank: 84734
6 KB
1 geniuslinkcdn.com
geniuslinkcdn.com — Cisco Umbrella Rank: 58232
6 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3577
115 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
38 KB
229 68
Domain Requested by
34 www.themarysue.com 1 redirects www.themarysue.com
22 live.primis.tech www.themarysue.com
live.primis.tech
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
8 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
8 ads.stickyadstv.com 7 redirects live.primis.tech
8 jadserve.postrelease.com s.ntv.io
www.themarysue.com
6 cm.g.doubleclick.net 4 redirects www.themarysue.com
6 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
global.proper.io
6 superficialeyes.com www.themarysue.com
superficialeyes.com
5 themarysue.disqus.com www.themarysue.com
themarysue.disqus.com
4 token.rubiconproject.com 4 redirects
4 ssc.33across.com global.proper.io
4 video.primis.tech www.themarysue.com
4 spc.themarysue.com themarysue.com
4 sb.scorecardresearch.com 2 redirects www.themarysue.com
3 match.adsrvr.org 1 redirects live.primis.tech
www.themarysue.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 fonts.gstatic.com fonts.googleapis.com
3 x.bidswitch.net 2 redirects www.themarysue.com
3 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
3 fonts.googleapis.com www.themarysue.com
live.primis.tech
superficialeyes.com
3 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.themarysue.com
3 pagead2.googlesyndication.com www.themarysue.com
pagead2.googlesyndication.com
2 s.amazon-adsystem.com 1 redirects www.themarysue.com
2 pm.w55c.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
2 mug.criteo.com www.themarysue.com
2 gum.criteo.com 1 redirects
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 btlr.sharethrough.com global.proper.io
2 id5-sync.com global.proper.io
live.primis.tech
2 ups.analytics.yahoo.com 2 redirects
2 usync.proper.io www.themarysue.com
2 image6.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 prebid.media.net live.primis.tech
global.proper.io
2 htlb.casalemedia.com live.primis.tech
global.proper.io
2 tag.1rx.io live.primis.tech
global.proper.io
2 c2shb.pubgw.yahoo.com live.primis.tech
2 adx.adform.net live.primis.tech
2 script.4dex.io global.proper.io
script.4dex.io
2 60687.publishers.tremorhub.com 1 redirects www.themarysue.com
2 secure.adnxs.com 2 redirects
2 pixel.rubiconproject.com www.themarysue.com
2 eb2.3lift.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 u.openx.net live.primis.tech
2 sync.search.spotxchange.com 2 redirects
2 abcheck.proper.io www.themarysue.com
2 p.skimresources.com www.themarysue.com
2 t.skimresources.com www.themarysue.com
s.skimresources.com
2 connect.facebook.net www.themarysue.com
connect.facebook.net
2 unpkg.com 1 redirects www.themarysue.com
2 global.proper.io www.themarysue.com
global.proper.io
2 cdn.onesignal.com www.themarysue.com
cdn.onesignal.com
1 ads.yahoo.com www.themarysue.com
1 id.rlcdn.com www.themarysue.com
1 px.ads.linkedin.com www.themarysue.com
1 cm.adgrx.com www.themarysue.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 contextual.media.net live.primis.tech
1 js-sec.indexww.com live.primis.tech
1 id.crwdcntrl.net live.primis.tech
1 adscale-emea.adnxs.com 1 redirects
1 sync.mathtag.com 1 redirects
1 dis.criteo.com 1 redirects
1 eb.proper.io global.proper.io
1 ssum.casalemedia.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 geo.privacymanager.io ats.rlcdn.com
1 cdn.id5-sync.com www.themarysue.com
1 secure.cdn.fastclick.net www.themarysue.com
1 ats.rlcdn.com www.themarysue.com
1 propermedia-d.openx.net global.proper.io
1 ib.adnxs.com global.proper.io
1 tlx.3lift.com global.proper.io
1 mantodea.mantisadnetwork.com global.proper.io
1 ap.lijit.com global.proper.io
1 pre.ads.justpremium.com global.proper.io
1 a.teads.tv global.proper.io
1 apex.go.sonobi.com global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 bidder.criteo.com global.proper.io
1 bids.proper.io global.proper.io
1 cm.adform.net s.console.adtarget.com.tr
1 rules.quantcount.com secure.quantserve.com
1 prebid-server.rubiconproject.com live.primis.tech
1 primis-d.openx.net live.primis.tech
1 prg.smartadserver.com live.primis.tech
1 onesignal.com cdn.onesignal.com
1 secure.quantserve.com global.proper.io
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr live.primis.tech
1 l3.aaxads.com www.themarysue.com
1 static.adsafeprotected.com www.themarysue.com
1 r.skimresources.com s.skimresources.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 c.aaxads.com www.themarysue.com
1 disqus.com 1 redirects
1 themarysue.com www.themarysue.com
1 terrifictooth.com www.themarysue.com
1 s.skimresources.com www.themarysue.com
1 geniuslinkcdn.com www.themarysue.com
1 s.ntv.io www.themarysue.com
1 www.googletagmanager.com www.themarysue.com
0 hbopenbid.pubmatic.com Failed live.primis.tech
global.proper.io
229 110
Subject Issuer Validity Valid
*.themarysue.com
E1		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
geniuslinkcdn.com
R3		 2022-02-19 -
2022-05-20		 3 months crt.sh
*.primis.tech
Amazon		 2021-10-28 -
2022-11-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
superficialeyes.com
R3		 2022-04-02 -
2022-07-01		 3 months crt.sh
terrifictooth.com
R3		 2022-04-03 -
2022-07-02		 3 months crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-22 -
2022-04-22		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
spc.bestgamingsettings.com
R3		 2022-02-22 -
2022-05-23		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-03-29 -
2022-06-27		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-03-22 -
2022-06-20		 3 months crt.sh
tracking.justpremium.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 22 frames:

Primary Page: https://www.themarysue.com/
Frame ID: 791CF586BDF14BD98B5C3EE0F481AE0B
Requests: 138 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1649954418&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 4FD8820094DE347FBF5300CAFEFCCA83
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220412/r20190131/zrt_lookup.html
Frame ID: 5B8B8BC13822AAB721A667239405D394
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5435607996905472
Frame ID: D87D2874B4EB878C46AEF224A71C751D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: ABFCA0619A93090FFF38B747EE1EFBB0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: BB80B82634AEB2CA5B5520495E7E20BB
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=94&advUuid=921b832e-bc11-11ec-820d-14684a3a0206
Frame ID: BFCFFB3D4FCE3F808097129643D4D236
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 53B9692A7215225FE310D470AFDF30E4
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: F8E15501C57F054CD19D692972A35771
Requests: 4 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 7AFBEFBE4027665FEE62C9BCEE44C61E
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: D1E28F7699AA1624EDE900F3689A961D
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 0BDD884B94F6741E0FF972D23AB0EADD
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 9E49E1D8211E9B10597C34A05AD6B360
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: 16A2AB80DCC2D72C3266FE0FEE58F32A
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=lsITpOU6fmM06BCsd3mx&pi=admatic&tc=1
Frame ID: 477EF37C41DDAF55BC308B6F17F95248
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Frame ID: 34C7388CD550503F903CC6F13C01F664
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: C562708345DAD856798AA9FDAFB2C5E7
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 18424D29AEF01FB7834EE046065921BD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: A20091E8679ECFE52458797615F40B44
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 03F7FBE08B983436015E591D16BC8529
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C2043%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 62C4925F14F0692F8BF855167AD480C8
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 24F55DC09ABC708D880F9251A15D01E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Mary Sue - The Nexus of Pop Culture and the Uncharted UniverseTwitterTwittermascot-1The Mary SueArrow Left #1 IconArrow right #1 Iconuser-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

  1. http://www.themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

229
Requests

87 %
HTTPS

24 %
IPv6

68
Domains

110
Subdomains

83
IPs

10
Countries

3326 kB
Transfer

6878 kB
Size

89
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://sb.scorecardresearch.com/cs/36750692/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 30
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Request Chain 34
  • https://disqus.com/forums/themarysue/count.js HTTP 302
  • https://themarysue.disqus.com/count.js
Request Chain 81
  • https://sb.scorecardresearch.com/b?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1649954419133&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1649954419133&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
Request Chain 88
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=921b8365-bc11-11ec-820d-14684a3a0206 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=94&advUuid=921b832e-bc11-11ec-820d-14684a3a0206
Request Chain 94
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=93&advUuid=6eb1e981-a0dc-41de-9ec6-c78c4c024316
Request Chain 95
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=99&advUuid=YlhOc5NwqB5u1_gAwwcIjQAABJIAAAAB
Request Chain 96
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1270494800398790191600&advId=121&advUuid=1270494800398790191600
Request Chain 98
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D62584e72d8249%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=105&advUuid=2107558715953330671
Request Chain 99
  • https://60687.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://60687.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Request Chain 145
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=lsITpOU6fmM06BCsd3mx&pi=admatic&tc=1
Request Chain 153
  • https://ih.adscale.de/uu?cbfn=receive&t=1649954419 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1649954419&nut&uu=9615800b52d24f758cd3b0d020e81956
Request Chain 155
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D26da82ef-1e30-41f8-97c9-ea770adbd13d%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&callback=window.proper_482ddfbd_1703a82f_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D26da82ef-1e30-41f8-97c9-ea770adbd13d%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&callback=window.proper_482ddfbd_1703a82f_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=26da82ef-1e30-41f8-97c9-ea770adbd13d&uid=74a940f4-ef3d-43fd-b68f-a89b6f8e720b
Request Chain 156
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b3b3ca3a_312d97be_2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b3b3ca3a_312d97be_2&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-3B3QNjZE2uEyvkUFszalAnYOxghMNy18~A
Request Chain 195
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=9615800b52d24f758cd3b0d020e81956&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=101&tpuid=BBID-01-03246684204303323-16576632
Request Chain 196
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=89612b899f49cbe8c57f5dfbe767356cdab0367a25a76229ef00071668ab8ea0&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlhOc5NwqB5u1-gAwwcIjQAA%261170
Request Chain 198
  • https://track.adform.net/serving/cookie/match/?party=9&uid=01e540ab8db6f133cc4e9dddd0267898aae50919a382c6f3c84afd8489e0d6d2&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=01e540ab8db6f133cc4e9dddd0267898aae50919a382c6f3c84afd8489e0d6d2&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=42&gdpr=0&tpuid=5788521397227936872
Request Chain 199
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=cb1e26bb3ce617cb88b5fb22f3914d10af42a128cdd9609b7d09f2bfa9f273ac&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a2d1a66b-02f6-4043-9bf4-07750f41ceac&gdpr=0
Request Chain 200
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=a54322485019a848b85ac393dfcf2c204309f7a55c22ef68838e27604e5ed89a&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=98236258-4e75-4a00-89e2-cc9ff584fd40&gdpr=0&gdpr_consent=
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=fe1df651402668b64679aa715d67f46af9f4ffdde6f46d9173b6d96c2442d39e&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm=&google_sc=&uid=fe1df651402668b64679aa715d67f46af9f4ffdde6f46d9173b6d96c2442d39e&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg&gdpr=0&google_tc= HTTP 302
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?uid=fe1df651402668b64679aa715d67f46af9f4ffdde6f46d9173b6d96c2442d39e&tpid=38&gdpr=0&tpuid=CAESEBCEckrnlob_BVdSB8gVDzI&google_cver=1
Request Chain 203
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=75&tpuid=2107558715953330671&gdpr=0
Request Chain 204
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5bd278636b3d0a5d792c2872b639c83fdc228758e7eb5e0c214092a2900160a9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5bd278636b3d0a5d792c2872b639c83fdc228758e7eb5e0c214092a2900160a9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/js?tpid=48&tpuid=b59f7f89bed3cceedf4508cd6d252b40
Request Chain 207
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themarysue.com%2F&domain=www.themarysue.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=WPPeJ3wrQlVHYndabE9icC9RaTFxOVZFY3NTL2ZxRzdrZVNvRFp6QjltSVRSanVjb2Z1cGd4anNRUWY2RjNzMHZzbVQ2WnRuYnRiTVhGT3VNcmMzeXg3L1RyczNzNkd3L21aaGlNdTV1TGQxMm45SWNTMW05Y1RZKy9vSFoxaHJWVWtOSkZqT2QwN2xOMGY5SjZlK25tQndoWU1iZ1lNRjVWMG9ELzdWT0lsYmpaRnNQd2svSmdhVHlDL2cybU9QMVh5VXVvRHJjTksybXNsNFozMjFhTkk0U081Ujh5ajlqOStocmNoU016VU9BTXhaVmdYRUxnR3Eya1AreFRnakVla2hQYzA3dEtaek1lTlVvNUNmcWhkRWs4Zz09fA&cppv=2
Request Chain 216
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d34e91afff41c9c8f4c366a2e694ad5&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2c9b_7086500286676505089 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZDM0ZTkxYWZmZjQxYzljOGY0YzM2NmEyZTY5NGFkNQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEL8DdygzvjZAr9OEyq20YG4&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0938438a-244b-4b82-9b46-d75344fd2142 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAIO3U7EsJ0AADiSOhOwkQ&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/d34e91afff41c9c8f4c366a2e694ad5?gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-IQO7Cy1E2oM3jC_4_of5Oq.SU58aH8e2A_Hv3k2d~A HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=9IANxLeV1NF2w85 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEGyE6MBS19-3ok4zkHTZ5yE&google_cver=1
Request Chain 221
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1Z89EEV-1U-AEDY&gdpr=1&us_privacy=1---
Request Chain 223
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODdjZTRkM2M1NTQxM2FjMDE0N2I3NmQ3ZjQ5MjNlMDMwNDJhZTA5Mg&gdpr=1&us_privacy=1---
Request Chain 225
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1Z89EEV-1U-AEDY&sigv=1&esig=2~56314b923c34e6886794e6fd130073f90c639668&gdpr=1&us_privacy=1---
Request Chain 226
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFaODlFRVYtMVUtQUVEWQ==&gdpr=1&us_privacy=1---
Request Chain 227
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

229 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.themarysue.com/
Redirect Chain
  • http://www.themarysue.com/
  • https://www.themarysue.com/
114 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770c405100b64644d50a100e4c15fe29460f4e5872d4f78c66ab6a4dae0704fa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
6fbde1e70c443753-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 16:40:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://www.themarysue.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
6fbde1e69ce10f5a-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 14 Apr 2022 16:40:17 GMT
Expires
Thu, 14 Apr 2022 17:40:17 GMT
Location
https://www.themarysue.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
am-asap-500.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500.woff2?2204040743
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Apr 2022 07:43:36 GMT
server
cloudflare
age
5353
etag
"624aa1a8-2e68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fbde1ed28f53753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11880
am-asap-500i.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500i.woff2?2204040743
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Apr 2022 07:43:36 GMT
server
cloudflare
age
5353
etag
"624aa1a8-31dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fbde1ed28fa3753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12764
crit-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/crit-main.min.css?2204040743
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2339034839b32959726efdc138a2f7493eeb6a9923da9c86725c10326652361a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Apr 2022 07:43:36 GMT
server
cloudflare
age
896152
etag
W/"624aa1a8-b34b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
6fbde1ed28f83753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
def-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		290 B
266 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/def-main.min.css?2204040743
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Apr 2022 07:43:36 GMT
server
cloudflare
age
896152
etag
W/"624aa1a8-122"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
6fbde1ed28fd3753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
min.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/min.js?2204040743
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
age
896152
cf-polished
origSize=13019
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Apr 2022 07:43:36 GMT
server
cloudflare
etag
W/"624aa1a8-32db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fbde1ed29003753-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
flying-focus.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/flying-focus.js?2204040743
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
age
884162
cf-polished
origSize=3787
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Apr 2022 07:43:36 GMT
server
cloudflare
etag
W/"624aa1a8-ecb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fbde1ed8f01e8f7-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3561d2b37624a65db124e3476fab316ef95efde62fa8bfdba5d000fd37890e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54322
x-xss-protection
0
server
cafe
etag
7024328429446349947
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 16:40:18 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1cebea345d1e7060b0fa5a35b549e384a8bda33e68cf2be21e5f8394523fc7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38376
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 16:15:41 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Apr 2022 16:40:18 GMT
load.js
s.ntv.io/serve/ 		394 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.141 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-141.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a0b374cb5be30cf745d18c8403fcf6d68c68720a8b72f6205960a38231056bc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:18 GMT
Content-Encoding
gzip
x-amz-request-id
NMYKFS628PDYN31B
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
XxIoJfPZ12E4yulnXdr3h+xw5zfMkVcDV8uEjwGwszPfxMSxQ25+MdSaCce1ZBCzLvsxTCx/UkI=
Last-Modified
Tue, 12 Apr 2022 15:30:17 GMT
Server
AmazonS3
ETag
"aa068ae425ad39385b7557af7408b5ba"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
ads-prebid-banner-proper-outbrain.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		25 B
130 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/ads-prebid-banner-proper-outbrain.js?2204040743
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
age
896152
cf-polished
origSize=27
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Apr 2022 07:43:36 GMT
server
cloudflare
etag
W/"624aa1a8-1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fbde1ed29063753-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-index.css
www.themarysue.com/wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/style-index.css?ver=1641882089
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
age
1958968
cf-polished
origSize=5733
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 11 Jan 2022 06:21:29 GMT
server
cloudflare
etag
W/"61dd21e9-1665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
6fbde1ed29023753-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
pmpromc.css
www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/ 		182 B
222 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.9.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
age
761415
cf-polished
origSize=220
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Mar 2021 11:12:11 GMT
server
cloudflare
etag
W/"603f6f0b-dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
6fbde1ed29083753-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
www.themarysue.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Aug 2021 09:57:57 GMT
server
cloudflare
age
1958968
etag
W/"6107c1a5-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fbde1ed29093753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
www.themarysue.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Dec 2020 12:49:55 GMT
server
cloudflare
age
1958968
etag
W/"5fec7773-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fbde1ed290b3753-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
snippet.min.js
geniuslinkcdn.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geniuslinkcdn.com/snippet.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.250.233.142 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
haproxyfe1.production.fra.vultr.georiot.com
Software
nginx /
Resource Hash
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
ratelimit-reset
1649954478
last-modified
Mon, 24 May 2021 12:29:48 GMT
ratelimit-limit
15
content-length
5652
ratelimit-resettime
Thu, 14 Apr 2022 16:41:18 GMT
server
nginx
ratelimit-observed
0
etag
"60ab9c3c-1614"
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
ratelimit-remaining
15
expires
Fri, 15 Apr 2022 16:40:18 GMT
bitch-1-768x432.jpg
www.themarysue.com/wp-content/uploads/2022/04/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/bitch-1-768x432.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de57f834eef4e78ceb5d2e3a7ba145fe3212576be90f41bd7fccbd799fcf66d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
cf-cache-status
HIT
age
72053
cf-polished
origSize=72271, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66507
last-modified
Wed, 13 Apr 2022 17:13:39 GMT
server
cloudflare
etag
"625704c3-11a4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ed8f03e8f7-MXP
cf-bgj
imgq:100,h2pri
killing-eve-eve-and-villanelle-432x243.jpg
www.themarysue.com/wp-content/uploads/2020/06/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2020/06/killing-eve-eve-and-villanelle-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34095db30c60a2ab5d9decdcaf96ddb3fb7d60a56e6080e2b131c0fbcb9db57a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
cf-cache-status
HIT
age
235861
cf-polished
origSize=11926, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11721
last-modified
Wed, 17 Jun 2020 19:32:55 GMT
server
cloudflare
etag
"5eea6fe7-2e96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ed8f06e8f7-MXP
cf-bgj
imgq:100,h2pri
liveView.php
live.primis.tech/live/ 		44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f1c16c7dac5394666ae211344aa08ce1f619f18f6b905ee30ea7d942a968130b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/javascript; charset=utf-8
x-amz-cf-id
VeqvKRTkDaxKv6rKfbxPc1f95IGkJafbGx6Yw1-kTYu_l2UZz1SQ3Q==
promo-gossip.jpg
www.themarysue.com/wp-content/themes/m2019-tms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/images/promo-gossip.jpg?v=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
cf-cache-status
HIT
age
1958685
cf-polished
origFmt=jpeg, origSize=3659
content-disposition
inline; filename="promo-gossip.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3474
last-modified
Wed, 16 Mar 2022 22:09:22 GMT
server
cloudflare
etag
"62326012-e4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ed8f08e8f7-MXP
cf-bgj
imgq:100,h2pri
email-decode.min.js
www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:45 GMT
server
cloudflare
etag
W/"62555f9d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6fbde1ed7edee8f7-MXP
vary
Accept-Encoding
expires
Sat, 16 Apr 2022 16:40:18 GMT
mpp-frontend.js
www.themarysue.com/wp-content/plugins/metronet-profile-picture/js/ 		290 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
age
1958686
cf-polished
origSize=331
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 17 Jun 2019 13:15:40 GMT
server
cloudflare
etag
W/"5d07927c-14b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fbde1ed8ef2e8f7-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
comment_count.js
www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/ 		708 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
age
1958686
cf-polished
origSize=889
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Mar 2019 08:40:52 GMT
server
cloudflare
etag
W/"5c91fc94-379"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fbde1ed8efbe8f7-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
theme-my-login.min.js
www.themarysue.com/wp-content/plugins/theme-my-login/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbaa50905cbfd614dc889e6155550145a3ed92a0085f7cbfcdd5df69145dfdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Jul 2020 12:20:42 GMT
server
cloudflare
age
1958686
etag
W/"5eff229a-6cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fbde1ed8efee8f7-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
639
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6fbde1ee1c373758-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 17 Apr 2022 16:40:18 GMT
114526X1684681.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/114526X1684681.skimlinks.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
516fb604fb9b385996d297bfe61bf9e7bb5172aaae91ff7d8263d4a304c3e7f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 10:46:44 GMT
server
AmazonS3
x-amz-request-id
ZR9EVB70NY7SAKXB
etag
"7c8552ec431b274d5b6aeee1c900bb3f"
x-hw
1649954418.cds282.lo4.hn,1649954418.cds290.lo4.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
18850
x-amz-id-2
yt7D7RINozcREdEOj+L4mEmQ0Q7X2PREkYA+TmMQiqmzhxO7W5UDry5quwXwzKuYD0HFCgbJBrs=
v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
superficialeyes.com/ 		526 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f2f5a1538ac5fe38aeda162c6abc7d8e7df72c1c820528845cb68e68bf3e1a5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"558f2873fbd6661bce0af33497382829c4bbf581afa121e65658999fabf412a6"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-33r1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Thu, 14 Apr 2022 16:40:18 GMT
x-buildnumber
516110284
timing-allow-origin
*
v2scndJ-AMeJMokTSkHu5IoG9csmT7Lfvk0EM8dzFKSEFzT2YhAC8u7_JGnlqI6GhAkPEdXTCeVTWn--yRA
terrifictooth.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://terrifictooth.com/v2scndJ-AMeJMokTSkHu5IoG9csmT7Lfvk0EM8dzFKSEFzT2YhAC8u7_JGnlqI6GhAkPEdXTCeVTWn--yRA
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
3da031ff072bc0fde56a065bc8971c0dfce5d9176b611422a3f44b43b4b41958
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"4ea4376c9f215c6fc9aa7de9215934f761ac06c19d593eaf2b489e62f1fa9fa7"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-33r1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Thu, 14 Apr 2022 16:40:18 GMT
x-buildnumber
516110284
timing-allow-origin
*
themarysue.min.js
global.proper.io/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/themarysue.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c9f5be692fa019c8a819eeaa89a138bfa0d21f89a8167454addb19e0cf93eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Mar 2022 19:37:16 GMT
server
cloudflare
age
1803537
etag
W/"623cc86c-729b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6fbde1ede8b15995-MXP
expires
Thu, 14 Apr 2022 16:45:18 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/36750692/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.64.79.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-57.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:35:50 GMT
content-encoding
gzip
etag
W/"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
269
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b4e6a1301a11439372334aa14fb7d310.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
Oq79koaqSeJq8XwsB9dQsXqGafUKRk4x8KhZTlfqshxy3KGlNg8sIQ==

Redirect headers

location
/internal-cs/default/beacon.js
date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 b4e6a1301a11439372334aa14fb7d310.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
content-length
0
x-amz-cf-id
s9BGrnehZWXShY3KcZAyhq8d6hdVvWNTtbAdnJyU4_2UPL4V_UWwsg==
x-cache
Miss from cloudfront
plow.lite.js
themarysue.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.com/plow.lite.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
br
cf-cache-status
HIT
age
1958967
cf-polished
origSize=38821
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 13 Jan 2022 02:24:24 GMT
server
cloudflare
etag
W/"61df8d58-97a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fbde1edea7e3753-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
web-vitals.iife.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
7222988
fly-request-id
01FSX6RSS0FHBQ6KRMPJWR4WR9
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbde1efa8fdf937-MXP

Redirect headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G0MEPNNKEF1KZSS82EZP1CPD-fra
server
cloudflare
age
465
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fbde1ee1e7ff937-MXP
access-control-allow-origin
*
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9ccf92e5a2cd1ab8140c4968c3a1ff0ccee53e2358ed33074502879daa5cff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
AXItPPiyXhE7L/JKLh2MgA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
E8NXKHcdWhFTl/ys87fPKiZVTIASvu9C4ummoDJqS0ik/QydvxgcFM1w900EyQbVRGr4r+UA4DWcJVFN2VTphg==
x-fb-trip-id
917726464
x-fb-content-md5
8df77f196763a5b2beebee7bbc5436f4
x-frame-options
DENY
date
Thu, 14 Apr 2022 16:40:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"8fdbf4da937d82413444de215ad69a62"
timing-allow-origin
*
expires
Thu, 14 Apr 2022 16:44:46 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1387
date
Thu, 14 Apr 2022 16:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 14 Apr 2022 18:17:11 GMT
liveView.php
live.primis.tech/live/ Frame 4FD8 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1649954418&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
68a748a0cacf5f91642f984c40a948e0607f52370693ab61dc396621c0c60b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/javascript; charset=utf-8
x-amz-cf-id
x7QaPnGeiFd3-1HL3TauaE3h2arMW4W0tVj_rCxbMM6P_QfEmS7aqw==
count.js
themarysue.disqus.com/
Redirect Chain
  • https://disqus.com/forums/themarysue/count.js
  • https://themarysue.disqus.com/count.js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
137
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Apr 2022 19:06:38 GMT
Server
nginx
ETag
"62547c3e-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
Ru_Vq-WyL-atLN-kAGhR0-KVytPL_WDKXW4uNSnyvvuIVKkPvCFqnA==

Redirect headers

Date
Thu, 14 Apr 2022 16:40:18 GMT
Server
Varnish
Strict-Transport-Security
max-age=300; includeSubdomains
Location
https://themarysue.disqus.com/count.js
Cache-Control
public, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
count.js
themarysue.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
137
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Apr 2022 19:06:38 GMT
Server
nginx
ETag
"62547c3e-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
Ru_Vq-WyL-atLN-kAGhR0-KVytPL_WDKXW4uNSnyvvuIVKkPvCFqnA==
aax.js
c.aaxads.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAXBD4DM4&hst=www.themarysue.com&ver=1.2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3d1d3ab4a107f189880c33d8a836b0db15dd148d91f4d486c89ffe04d32603c6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Thu, 14 Apr 2022 16:40:18 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store
content-length
1003
expires
Thu, 14 Apr 2022 16:40:18 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204110101/ 		303 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com&bust=31067064
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd17f519ce6b2f4a266ba93e3fede2df688dd96b5427192b8cb79e6689c17981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110742
x-xss-protection
0
server
cafe
etag
13449358187740838072
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 16:40:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220412/r20190131/ Frame 5B8B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220412/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
40251
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 05:29:27 GMT
etag
14837630671339829333
expires
Thu, 28 Apr 2022 05:29:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
acv.json
superficialeyes.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/acv.json
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Thu, 14 Apr 2022 16:05:06 GMT
x-datacenter
gce-europe-west1
date
Thu, 14 Apr 2022 16:40:18 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-33r1
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
accept-ranges
bytes
/
r.skimresources.com/api/ 		150 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
eeea31a6bfdd138d4b73ba00b67f221be13a1b5058fc3e934b7eee9ef8900e83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame D87D 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5435607996905472
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=1.7390009854577988
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=1.7390009854577988
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
all.js
connect.facebook.net/en_US/ 		289 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=1196087ff72d34de835f8808edbd8237
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8c6bcbbfcef32acd463fa9971d5e83d6944d7d71060dddc93e4fb29c49e3d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
cMajzjpCKpD7Crhivkuang==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84310
x-fb-rlafr
0
x-fb-debug
pVVK3xtZod6QN/RN1aKSNsIVh9nun0mnOBR0cT6uNTNTZK/tb7sGAIRDvrGmXwIe5ywGFL+agbuwrLPBn6gYbg==
x-fb-content-md5
a7baea976dc830a7d991c5b6a5f260a3
x-frame-options
DENY
date
Thu, 14 Apr 2022 16:40:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"cabc7d17cbe6bbfaafa08e295562d6f7"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Apr 2023 14:48:31 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 4FD8 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1649954418&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-id
a2-aL_vHSzNXTHXHpoY5YNT3vBZDTB4j0lqHs1mH-LE0yyWCwBE3Mw==
expires
Fri, 14 Apr 2023 16:40:18 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 4FD8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1649954418&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
W/"6024fccc-228f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-id
DD9saj3Ivt3Z1xHUF5zX1-dCwfiJdwBRtNQXdj7BU_j68zRM2IFo5A==
expires
Fri, 14 Apr 2023 16:40:18 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 4FD8 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1649954418&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"6024fccc-1ef8"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
7928
x-amz-cf-id
11QzWSBkeRFBeERYWyGQev6nTelp9aROBGEaTdxlq5gIEG3mD5OBug==
expires
Fri, 14 Apr 2023 16:40:18 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 4FD8 		258 KB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1649954418&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"623b1724-409bc"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
264636
x-amz-cf-id
NqQiBhIeu-b26UtjelYQBpLUWJp-ZPve4JE5uJs_z7eC57uNVY5T_w==
expires
Fri, 14 Apr 2023 16:40:18 GMT
prebidVid.5.18.0_11.min.js
live.primis.tech/content/prebid/ Frame 4FD8 		490 KB
491 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1649954418&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8dad17c7c62057440ce13ba42120968005b66d0d7125df6b3086e8588fded21e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 06:22:56 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"62415440-7a683"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
501379
x-amz-cf-id
dlKKtD84G3qe5IPT_69SxtsHC0Fd8JBZEBy6AaCvpSBxsoHrhLW1nQ==
expires
Fri, 14 Apr 2023 16:40:18 GMT
liveVideo.php
live.primis.tech/live/ Frame 4FD8 		557 KB
558 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1649954418&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0804cbe4748a8e06bd803cbbaf2a33bc75c9e00f629cceff0f27d1d181ed1fa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
vTDklec3YljAKTJQ0OuDAM-v1lWXF21OpzDNFB4jipvQpkWUJvn6GA==
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
5
alt-svc
clear
content-length
0
content-type
text/html
date
Thu, 14 Apr 2022 16:40:19 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
4fbf88a2b2cd6cf88da4c749a4952f92
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: themarysue.com
URL: https://themarysue.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
882aebe48ee5d2cda16d8a16d61c2aa0
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1610706311&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1568137712&gjid=1533062347&cid=1819658357.1649954419&tid=UA-21433528-1&_gid=1338656727.1649954419&_r=1&gtm=2ou460&z=1964505570
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1610706311&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1819658357.1649954419&tid=UA-21433528-1&_gid=1338656727.1649954419&gtm=2ou460&z=187800600
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 13:26:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11645
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/themarysue.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
4887329d85e3a31b977f06d6493cfd7478802d5664b7d0caab9b94353cd41066
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28616
x-xss-protection
0
server
sffe
etag
"1186 / 341 of 1000 / last-modified: 1649934465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 16:40:19 GMT
latest.js
global.proper.io/payloads/ 		470 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/themarysue.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7de65c6e254274f0b1b5e82e543167bba263639bf19c2736db814e1e57cf83d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Apr 2022 19:24:10 GMT
server
cloudflare
age
674254
etag
W/"624de8da-75814"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6fbde1ef1bd55995-MXP
expires
Thu, 14 Apr 2022 16:45:19 GMT
px.gif
abcheck.proper.io/ 		842 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=1&rn=5.987803924734501
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
PJW8ETFGR53SGNB3
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6fbde1ef3c175995-MXP
content-length
842
x-amz-id-2
9IvgG+5W/95b+vtlKfVmeScbmboyRQvrMyimNhsQa9WbZ5qNlJjwbMef+phIi94SWtCWLFy0FZI=
expires
Thu, 14 Apr 2022 20:40:19 GMT
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=2&rn=5.987803924734501
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
PJW2Z2SA0NDWNZSM
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6fbde1ef3c195995-MXP
content-length
842
x-amz-id-2
RcVUYgF/Z2iPdaKR7GBkS/CFwR40sV6aRC/OodvQydZcVWJZ20SGWjDWvexrf3EXqysfO2oaEoU=
expires
Thu, 14 Apr 2022 20:40:19 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
etag
"45cf913e5d9d3c9b2058033056d3dd23"
age
21687945
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
date
Wed, 09 Mar 2022 01:19:46 GMT
content-type
image/gif
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
ZQfERmQ6MQVtWUKxAwOeZgTNLVlojmI891KXmhrGv3E5v1My8qny_Q==
count-data.js
themarysue.disqus.com/ 		904 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=578091%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D578091&1=581852%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D581852&1=583070%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583070&1=583286%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583286&1=583472%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583472&1=583578%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583578&1=583616%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583616&1=583680%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583680&1=583713%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583713&1=583717%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583717
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cfa5314fee79c2345f95f11819a54724c2c23754bd9045d17394667349ab12a7
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:19 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
534
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
904
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		901 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=583722%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583722&1=583723%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583723&1=583735%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583735&1=583783%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583783&1=583838%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583838&1=583843%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583843&1=583848%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583848&1=583856%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583856&1=583892%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583892&1=583908%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583908
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b25ffb114cadb04dcb4afda307993ee526a940c1b3b94f843c6ecef4de9ad70b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:19 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
534
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
901
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		625 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=583945%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583945&1=583949%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583949&1=583956%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583956&1=583967%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583967&1=583979%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583979&1=583981%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D583981
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bddf63c665a69da05cef3a7b9ad4ff0dcd6e2f1c2c8e9d662cbcf09fa0a9a61d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:19 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
534
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
625
X-XSS-Protection
1; mode=block
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
942
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6fbde1ef5eaf0f5a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 17 Apr 2022 16:40:19 GMT
t
jadserve.postrelease.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.themarysue.com%2F&ntv_mvi&us_privacy=1---
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-149-116.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
545bf3e9201bb57a7add7c3f3bb2037089b340d7fab3d6b03603f0b5fd04fa9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1493
expires
Mon, 1 Jan 1990 12:00:00 GMT
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=7qncktuk8msn46iukwj9n0pj5dqcimbpi3&lwbsh=AAX&u=7&p=ESI_FAILOVER_http%3a%2f%2fhbs-sc-a.media.net%2faaxexchange.php%3f%26esi%3d1%26cc%3dDE%26ugd%3ddesktop%26cv%3d35%26dn%3dwww.themarysue.com%26version%3d1.2%26cid%3dAAXBD4DM4%26itype%3dAAX%26split%3dCONTROL%26lw%3d0%26dapp%3dGREEN%26blip%3d0%26chost%3dc.aaxads.com&flg=AAXBD4DM4&gq=www.themarysue.com&uhtxuo=https%3A%2F%2Fwww.themarysue.com%2F
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 14 Apr 2022 16:40:19 GMT
obi-wan-kenobi-teaser-trailer-tall-2jd0a-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/03/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/03/obi-wan-kenobi-teaser-trailer-tall-2jd0a-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95cafd33a12a3cfdfd4a5e6dab5c728a9f0999bf81cedddafb8c31283305ff1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
72035
cf-polished
origSize=20085, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15729
last-modified
Wed, 09 Mar 2022 18:59:55 GMT
server
cloudflare
etag
"6228f92b-4e75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a4ce8f7-MXP
cf-bgj
imgq:100,h2pri
942f56b9a7f24f7de1e47ab3c68b4748_4096x2730_346807ef-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/942f56b9a7f24f7de1e47ab3c68b4748_4096x2730_346807ef-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa3fca78756438cdf9a940f6375fc665c0460f6c2de888636b782e39890319d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
28522
cf-polished
origSize=10861, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10803
last-modified
Wed, 13 Apr 2022 14:54:21 GMT
server
cloudflare
etag
"6256e41d-2a6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a4de8f7-MXP
cf-bgj
imgq:100,h2pri
Maddie-and-Rachel-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/04/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/Maddie-and-Rachel-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09214e8c80e89024f383a1cb50f3a6ab94cd59c3fc7a87a10f26ce79fa8a983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
83603
cf-polished
origSize=32092, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31052
last-modified
Tue, 12 Apr 2022 20:18:01 GMT
server
cloudflare
etag
"6255de79-7d5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a4fe8f7-MXP
cf-bgj
imgq:100,h2pri
oklahoma-abortion-law-ban-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/04/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/oklahoma-abortion-law-ban-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af09ccbab59b0e94a3847433ffa65f161d3a0fd5d1721497cdd68b5f0bf0bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
119290
cf-polished
origSize=44932, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37733
last-modified
Tue, 12 Apr 2022 21:25:04 GMT
server
cloudflare
etag
"6255ee30-af84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a52e8f7-MXP
cf-bgj
imgq:100,h2pri
The-Last-of-Us-first-look-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/09/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/09/The-Last-of-Us-first-look-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff220af9be99ad485403d3f73eb9ca949bdb9992174d675f0338d45acc40e15e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
cf-polished
origSize=41521, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30986
last-modified
Mon, 27 Sep 2021 15:01:11 GMT
server
cloudflare
etag
"6151dcb7-a231"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a53e8f7-MXP
cf-bgj
imgq:100,h2pri
Everything-Everywhere-All-At-Once-Michelle-Yeoh-New-Movie-Daniels-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/04/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/Everything-Everywhere-All-At-Once-Michelle-Yeoh-New-Movie-Daniels-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7d1ca417fcd28f86be043006e474e6cc0c02f98feddaef88d5be9e6dc7656d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
cf-polished
origSize=43397, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35475
last-modified
Mon, 04 Apr 2022 13:30:42 GMT
server
cloudflare
etag
"624af302-a985"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a54e8f7-MXP
cf-bgj
imgq:100,h2pri
trump-endorse-dr-oz-senate-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/04/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/trump-endorse-dr-oz-senate-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc866a9fb4f1183403e7a466ceec772df0afc6d4ba33e7376bc105a14c542c47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
66914
cf-polished
origSize=22255, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15903
last-modified
Wed, 13 Apr 2022 20:57:55 GMT
server
cloudflare
etag
"62573953-56ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a55e8f7-MXP
cf-bgj
imgq:100,h2pri
batman-conroy-pride-story-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/04/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/batman-conroy-pride-story-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb7f5695b7f3d8d128002c29e099bde0c8a9b41544922fbc38d98554530080b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
66914
cf-polished
origSize=13839, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13660
last-modified
Wed, 13 Apr 2022 21:44:09 GMT
server
cloudflare
etag
"62574429-360f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a57e8f7-MXP
cf-bgj
imgq:100,h2pri
our-flag-means-death-bonnet-blackbeard-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/03/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/03/our-flag-means-death-bonnet-blackbeard-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d73db517e551a81120695ffdc0a1d21559f16ee93dc644da829102d0f37efc8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
27353
cf-polished
origSize=30129, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26823
last-modified
Wed, 23 Mar 2022 18:08:14 GMT
server
cloudflare
etag
"623b620e-75b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a58e8f7-MXP
cf-bgj
imgq:100,h2pri
Jared-leto-Morbius-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/02/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/Jared-leto-Morbius-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0360a66a645694e458fdf7633b1e80df0509688f49ce591edc1068bf046fc818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
145758
cf-polished
origSize=16381, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15885
last-modified
Sat, 12 Feb 2022 01:34:17 GMT
server
cloudflare
etag
"62070e99-3ffd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a59e8f7-MXP
cf-bgj
imgq:100,h2pri
Gregory-Janine-and-Taylor-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/04/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/Gregory-Janine-and-Taylor-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25473553f3925a3a064adb60b4ed7154974efe4a53446ae3997ebe1a65118a00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
27353
cf-polished
origSize=29416, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28214
last-modified
Wed, 13 Apr 2022 20:05:20 GMT
server
cloudflare
etag
"62572d00-72e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a5ae8f7-MXP
cf-bgj
imgq:100,h2pri
5-things-from-chilling-part-3-432x243.jpg
www.themarysue.com/wp-content/uploads/2020/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2020/01/5-things-from-chilling-part-3-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc23eadbb4d725609927b8b25bc1d0a1de3b21bca995fd4e521fc8601003381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
66886
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10172
last-modified
Thu, 16 Jan 2020 17:26:22 GMT
server
cloudflare
etag
"5e209cbe-27bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a5be8f7-MXP
cf-bgj
imgq:100,h2pri
FQORG2gXoAcVcWn-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/04/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/FQORG2gXoAcVcWn-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8efb881f52f3dcff9841a3c083b0d3b115757694ce4d8a0d0be398e011857d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
28522
cf-polished
origSize=12708, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12469
last-modified
Wed, 13 Apr 2022 19:29:07 GMT
server
cloudflare
etag
"62572483-31a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a5ce8f7-MXP
cf-bgj
imgq:100,h2pri
Abbott-Elementary-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/04/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/Abbott-Elementary-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e584a6383effb3efe00fcf3d6c761e8e7495dd070e2ddf15e5fec8bda6a20d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
cf-cache-status
HIT
age
72030
cf-polished
origSize=29552, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28535
last-modified
Wed, 13 Apr 2022 16:21:44 GMT
server
cloudflare
etag
"6256f898-7370"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6fbde1ef9a5de8f7-MXP
cf-bgj
imgq:100,h2pri
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1649954419133&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1649954419133&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1649954419133&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.64.79.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-57.txl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 b4e6a1301a11439372334aa14fb7d310.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
4MrAOuzKXS0SDsJPurzIP9K8J4-Juz0SereqOPbZIDiskHtTw_rYTg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1649954419133&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 b4e6a1301a11439372334aa14fb7d310.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
content-length
0
x-amz-cf-id
VyGGQOrlAs3p7Q50zNcucDd76NmdevMjWCfGBQZ1qxLzk_FfFpxx6w==
x-cache
Miss from cloudfront
page
t.skimresources.com/api/v2/ 		22 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"620367f6-465a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
18010
x-amz-cf-id
vUyKbugkwVRDYeXvI49Uz52VxDrv2bAJCviSaGY0oKNkmV3f0RanCg==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4FD8 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.95.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-95-10.muc50.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
197
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0QDSPXYXN0KAQ97GKSWC
date
Thu, 14 Apr 2022 16:37:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
MUC50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
tGr7NweNlJHW_0cxZMiq-Y9lTxIq6uvRSr1zkFr2VJvqDMfdVOWM7A==
css
fonts.googleapis.com/ Frame ABFC 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 15:19:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 14 Apr 2022 16:40:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Apr 2022 16:40:19 GMT
css
fonts.googleapis.com/ 		1 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 15:22:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 14 Apr 2022 16:40:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Apr 2022 16:40:19 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB80 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=154473
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 16:40:19 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 11:34:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame BFCF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=94&advUuid=921b832e-bc11-11ec-820d-14684a3a0206
0
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=94&advUuid=921b832e-bc11-11ec-820d-14684a3a0206
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
no-store
content-type
text/html; charset=utf-8
date
Thu, 14 Apr 2022 16:40:19 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-id
MZ1Duo_0Bn5wVoR7kKlXOY84CJkp5kk7_iENXIg3yhrO4gABQnRkDw==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Thu, 14 Apr 2022 16:40:19 GMT
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=94&advUuid=921b832e-bc11-11ec-820d-14684a3a0206
Server
nginx
X-fe
95
cm
u.openx.net/w/1.0/ Frame 53B9 		43 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Thu, 14 Apr 2022 16:40:19 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
s.console.adtarget.com.tr/ Frame F8E1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d4b936ca0bb9753f4937ef90ae3797a3a9d2231694a095e07b602735ad494aa3

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.themarysue.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
892
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 16:40:18 GMT
Server
Adtelligent
X-Robots-Tag
noindex
liveView.php
live.primis.tech/live/ Frame 4FD8 		49 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2I4NWU1Y2I5MTAlNTQ3NDElLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTp1JaZcZF9wo250ZW50X2Ryp2M9VE1TK0V4Y2k1p2y2ZSUmQSgWnWN0o3JcYSguozQeQWJxqWjeQ2kcpCUlQlfyMwJJJTI3oSgmolgfo25yoHxyMwIzqzyxX2NioaRyoaRsqGy0oGU9VE1TK0V4Y2k1p2y2ZSUmQSgWnWN0o3JcYSguozQeQWJxqWjeQ2kcpCUlQlfyMwJJJTI3oSgmolgfo25yoHxyMwIzqzyxX2NioaRyoaRsZHVlYXRco249MTE5JzRyYaVaSW5zo3JgYXRco249Jat9MmAjJax9MwUjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM0MxQmMTM0NUYmMTM5N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBMwpkJTNBJTNBMWUzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMC4jLwQ4OTYhNmUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPXBlnW1cp1BfYXyypvZwp3V1nWQ9NwI1ODRyNmJxODI0OSZwYaVmqGVlPTE2NDx5NTQ0MTxlNwxzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d02f884d93ba8bdcacdb3ec393addf0b6f66665e5d73fd0f5445ac18752b5812

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
content-type
application/json; charset=utf-8
content-length
6270
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-id
WBb5S-x5EuTFg40lHf8_PpXDlFjgYxMm6IgaaTz5Zr_s1OzwhIvqcA==
liveView.php
live.primis.tech/live/ 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0OTx1NDQkOSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM0MxQmMTM0NUYmMTM5N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTI3MSUmQSUmQTFyJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMC4jLwQ4OTYhNmUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNTt0ZTplZDtlNDxzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0OTx1NDQkOTI1OSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwU4NGU3MmA2Ywp5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=UTF-8
x-amz-cf-id
TKbMPBdXMv539dfWbdewAmUxaSA62i3HLfxUV1oN-y96g18gmueIJg==
sync
x.bidswitch.net/ Frame 4FD8 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.28.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-28-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 4FD8
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=93&advUuid=6eb1e981-a0dc-41de-9ec6-c78c4c024316
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=93&advUuid=6eb1e981-a0dc-41de-9ec6-c78c4c024316
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:18 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=utf-8
x-amz-cf-id
vyHKSlBcb5K_rxreIjmAo3Me19FgZ8AUv_qRMEA6HdWNH1jDbWt2KA==

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=93&advUuid=6eb1e981-a0dc-41de-9ec6-c78c4c024316
date
Thu, 14 Apr 2022 16:40:19 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 4FD8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=99&advUuid=YlhOc5NwqB5u1_gAwwcIjQAABJIAAAAB
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=99&advUuid=YlhOc5NwqB5u1_gAwwcIjQAABJIAAAAB
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=utf-8
x-amz-cf-id
LHZHu1Xq79IFtuKU6cZAj3UAov7Y-20Vpjh3X5wTbxgusZ10JS0Wtw==

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=99&advUuid=YlhOc5NwqB5u1_gAwwcIjQAABJIAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Thu, 14 Apr 2022 16:40:19 GMT
liveCS.php
live.primis.tech/live/ Frame 4FD8
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1270494800398...
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1270494800398790191600&advId=121&advUuid=1270494800398790191600
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=utf-8
x-amz-cf-id
v2LThT53ZcBPjhYRcVSeWnQ6WUSO4PiJ34g1bKBZt26u8wrwiHqKvA==

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1270494800398790191600&advId=121&advUuid=1270494800398790191600
date
Thu, 14 Apr 2022 16:40:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.php
pixel.rubiconproject.com/exchange/ Frame 4FD8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 4FD8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D62584e72d8249%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=105&advUuid=2107558715953330671
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=105&advUuid=2107558715953330671
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=utf-8
x-amz-cf-id
CkfFMl9LLBOrzRznG_EZSWiAtqXVZHkmYYnQr1BVJoiu5m3QqPlRHQ==

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:19 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
09c66d8a-ce01-40fa-880e-05c96afbd11a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62584e72d8249&pixel=&advId=105&advUuid=2107558715953330671
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
verify
60687.publishers.tremorhub.com/pubsync/ Frame 4FD8
Redirect Chain
  • https://60687.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%...
  • https://60687.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3Dhttps%253A%252F%252Fsync.intent...
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://60687.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:1f18:612b:4232:dec:f48c:c120:9a90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
date
Thu, 14 Apr 2022 16:40:19 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
vid61937b85e5cb9102547412.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61937b85e5cb9102547412.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.97.84 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
3d3703ad334677000a6ea84f38f8cf3df353569eb5297a8050a77e6d2bd075ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 09:44:35 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"733285b501024b5a8716bbcee451cfcf"
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 16:40:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
9119
x-amz-cf-id
KyY11D6xMQx9yU0ybcl5ZlxSoMdIuC4DrHvH5F84ui-fAZLmnJNywg==
x-proxy-cache
HIT
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2138
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Apr 2023 16:04:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		294 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8224f8d161df348d51769b3d83fe9b9c2f0ff8c01a3942069d2004a56a3bf449
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154
x-xss-protection
0
expires
Thu, 14 Apr 2022 16:40:19 GMT
liveView.php
live.primis.tech/live/ Frame 4FD8 		114 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2I4NWU1Y2I5MTAlNTQ3NDElLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTp1JaZcZF9wo250ZW50X2Ryp2M9VE1TK0V4Y2k1p2y2ZSUmQSgWnWN0o3JcYSguozQeQWJxqWjeQ2kcpCUlQlfyMwJJJTI3oSgmolgfo25yoHxyMwIzqzyxX2NioaRyoaRsqGy0oGU9VE1TK0V4Y2k1p2y2ZSUmQSgWnWN0o3JcYSguozQeQWJxqWjeQ2kcpCUlQlfyMwJJJTI3oSgmolgfo25yoHxyMwIzqzyxX2NioaRyoaRsZHVlYXRco249MTE5JzRyYaVaSW5zo3JgYXRco249Jat9MmIjJax9MTtjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM0MxQmMTM0NUYmMTM5N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBMwpkJTNBJTNBMWUzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMC4jLwQ4OTYhNmUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPXBlnW1cp1BfYXyypvZwp3V1nWQ9NwI1ODRyNmJxODI0OSZwYaVmqGVlPTE2NDx5NTQ0MTxlOTxzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c8a3d6161c2cc5e8a4878b8907a3411a15b2340d166c0dba299d6761cce76323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
content-type
application/json; charset=utf-8
content-length
11000
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-id
RSpbrXuXkUFwmR8z5Nw8qHMkISy5m4uJVjng3RHbg1gdhUphWDKbfQ==
liveView.php
live.primis.tech/live/ Frame 4FD8 		114 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2I4NWU1Y2I5MTAlNTQ3NDElLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTp1JaZcZF9wo250ZW50X2Ryp2M9VE1TK0V4Y2k1p2y2ZSUmQSgWnWN0o3JcYSguozQeQWJxqWjeQ2kcpCUlQlfyMwJJJTI3oSgmolgfo25yoHxyMwIzqzyxX2NioaRyoaRsqGy0oGU9VE1TK0V4Y2k1p2y2ZSUmQSgWnWN0o3JcYSguozQeQWJxqWjeQ2kcpCUlQlfyMwJJJTI3oSgmolgfo25yoHxyMwIzqzyxX2NioaRyoaRsZHVlYXRco249MTE5JzRyYaVaSW5zo3JgYXRco249Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM0MxQmMTM0NUYmMTM5N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBMwpkJTNBJTNBMWUzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMC4jLwQ4OTYhNmUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPXBlnW1cp1BfYXyypvZwp3V1nWQ9NwI1ODRyNmJxODI0OSZwYaVmqGVlPTE2NDx5NTQ0MTxlOTxzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ad00407ed22b4ebc9660088fd503836b9a8c8aa28c72c4450d565dd6a8b5bdbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
content-type
application/json; charset=utf-8
content-length
11009
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-id
gVhqhaWCtr7oPKS-iii59zfYmiHafan_jdiivLCwOpgr40SPFw_H2Q==
liveView.php
live.primis.tech/live/ Frame 4FD8 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2I4NWU1Y2I5MTAlNTQ3NDElLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTp1JaZcZF9wo250ZW50X2Ryp2M9VE1TK0V4Y2k1p2y2ZSUmQSgWnWN0o3JcYSguozQeQWJxqWjeQ2kcpCUlQlfyMwJJJTI3oSgmolgfo25yoHxyMwIzqzyxX2NioaRyoaRsqGy0oGU9VE1TK0V4Y2k1p2y2ZSUmQSgWnWN0o3JcYSguozQeQWJxqWjeQ2kcpCUlQlfyMwJJJTI3oSgmolgfo25yoHxyMwIzqzyxX2NioaRyoaRsZHVlYXRco249MTE5JzRyYaVaSW5zo3JgYXRco249Jat9MmIjJax9MTtjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM0MxQmMTM0NUYmMTM5N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBMwpkJTNBJTNBMWUzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMC4jLwQ4OTYhNmUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPXBlnW1cp1BfYXyypvZwp3V1nWQ9NwI1ODRyNmJxODI0OSZwYaVmqGVlPTE2NDx5NTQ0MTxmMDAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31345F31397D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B4C31323237397DFEFE&userIpAddr=2001%3Aac8%3A20%3A271%3A%3A1e&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62584e72d8249&debugInfo=16889076_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
31fee77a88fdb65355bd6d032000257cc487872e9ca405f7e1c7db68015ce687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:18 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
content-type
application/json; charset=utf-8
content-length
5144
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-id
cNn01m4YxVkGGb_x6BOeIK-SnL5PhRKZiNxy_LFpaBBCTJ5zhcemug==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 21 Apr 2022 16:40:19 GMT
localstore.js
script.4dex.io/ 		483 B
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
266469
x-amz-request-id
tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2
tx0c810f9b689a43feb0d6c-0062543d8e
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zaYQhAIKBn35KS6Pf%2BUendAPqZuXoIX6VtRASfNgkIRbJZGKxuJE6MY2T8y2TMxIMi2zMVPTdbEWBZY0tB0w1fklX1Th4KdEfIya%2BSZelsTDVkMJzo5nDF7Q7DbkinZVj%2B%2FkVMiWi96eL5a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1649687875786561
cf-ray
6fbde1f18a290e26-MXP
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: themarysue.com
URL: https://themarysue.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
00e51cc7bfa01fac9f31672cab3c85e9
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
5
alt-svc
clear
content-length
0
content-type
text/html
date
Thu, 14 Apr 2022 16:40:19 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
a46510fbb31003eb9b93d1c9ed98e3f0
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 19:30:15 GMT
x-content-type-options
nosniff
age
76204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:17:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 19:30:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ABFC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
572038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Apr 2023 01:46:21 GMT
web
onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba340cafadf50dec788caca106bb578a9c5593017e1d1e22bdf7f4141907e66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
994
cf-polished
origSize=3421
status
200 OK
x-envoy-upstream-service-time
21
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ac688ebe-505a-40c2-abb7-92e3bda30d88
x-runtime
0.020139
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"a29462264fff2ca01fc8aba5d120f775"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6fbde1f18da53758-MXP
access-control-allow-headers
SDK-Version
expires
Thu, 14 Apr 2022 17:40:19 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Thu, 14 Apr 2022 16:40:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 14 Apr 2022 16:40:19 GMT
server
ATS/9.1.0.33
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4FD8 		67 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1649954419482&pKey=-187781319&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.themarysue.com%2F&playerSize=320x180&schain=1.0%2C1!primis.tech%2C29569%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.229.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:19 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1649954419474047-504
Expires
Thu, 14 Apr 2022 16:40:19 GMT
mvo
tag.1rx.io/rmp/246181/0/ Frame 4FD8 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/246181/0/mvo?z=1r&hbv=5.18,2.1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
openrtb
adx.adform.net/adx/ Frame 4FD8 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
liveInternalSsp.php
live.primis.tech/live/ Frame 4FD8 		25 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0EmMwAyMxMyMwJbZWyanHQyMwIyM0EkODAyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlMwAjMSUmQWFwOCUmQTIjJTNBMwpkJTNBJTNBMWUyMwIyMxMyMwJaZW9JZCUlMvUmQTU3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlREUyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGMTAjLwAhNDt5Nv43NSUlMFNuZzFlnSUlRwUmNl4mNvUlMvUlQlUlMzkuqCUlMvUmQSUlMwUjLwEjNDxyMwIyMxMyMwJfo24yMwIyM0EyMwI4LwYlOTUyMwIyMxMyMwJupHBOYW1yJTIlJTNBJTIlJTIlJTJDJTIlYXBjSWQyMwIyM0EyMwIyMwIyMxMyMwJcp0FjpCUlMvUmQTAyMxMyMwJupHBCqW5xoGVJZCUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQSUlMvUlMvUlQlUlMzFjpFZypaNco24yMwIyM0EyMwIyMwIyMxMyMwJlZWZypaJypvUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJTIlJTJDJTIlpGFaZSUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJTIlJTJDJTIlZ2RjpvUlMvUmQTEyMxMyMwJaZHBlQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzymV2VQYXNmR2RjpvUlMvUmQSUlMwAyMwIyMxMyMwJwY3BuJTIlJTNBMCUlQlUlMzNwpGFDo25mZW50JTIlJTNBJTIlJTIlJTJDJTIlZG9gYWyhJTIlJTNBJTIlq3q3LaRbZW1upaymqWUhY29gJTIlJTJDJTIlq2Vvp2y0ZSUlMvUmQSUlMaq3ql5mZWgcozRiLzNioSUlMvUlQlUlMaNyY3VlZSUlMvUmQTEyMxMyMwJaZW9To3VlY2UyMwIyM0EyMwJJUCUlMvUlQlUlMzNipHBuJTIlJTNBMCUlQlUlMaV1nWQyMwIyM0EyMwI2MwU4NGU3MzQ4MwQ5JTIlJTJDJTIlYzkiY2gCpzFhZHMyMwIyM0EyNUIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0EkMDxmMDUyMxMyMwJjqWJfnXNbZXJJZCUlMvUmQTI5NTY5JTJDJTIlp2NbYWyhJTIlJTNBJTqCJTIlqzVlJTIlJTNBJTIlMS4jJTIlJTJDJTIlY29gpGkyqGUyMwIyM0EkJTJDJTIloz9xZXMyMwIyM0EyNUIyN0IyMwJup2xyMwIyM0EyMwJjpzygnXMhqGVwnCUlMvUlQlUlMaNcZCUlMvUmQSUlMwI5NTY5JTIlJTJDJTIlnHAyMwIyM0EkJTqEJTVEJTqEJTJDJTIlpzVanW9hJTIlJTNBJTIlRyIyMwIyMxMyMwJwYW1jYWyaoaMyMwIyM0EyN0IyMwI3ODMkNlUlMvUmQSU3QvUlMaRlYWNeZXIyMwIyM0EyMwJwYW1jYWyaoxZlZXFDYXAyM0QjJTI1MxYjJTI2Y2FgpGFcZ25JZCUmRDp4MmE3JTI2p3BuY2UlQWRJZCUmRDE3MDU1MmI4JTIlJTJDJTIlpHJyYzyxTaNmpEyhZGV4JTIlJTNBMCUlQlUlMaNjYWNyMxFxSWQyMwIyM0EyMwIkNmA1NTMlOCUlMvUlQlUlMzRyYWjyMwIyM0EyN0IyMwJcp1J0YxRyYWjyMwIyM0EjJTJDJTIlpaRvRGVuoEyxJTIlJTNBJTIlJTIlJTJDJTIlpaRvU2VuqEyxJTIlJTNBJTIlJTIlJTqEJTJDJTIlpaRvV1NyYXQyMwIyM0EyMwIyMwIyMxMyMwJwYW1jYWyaoxyxJTIlJTNBNmtmMTpyMxMyMwJwYW1jYWyaoyNwo3ByJTIlJTNBJTIlpHVvoGywJTIlJTJDJTIlYaV5ZXJVnWQyMwIyM0EyMwIyMwIyMxMyMwJuZFVmZXJJZCUlMvUmQTMkMDIlJTJDJTIlYzNuqCUlMvUmQSUlMvUlMvUlQlUlMzJup2VGoG9ipvUlMvUmQTIhNvUlQlUlMzV4qCUlMvUmQSU3QvUlMaBupaRhZXIyMwIyM0EyMwIkMwEyMwIyMxMyMwJlZXZTnGFlZSUlMvUmQSUlMwAhOTtyMwIyMxMyMwJjoGFwZW1yoaRJZCUlMvUmQSUlMyBlnW1cp19HZW5ypzFfX1JUQvUlMvUlQlUlMaN1pHBfnWVlX2yxJTIlJTNBJTIlNDIyMwIyN0QyMxMyMwJlZWZypzVhY2VJZCUlMvUmQTEjJTJDJTIlYzyxZzkio3IyMwIyM0EyMwIlLwYjJTIlJTqEJTqEJTJDJTIlpGFaZWNuqCUlMvUmQSU1QvUlMxyBQwEgMvUlMvU1RCUlQlUlMaBfYWNyoWVhqENuqCUlMvUmQSU1QvUlMxyBQwEgMvUlMvU1RCUlQlUlMzNioaRyoaRwYXQyMwIyM0EyNUIyMwJJQUIkLTIyMwIyNUQyN0Q%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=UTF-8
x-amz-cf-id
kCmeEkqwHIk8w0OHTasH-nPcP7Z3jERJrwVw7k1-Wa7rkTD6MfgpMA==
v1
prg.smartadserver.com/prebid/ Frame 4FD8 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 4FD8 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Thu, 14 Apr 2022 16:40:19 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
avjp
primis-d.openx.net/v/1.0/ Frame 4FD8 		106 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=491c87f9-dfab-4063-b351-bf86c75f9052&nocache=1649954419488&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C29569%2C1%2C9bff911f-339c-4376-b01a-eaac071f96b7%2C%2C&skip=1&auid=540289187&vwd=320&vht=180&aucs=adUnit_5&aumfs=2400
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 google
server
OXGW/18.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 4FD8 		37 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2215be6d047c96933%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22169c705d9e43c25%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22dfp_ad_unit_code%22%3A%22%2F109305%22%2C%22sid%22%3A%22320x180%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B320%2C180%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A320%2C%22h%22%3A180%7D%2C%22bidfloor%22%3A2.6%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2229569%22%2C%22hp%22%3A1%2C%22rid%22%3A%229bff911f-339c-4376-b01a-eaac071f96b7%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d046f89f5cd186d4c16cb06cb17c433c57e5c965b699c0bd3e4e68abc237508

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Thu, 14 Apr 2022 16:40:19 GMT
translator
hbopenbid.pubmatic.com/ Frame 4FD8 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 4FD8 		173 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.159.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-159-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
54c315c6372ea5c2de7533312be7f8f108616e57c1fa70369727bd7f9916e2c4

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
prebid
prebid.media.net/rtb/ Frame 4FD8 		1 KB
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU695QH7
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
69eb04e12a206555558a2094a5692b4e2b77b496c5b4ed77bdf1c5bf97559451

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
liveView.php
live.primis.tech/live/ 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwQ5OTU0NDE5JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY3NDx5NTIzrD0mMwAzrT0kODAzoXN0YT0kNwt4OTA3NvZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTI3MSUmQSUmQTFyJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMC4jLwQ4OTYhNmUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNTt0ZTplZDtlNDxzpaZhPSR7VyBsUyZOX01BQ1JPsSZuqHRyoXB0TXVfqGyjoGyypw0lMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQ5OTU0NDE5NDU5JaVcZD1TZWgcozRiU1BfYXyypwYlNTt0ZTpmMDZvNmxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
x-amz-cf-pop
FRA60-P1
content-type
image/gif
x-amz-cf-id
p3JWtjS7lM7WgAOAJcIVomXTv0Bm2yUS_qqd3XCFUvyRD300xyh0ag==
expires
Thu, 31 Dec 2037 23:55:55 GMT
vid61937b85e5cb9102547412_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61937b85e5cb9102547412_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.97.84 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
16a485972b3cd321d932dc162233ede72d49b937f9c9637dc5aa03fa10e09327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 09:44:36 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"9568c4fab3503610a0e3bbef2f52b007"
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 16:40:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1638
x-amz-cf-id
3RjCBDYMjpSlqU8plnTWA8199TfmXFYBBxNZo-EYBxpp73aItcTblA==
x-proxy-cache
HIT
vid6193926898337253563781_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6193926898337253563781_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.97.84 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
68ed51b373caad0b18f95fbe8802c009b09da72191fbd56a3b99a1b7ec5d992a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 735196fd5afd6302b77cda2a15be051e.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 11:36:03 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"d97bf8ee93e62418f66a96b7f1107403"
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 16:40:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3394
x-amz-cf-id
zqdVdQNYJJa7ZI37RnlGazpz_LbIrI7LWa3JL6P-e_DhA618HUF4zg==
x-proxy-cache
HIT
vid622b5a1b34b7d006784797_thumb.jpg
video.primis.tech/uploads/cn17/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn17/video/users/converted/29569/video_6192662ccd5fb839743211/vid622b5a1b34b7d006784797_thumb.jpg?cbuster=1647010044
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.97.84 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
2aa79c88552fa266ab87772ac0737e749a11b16389bb18c46aee52b465c33416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
via
1.1 70ee39257364131aeb08a57b30a5dfb4.cloudfront.net (CloudFront)
last-modified
Fri, 11 Mar 2022 14:50:28 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"ccbb1d6c86af4b293d7bcbe77b06199d"
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 16:40:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2008
x-amz-cf-id
Cd4cOuckPJlsJ6RoSauPHW-NUVRjDtk7FHrresGWpqEzgUNVWJOBCA==
x-proxy-cache
HIT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4FD8 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.95.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-95-10.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
47876
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Thu, 14 Apr 2022 05:10:39 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 89a45b9ac94fb6c6e52c37fdd89a6cb0.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
Kgg0xHkzQuNIjwnNAMH_T9Xx86JI-pmwgJGHJIRyAVFDONudsnVdjA==
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:18:49 GMT
content-encoding
gzip
age
1293
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 22:03:49 GMT
server
AmazonS3
etag
W/"ebff52074a206856b4f1993710373d93"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
zF1iqV1vdmlcMCyziplfFIKYSFBUgaVmofDI_kZuA6JVgDsiF69ung==
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=6869615&ntv_pl=1024382
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-149-116.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=833c5d7f-6485-4c80-9281-0e5cbec42ba4&ntv_fl=CF4se3gYGjAPzQcMJoAeWQqsPt2l_q8KQYbuXRZcjU_IhgnV0RT6SW9Zktn2QO7gjCIsHv-UA60U3mJvSx9Nt_2M_6zgP-85bM-1-9R-gqMjiWxv_pME_UmJKYcZI0dBJj-LLLHlZvsnNJP33NKj662i2oDcnkTUxNpnwDKvvNsCzM8iaSD3wZVfcjvH5vb3zoJcpwZLCHUuRtgl4yr2mQ==&ntv_ht=c05YYgA&ntv_at=303,302&ntv_a=AAAAAAAAAAfqEPA&ord=1649954419560&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-149-116.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=833c5d7f-6485-4c80-9281-0e5cbec42ba4&ntv_fl=CF4se3gYGjAPzQcMJoAeWQqsPt2l_q8KQYbuXRZcjU_IhgnV0RT6SW9Zktn2QO7gjCIsHv-UA60U3mJvSx9Nt_2M_6zgP-85bM-1-9R-gqMjiWxv_pME_UmJKYcZI0dBJj-LLLHlZvsnNJP33NKj662i2oDcnkTUxNpnwDKvvNsCzM8iaSD3wZVfcjvH5vb3zoJcpwZLCHUuRtgl4yr2mQ==&ntv_ht=c05YYgA&ntv_at=321,322,333&ntv_a=AAAAAAAAAAfqEPA&ntv_jlt=1429&ntv_jad=470&ntv_jte=7&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-149-116.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=54555f02-910c-4cd1-9649-56c782b13100&ntv_fl=CF4se3gYGjAPzQcMJoAeWQ4Ag_rEUY9escSf7g_EwDSabFRSXUxEQZfvcM07deQ8qRDltNU7LMmtCdaIIihkQr5tj6jgqzqByQCfKedepIP_YtTsS8PZzHUFkBNynTGmDNsWz3lW0rLD2teXlqaqQuePTrjxrasZaTi1W6gj9EWp-lqN1BQqx5sJkqjgHvwHzOu-QnGAriEpTWSTjRKT-Q==&ntv_ht=c05YYgA&ntv_at=303&ntv_a=AAAAAAAAAAhlwQA&ord=1649954419563&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-149-116.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=0c51ed4b-2f60-4d33-90ed-8898acc7dc72&ntv_fl=CF4se3gYGjAPzQcMJoAeWev-HfnNSWDD1Y73RyypuVZhNGvSiYpXE5Li9Q_klcDvrfckZ0396MxIL76vJUbefx93ni6B3tyW77VzoW2WZZBrkAN4zRhtSfMdoMBMiHkjBw2edfYbwGcKXOKBCUqXRPDp42VbO9JHHPV1FthlOCqXjByrC2crWOc3SR18dfj_bgtOZ0oqU0dr52_66MFLvA==&ntv_ht=c05YYgA&ntv_at=303&ntv_a=AAAAAAAAAAh1wQA&ord=1649954419563&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-149-116.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=30ccc450-2511-4751-a210-348fe35e0fae&ntv_fl=CF4se3gYGjAPzQcMJoAeWej5eXZ_sJQFyBOSWHNXWkJVfXMg4zXANWLmpszpRpLF4JzJYt5U7jvpbSw9_m7F_KT9ot4AL6ZeM6JCG2n6J37e0kDvTVDhsaTMENAsBVF8jKXYGXtoaUbmP6b0POIFHoRIlvXh8rfDxtQg4yLUcOxE6YOW2EcpPsSIOFXO7vy-ZBPBS6hSgHsS1QeuQVVrpw==&ntv_ht=c05YYgA&ntv_at=303&ntv_a=AAAAAAAAAAvfkQA&ord=1649954419564&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-149-116.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1024382&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.149.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-149-116.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
v2nwbFLGW6efpSA066phIidsF9cjfFhd5vbcGpOSpLusTjlHL63gRs9annKcIyn7uPYV3gSRj
superficialeyes.com/ 		209 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2nwbFLGW6efpSA066phIidsF9cjfFhd5vbcGpOSpLusTjlHL63gRs9annKcIyn7uPYV3gSRj
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4ac6c4439caf739282cc7d684fce9977766026b82201b5e6969182faaaae5e14
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Thu, 14 Apr 2022 16:40:19 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-33r1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Thu, 14 Apr 2022 16:40:18 GMT
csync
sync.console.adtarget.com.tr/ Frame 7AFB 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 14 Apr 2022 16:40:20 GMT
Etag
55d22a2325506297
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame D1E2 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 14 Apr 2022 16:40:20 GMT
Etag
55d22a2325506297
Server
VertaMedia 1.0
pbsync.html
js.adscale.de/ Frame 0BDD 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4178
cache-control
max-age=7200
content-encoding
br
content-type
text/html
date
Thu, 14 Apr 2022 15:30:42 GMT
etag
W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified
Mon, 11 Apr 2022 23:30:40 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-id
FQOywBtFOVzWVX0h---ALnTYihZPbw9RLqUCsteI-OLd3HYs8ji4Dg==
x-amz-cf-pop
FRA50-C1
x-amz-version-id
1pIl8WaTVDX0mnOmPL.2zeLKmlI5KBDl
x-cache
Hit from cloudfront
cookie
cm.adform.net/ Frame 9E49 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Thu, 14 Apr 2022 16:40:19 GMT
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 16A2 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 14 Apr 2022 16:40:20 GMT
Etag
55d22a2325506297
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame 477E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=lsITpOU6fmM06BCsd3mx&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=lsITpOU6fmM06BCsd3mx&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 14 Apr 2022 16:40:20 GMT
Etag
55d22a2325506297
Server
VertaMedia 1.0

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 14 Apr 2022 16:40:19 GMT Thu, 14 Apr 2022 16:40:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=lsITpOU6fmM06BCsd3mx&pi=admatic&tc=1
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 34C7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=154473
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 16:40:19 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 11:34:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame F8E1 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:20 GMT
Server
VertaMedia 1.0
Etag
55d22a2325506297
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame F8E1 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:20 GMT
Server
VertaMedia 1.0
Etag
55d22a2325506297
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame F8E1 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:20 GMT
Server
VertaMedia 1.0
Etag
55d22a2325506297
Content-Length
43
Content-Type
image/gif
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265475
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8048b514cf904b1e9ca7f-0062543f6f
x-amz-id-2
tx8048b514cf904b1e9ca7f-0062543f6f
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xM%2Bf9FdbUnuL0SiVjXPul28J4JQy9gmRtYnLOYNwDQJwgJik3kwg6SAoysQFJ8FYExvr2Ht5N2MQt85fKEGdEabjl48Dk5y05JNWYUzZyNx%2FybBxlZyeNMRC9LE7B8TQqv1Pzznd98jpn09c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1649687874851815
cf-ray
6fbde1f2b9e80f6a-MXP
access-control-allow-headers
Authorization
PugMaster
image6.pubmatic.com/AdServer/ Frame BB80 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5323068&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62584e72d8249%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
content-length
0
v2qlsBEy4aEYUH_Qww4Fj791MqhgLdYfPd_dEpVPrCt29mJYMJmSundj2oEWtDUxFGV5Jy7fx
superficialeyes.com/ 		416 B
452 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2qlsBEy4aEYUH_Qww4Fj791MqhgLdYfPd_dEpVPrCt29mJYMJmSundj2oEWtDUxFGV5Jy7fx
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
2ebd9240461c4d97137d8d76bd5c709cfd8772b106ea7e7267b942b85f1f95df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Thu, 14 Apr 2022 16:40:19 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-33r1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
416
uu
ih.adscale.de/ Frame 0BDD
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1649954419
  • https://ih.adscale.de/uu?cbfn=receive&t=1649954419&nut&uu=9615800b52d24f758cd3b0d020e81956
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1649954419&nut&uu=9615800b52d24f758cd3b0d020e81956
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d17758023ec2f1c6ebfde92ce70b5b5f2be2f1e1a204f3c8c1fdc1ad791f6d99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1649954419&nut&uu=9615800b52d24f758cd3b0d020e81956
date
Thu, 14 Apr 2022 16:40:19 GMT
content-length
0
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.95.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-95-10.muc50.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
197
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0QDSPXYXN0KAQ97GKSWC
date
Thu, 14 Apr 2022 16:37:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
MUC50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1atcR9iWM0pte9w7rN36keb-rQpruOrzTVwGwLZHIkK05R1dZsYA4w==
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D26da82ef-1e30-41f8-97c9-ea770adbd13d%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&callbac...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D26da82ef-1e30-41f8-97c9-ea770adbd13d%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&c...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=26da82ef-1e30-41f8-97c9-ea770adbd13d&uid=74a940f4-ef3d-43fd-b68f-a89b6f8e720b
183 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=26da82ef-1e30-41f8-97c9-ea770adbd13d&uid=74a940f4-ef3d-43fd-b68f-a89b6f8e720b
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
54.185.32.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-32-160.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
116a3e1052e7e6b064febdc1052724cd04cb0a0c6d79b5163961e32c0dbad89f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 16:40:20 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=26da82ef-1e30-41f8-97c9-ea770adbd13d&uid=74a940f4-ef3d-43fd-b68f-a89b6f8e720b
Date
Thu, 14 Apr 2022 16:40:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b3b3ca3a_312d97be_2
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b3b3ca3a_312d97be_2&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-3B3QNjZE2uEyvkUFszalAnYOxghMNy18~A
151 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-3B3QNjZE2uEyvkUFszalAnYOxghMNy18~A
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
54.185.32.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-32-160.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
69860f4656fca75fa70a40251cfdab63ccdaecff4cc12bbd7dbfd0a05d5f1bc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 16:40:20 GMT
server
nginx/1.18.0
content-length
151
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-3B3QNjZE2uEyvkUFszalAnYOxghMNy18~A
date
Thu, 14 Apr 2022 16:40:20 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
445.json
id5-sync.com/g/v2/ 		213 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.198 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p20.id5-sync.com
Software
/
Resource Hash
50ee8e5650e908b3216ef351ad576e513d91c85e417b7aeac2e1d8f72d0be427
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Thu, 14 Apr 2022 16:40:19 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.97.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-97-240.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 14 Apr 2022 16:40:20 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.5.0&cb=92645416845&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ 		593 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=399458&zone_id=2234776&size_id=2%3B15%3B15%3B10&alt_size_ids=55%3B9%3B%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=6d9cd632-512b-4d89-86ca-b9ec824c0fde%3B2d85726e-d668-4003-a904-4c85a8a45f27%3Bc7b51788-02d6-402e-a774-06dbd12ae00d%3Baf331145-0de0-48d2-a845-90ad21ff54e2&p_screen_res=1600x1200&tg_fl.eid=2234776-5%3B2234776-2%3B2234776-3%3B2234776-1&rf=https%3A%2F%2Fwww.themarysue.com%2F&x_source.pchain=proper.io%3A48cb0d23-4635-11ec-91ed-06ef03bc0096&ppuid=26da82ef-1e30-41f8-97c9-ea770adbd13d&eid_pubcid.org=26da82ef-1e30-41f8-97c9-ea770adbd13d%5E1&rp_schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&slots=4&rand=0.3469180590841332
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
65dc87cd7689d70f144e02b7be25a63fde527fc649fb7c9b7bc7be209dd18dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
593
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		313 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228a311db38ba15aa6aa75%22%3A%228a311db38ba15aa6aa75%7C728x90%7C0.1%22%2C%22209775575b35341aca88%22%3A%22209775575b35341aca88%7C160x600%7C0.1%22%2C%22c2cb660426b08c6c338d%22%3A%22c2cb660426b08c6c338d%7C300x250%7C0.1%22%2C%22c79143fd09a5a4fe39d1%22%3A%22c79143fd09a5a4fe39d1%7C300x250%7C0.1%22%2C%22de684bf25025721a84ef%22%3A%22de684bf25025721a84ef%7C300x600%7C0.1%22%7D&ref=https%3A%2F%2Fwww.themarysue.com%2F&s=35fdae28-6431-4612-8589-e1336cab236e&pv=ed6d2608-f2c3-4365-bd49-15900baaf9b7&vp=desktop&lib_name=prebid&lib_v=6.5.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%2226da82ef-1e30-41f8-97c9-ea770adbd13d%22%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D&gdpr=false
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
e167c7ffcb2c6c5608dcfaaec5a27ea748d74bec805bc0b31d36a2acca5ca32d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:20 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
259
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		58 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=756014&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223795c5a6-4c72-4a04-a839-7b262b83e41f%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-K9mgv%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-K9mgv%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22160x600-1-8vqQt%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-8vqQt%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x250-1-koJhW%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-koJhW%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-mI8BJ%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-mI8BJ%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-ikiJi%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-ikiJi%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5692ca54709408ab24a398860591fbeac564e4421bf9ac93e871ef796b7075d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
58
x-ak-client-geo
12
expires
Thu, 14 Apr 2022 16:40:20 GMT
bid-request
a.teads.tv/hb/ 		16 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:20 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 14 Apr 2022 16:40:20 GMT
hb
ssc.33across.com/api/v1/ 		87 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
de583452ac6167bae7e07c5c42042ac3aa0f000d26772cb7564d8f5ff2edd7c8

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
82e6888616009964f8f425e138c1c6413ca44f0cb8a04ec5c1291b042b73c6c5

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
429edfb4dfac7953a319b12a4136332ef0c5fc26bd49feeb78df0f1a8a5eaf68

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
107b02a6a6c6b1b0c7e003b59a9cde4b57f5da12b6c3566056ea9cff8b226a51

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
prebid.media.net/rtb/ 		1 KB
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44865de994df4b713f1613e9b0c14e821220f2b9468e5c8c373ecbb7b7e83958

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1649954419943
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.80.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-80-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3cbeb1e5978920a40cadf4ebd8c6b99ac34aeccd49a255273099543cecc1f3e9

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Thu, 14 Apr 2022 16:40:20 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
0
bid
ap.lijit.com/rtb/ 		115 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.5.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
c053204c23eb422ccce30c97973733ffc4f8406ff9fb0433389693ff9fc98194

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 14 Apr 2022 16:40:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
111
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1649954419944&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F&measurable=true&property=61aea1e3e80a27001e1bcc49&bids[0][bidId]=themarysue_728x90-1&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[1][bidId]=themarysue_160x600-1&bids[1][sizes][0][width]=160&bids[1][sizes][0][height]=600&bids[2][bidId]=themarysue_300x250-1&bids[2][sizes][0][width]=300&bids[2][sizes][0][height]=250&bids[3][bidId]=themarysue_300x250-2&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[4][bidId]=themarysue_300x600-1&bids[4][sizes][0][width]=300&bids[4][sizes][0][height]=600&foo
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.150.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-150-112.compute-1.amazonaws.com
Software
/ Express
Resource Hash
7a2bae68748f843f31d9b0ddc9794fc8371b2a185772425893c4b32cc723eb31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:20 GMT
x-powered-by
Express
etag
W/"38-WI9ZfzgCd/SgBtMnSH98fmwIpWM"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
auction
tlx.3lift.com/header/ 		19 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.5.0&referrer=https%3A%2F%2Fwww.themarysue.com%2F&tmax=550&gdpr=false
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:20 GMT
accept-ch
sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.118.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-118-27.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Thu, 14 Apr 2022 16:40:20 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.118.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-118-27.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Thu, 14 Apr 2022 16:40:20 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		480 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1592fc21d8e2dd7746f8015467647f6c565c9e7a5ffb5c82bb0d41ec4480b2e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:20 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4854fc3d-fdcc-44a2-8845-2b61a9b59021
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
480
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
propermedia-d.openx.net/w/1.0/ 		73 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=300x600%7C160x600%2C300x250%7C300x250%7C728x90%2C970x90&auid=551036772%2C551036773%2C551036774%2C551036776&aumfs=100%2C100%2C100%2C100&dddid=a315eddb-e6d5-443d-a9fb-5a32addd14a1%2Cdb316104-19eb-4d02-b9ca-00c458672eb9%2Cf7cbba15-d236-44bb-ade2-2b4bc7f2b8ac%2Cd87909a8-b21e-4ab3-9ee7-939cfcd12670&divIds=openx-a7c51611-4a09-49dd-9c59-d09f5ffb7a3f%2Copenx-97a6bfa4-483f-4b22-857e-e8933d00eb35%2Copenx-b16a9179-6f4c-4e8e-932b-c57775dbab2f%2Copenx-1e6f1468-9213-40e5-bd36-a5bbd8e71d54&be=1&bc=hb_pb_3.0.1&nocache=1649954419947&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&x_gdpr_f=1&_pubcid=26da82ef-1e30-41f8-97c9-ea770adbd13d
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
a0bc5488e7a8f89bf3e5ebebec3cde05d38c9d070a716195be795fca11cb0f10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/243908/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/243908/0/mvo?z=1r&hbv=6.5,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Thu, 14 Apr 2022 16:40:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.95.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-95-10.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
47877
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Thu, 14 Apr 2022 05:10:39 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 89a45b9ac94fb6c6e52c37fdd89a6cb0.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
qVXiA2mqXXPkgSHfqs8npMXzEPeuswdRpXkqaz0q0iAYKV35gVBrfg==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.themarysue.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.95.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-95-10.muc50.r.cloudfront.net
Software
Server /
Resource Hash
2e95bcc1d51302added6bad654c12c789b25780c0d03b1e7e54aac653a66a55b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:47:41 GMT
via
1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
server
Server
age
21158
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
MUC50-C1
content-length
1405
x-amz-cf-id
Y42zff4mR9qURzASGXHhHK0_BtuJXxYl79ZkauCDXJEiQHEXnIXGSw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.themarysue.com%2F&pid=d3u12CFBTfYrU&cb=0&ws=1600x1200&v=7.75.0&t=550&slots=%5B%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.95.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-95-10.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
via
1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
x-amz-rid
3MV1M79J7FHEZA6NA1D4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
no_v83Etue7zGD2X5EPuK8xyP7r0aWwvb3vryTiFIcnhJR20Gl8C1A==
ConsentManager
superficialeyes.com/v2bdsjrMC3Nli8ADKO6TVza2f48f5G48L2s6lUX7GaouB6j_mYcFze8tiYWJO0qD6Oajw0cs/ 		247 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2bdsjrMC3Nli8ADKO6TVza2f48f5G48L2s6lUX7GaouB6j_mYcFze8tiYWJO0qD6Oajw0cs/ConsentManager
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d54fa435475eaebc9e76f7bfb2b8457c9fb6a616e7d99da01290a6525e071bb8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"ff737788e95e8ae6604638c9a9be4b281b88bfee76ff7dd3b5d1c43b3180984d"
vary
Accept-Encoding, Accept-Language, Origin
x-hostname
fen-hoothoot-europe-west1-spot-33r1
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Thu, 14 Apr 2022 16:40:20 GMT
userconnect.js
js.adscale.de/ Frame 0BDD 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
06Ya1L8LMIS7FH2RSSsppJ4X7ceUNMc4
content-encoding
br
last-modified
Mon, 11 Apr 2022 23:30:40 GMT
server
AmazonS3
age
4179
etag
W/"988fbfb6c270a6080f89deb043243858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Thu, 14 Apr 2022 15:30:42 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
aGKvfryjZA4yy3L7d65XZed-4pQQWoUENwAPX1XgLFSaOVSgliK6uw==
csync
sync.console.adtarget.com.tr/ Frame 0BDD 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=9615800b52d24f758cd3b0d020e81956
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:20 GMT
Server
VertaMedia 1.0
Etag
1d23df33a6eac8f9
Content-Length
0
userconnect
ih.adscale.de/ Frame 0BDD 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1649954420037&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
content-length
149
content-type
application/javascript
ats.js
ats.rlcdn.com/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-49.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
30896
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Thu, 14 Apr 2022 08:05:25 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
0XBvTdpFMgOR7SznFkiUY3qQ-JBGg5qXZ8U7Nau4IjwUxsBqm9HZGA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Thu, 14 Apr 2022 16:55:20 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Thu, 14 Apr 2022 16:06:19 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
254805730
map
ih.adscale.de/ Frame C562 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3d0361b3378fbfa7ed364ba8d9e33b16671db022a1d8088f6e1017b098763815

Request headers

Referer
https://js.adscale.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2604
content-type
text/html;charset=ISO-8859-1
date
Thu, 14 Apr 2022 16:40:20 GMT
css2
fonts.googleapis.com/ 		7 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2bdsjrMC3Nli8ADKO6TVza2f48f5G48L2s6lUX7GaouB6j_mYcFze8tiYWJO0qD6Oajw0cs/ConsentManager
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 16:03:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 14 Apr 2022 16:40:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Apr 2022 16:40:20 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 18:02:08 GMT
x-content-type-options
nosniff
age
81492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37716
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:42:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Apr 2023 18:02:08 GMT
match.js
js.adscale.de/ Frame C562 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
SU5WannzpVRoLR2fGfiKEqsZul08uXNT
content-encoding
br
last-modified
Mon, 11 Apr 2022 23:30:40 GMT
server
AmazonS3
age
4179
etag
W/"ff7cce9128150bd82f1a709c03692e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Thu, 14 Apr 2022 15:30:42 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_-SK59sEF5A8Hp0mkMKVhJSmVrTq1Y6vi7DMd5YfheY_FA3quLizrg==
/
geo.privacymanager.io/ 		28 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-116.fra2.r.cloudfront.net
Software
/
Resource Hash
966ff8715b63c44478f0c4aef3bb6d16a36d1076fb1fa547b8eb6c0764250f16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 22:18:50 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront), 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
age
66090
x-amzn-requestid
aedec983-bb82-4d9c-90b6-1f808a4333b1
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62574c4a-42a9e88c517a34190026d774;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
QijbsH1ZjoEFk7g=
content-length
28
x-amz-cf-id
Cjs0mqQ7JVExMKWhXynZdRRZL1na7YFO7QwOYMAAI5lJCMcPYqM34w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
v2nwbFLGW6efpSA066phIidsF9cjfFhd5vbcGpOSpLusTjlHL63gRs9annKcIyn7uPYV3gSRj
superficialeyes.com/ 		254 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2nwbFLGW6efpSA066phIidsF9cjfFhd5vbcGpOSpLusTjlHL63gRs9annKcIyn7uPYV3gSRj
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
14963db49c411d658e069f08d49faf8dc3e459646e28391fc82ccdcbdbe8d277
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Thu, 14 Apr 2022 16:40:20 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-33r1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
254
expires
Thu, 14 Apr 2022 16:40:19 GMT
img
ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/ Frame C562
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=9615800b52d24f758cd3b0d020e81956&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=101&tpuid=BBID-01-03246684204303323-16576632
49 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=101&tpuid=BBID-01-03246684204303323-16576632
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 14 Apr 2022 16:40:20 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=101&tpuid=BBID-01-03246684204303323-16576632
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame C562
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=89612b899f49cbe8c57f5dfbe...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlhOc5NwqB5u1-gAwwcIjQAA%261170
49 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlhOc5NwqB5u1-gAwwcIjQAA%261170
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlhOc5NwqB5u1-gAwwcIjQAA%261170
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Thu, 14 Apr 2022 16:40:20 GMT
s2s
eb.proper.io/ 		373 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1517be12d83a9b0c9ceeb4a4269e2f319eae4f2e9adaf524d9948e8a5b06e190

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:20 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:380
cf-ray
6fbde1f87e3c5995-MXP
expires
-1
img
ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/ Frame C562
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=01e540ab8db6f133cc4e9dddd0267898aae50919a382c6f3c84afd8489e0d6d2&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a96...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=01e540ab8db6f133cc4e9dddd0267898aae50919a382c6f3c84afd8489e0d6d2&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cb...
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=42&gdpr=0&tpuid=5788521397227936872
49 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=42&gdpr=0&tpuid=5788521397227936872
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:20 GMT
server
nginx
location
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=42&gdpr=0&tpuid=5788521397227936872
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame C562
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a2d1a66b-02f6-4043-9bf4-07750f41ceac&gdpr=0
49 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a2d1a66b-02f6-4043-9bf4-07750f41ceac&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:20 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:19 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a2d1a66b-02f6-4043-9bf4-07750f41ceac&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1936304
content-length
0
expires
Thu, 14 Apr 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame C562
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=a54322485019a848b85ac393...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=98236258-4e75-4a00-89e2-cc9ff584fd40&gdpr=0&gdpr_consent=
49 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=98236258-4e75-4a00-89e2-cc9ff584fd40&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 14 Apr 2022 16:40:21 GMT
Server
MT3 4335 2c68c00 master pao-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=98236258-4e75-4a00-89e2-cc9ff584fd40&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 14 Apr 2022 16:40:20 GMT
liveView.php
live.primis.tech/live/ 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY0OTx1NDQkOSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTI3MSUmQSUmQTFyJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMC4jLwQ4OTYhNmUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNTt0ZTplZDtlNDxzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0OTx1NDQlMTMmOSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwU4NGU3MmA2Ywp5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:20 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=UTF-8
x-amz-cf-id
yDJYIwfb0Mn7H3QYPs1oKjZzldDgTj0mDwSCvwuKAl0kkBKBnkeY7g==
img
ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/ Frame C562
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=fe1df651402668b64679aa715d67f46af9f4ffdde6f46d9173b6d96c2442d39e&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd3...
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm=&google_sc=&uid=fe1df651402668b64679aa715d67f46af9f4ffdde6f46d9173b6d96c2442d39e&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc...
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?uid=fe1df651402668b64679aa715d67f46af9f4ffdde6f46d9173b6d96c2442d39e&tpid=38&gdpr=0&tpuid=CAESEBCEckrnlob_BVdSB8gVDzI...
49 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?uid=fe1df651402668b64679aa715d67f46af9f4ffdde6f46d9173b6d96c2442d39e&tpid=38&gdpr=0&tpuid=CAESEBCEckrnlob_BVdSB8gVDzI&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?uid=fe1df651402668b64679aa715d67f46af9f4ffdde6f46d9173b6d96c2442d39e&tpid=38&gdpr=0&tpuid=CAESEBCEckrnlob_BVdSB8gVDzI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/ Frame C562
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb271410cba0a967962f47cf5%2F1649954420060%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=75&tpuid=2107558715953330671&gdpr=0
49 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=75&tpuid=2107558715953330671&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:21 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b518323b-654b-46f0-9b03-1390ffc75a5b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/img?tpid=75&tpuid=2107558715953330671&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
js
ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/ Frame C562
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5bd278636b3d0a5d792c2872b639c83fdc228758e7eb5e0c214092a2900160a9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb27141...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5bd278636b3d0a5d792c2872b639c83fdc228758e7eb5e0c214092a2900160a9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fcd33889eb27141...
  • https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/js?tpid=48&tpuid=b59f7f89bed3cceedf4508cd6d252b40
44 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/js?tpid=48&tpuid=b59f7f89bed3cceedf4508cd6d252b40
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
da92c61b6fc6b7eeab40a32ac363a3fe29fa805496cd02eb2922ebe13053db7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:21 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Thu, 14 Apr 2022 16:40:21 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/cd33889eb271410cba0a967962f47cf5/1649954420060/0/js?tpid=48&tpuid=b59f7f89bed3cceedf4508cd6d252b40
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
sium
ih.adscale.de/ Frame C562 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Thu, 14 Apr 2022 16:40:21 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themarysue.com%2F&domain=www.themarysue.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Apr 2022 16:40:22 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1401
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 4FD8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themarysue.com%2F&domain=www.themarysue.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=WPPeJ3wrQlVHYndabE9icC9RaTFxOVZFY3NTL2ZxRzdrZVNvRFp6QjltSVRSanVjb2Z1cGd4anNRUWY2RjNzMHZzbVQ2WnRuYnRiTVhGT3VNcmMzeXg3L1RyczNzNkd3L21aaGlNdTV1TGQxMm45SWNTMW05Y1RZKy9vSF...
451 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WPPeJ3wrQlVHYndabE9icC9RaTFxOVZFY3NTL2ZxRzdrZVNvRFp6QjltSVRSanVjb2Z1cGd4anNRUWY2RjNzMHZzbVQ2WnRuYnRiTVhGT3VNcmMzeXg3L1RyczNzNkd3L21aaGlNdTV1TGQxMm45SWNTMW05Y1RZKy9vSFoxaHJWVWtOSkZqT2QwN2xOMGY5SjZlK25tQndoWU1iZ1lNRjVWMG9ELzdWT0lsYmpaRnNQd2svSmdhVHlDL2cybU9QMVh5VXVvRHJjTksybXNsNFozMjFhTkk0U081Ujh5ajlqOStocmNoU016VU9BTXhaVmdYRUxnR3Eya1AreFRnakVla2hQYzA3dEtaek1lTlVvNUNmcWhkRWs4Zz09fA&cppv=2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3c74570e0c7c5f9ee130ada3fb7de82f10d1525cd59d272bfe41ee987a3c0129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:22 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3428
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:23 GMT
location
https://mug.criteo.com/sid?cpp=WPPeJ3wrQlVHYndabE9icC9RaTFxOVZFY3NTL2ZxRzdrZVNvRFp6QjltSVRSanVjb2Z1cGd4anNRUWY2RjNzMHZzbVQ2WnRuYnRiTVhGT3VNcmMzeXg3L1RyczNzNkd3L21aaGlNdTV1TGQxMm45SWNTMW05Y1RZKy9vSFoxaHJWVWtOSkZqT2QwN2xOMGY5SjZlK25tQndoWU1iZ1lNRjVWMG9ELzdWT0lsYmpaRnNQd2svSmdhVHlDL2cybU9QMVh5VXVvRHJjTksybXNsNFozMjFhTkk0U081Ujh5ajlqOStocmNoU016VU9BTXhaVmdYRUxnR3Eya1AreFRnakVla2hQYzA3dEtaek1lTlVvNUNmcWhkRWs4Zz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2035
content-length
541
expires
0
212.json
id5-sync.com/g/v2/ Frame 4FD8 		213 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.198 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p20.id5-sync.com
Software
/
Resource Hash
1e1ea4c16ab4ea2245466aeafbd6fa62c0e67fc991b5918a6d36cd024efb1b41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Thu, 14 Apr 2022 16:40:22 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 4FD8 		63 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e1153189420fadb5c0ef5add67ad67f57cbc50c24a247d5e7ca03141a4ec017a

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:23 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache
x-server
10.45.17.99
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame 4FD8 		109 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
c8e7b87e1f97f34916d53d4e0c69d68dd056df401debdc252678e973641567e2

Request headers

Referer
https://www.themarysue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 16:40:23 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 14 May 2022 16:40:23 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 1842 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 16:40:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A200 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=154469
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 16:40:23 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 11:34:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 03F7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 16:40:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 62C4 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2012%2C2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C2027%2C159%2C2026%2C2025%2C117%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C2043%2C201%2C4%2C126%2C203%2C2037%2C226%2C10000%2C80%2C108%2C9%2C109%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b8d7f8d2eed27061b0191e06014963cbba5e220431f8a0e53759fcc4c80d5f25
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=68415
content-encoding
gzip
content-length
8227
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 16:40:23 GMT
expires
Fri, 15 Apr 2022 11:40:38 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 24F5 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 14 Apr 2022 16:40:23 GMT
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
bridge
cm.adgrx.com/ Frame 4FD8
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d34e91afff41c9c8f4c366a2e694ad5&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2c9b_7086500286676505089
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZDM0ZTkxYWZmZjQxYzljOGY0YzM2NmEyZTY5NGFkNQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEL8DdygzvjZAr9OEyq20YG4&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0938438a-244b-4b82-9b46-d75344fd2142
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAIO3U7EsJ0AADiSOhOwkQ&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/d34e91afff41c9c8f4c366a2e694ad5?gdpr=0&gdpr_consent=&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-IQO7Cy1E2oM3jC_4_of5Oq.SU58aH8e2A_Hv3k2d~A
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=9IANxLeV1NF2w85
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
72.251.241.204 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:24 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:24 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1649954424653073-559
Expires
Thu, 14 Apr 2022 16:40:24 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A200 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56474221&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:23 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 03F7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9130bafafbeee56d02271fdd5a7db6f2e15e839f8b64faad15a08610a93d7119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 16:40:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66725
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Fri, 15 Apr 2022 11:12:28 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WPPeJ3wrQlVHYndabE9icC9RaTFxOVZFY3NTL2ZxRzdrZVNvRFp6QjltSVRSanVjb2Z1cGd4anNRUWY2RjNzMHZzbVQ2WnRuYnRiTVhGT3VNcmMzeXg3L1RyczNzNkd3L21aaGlNdTV1TGQxMm45SWNTMW05Y1RZKy9vSFoxaHJWVWtOSkZqT2QwN2xOMGY5SjZlK25tQndoWU1iZ1lNRjVWMG9ELzdWT0lsYmpaRnNQd2svSmdhVHlDL2cybU9QMVh5VXVvRHJjTksybXNsNFozMjFhTkk0U081Ujh5ajlqOStocmNoU016VU9BTXhaVmdYRUxnR3Eya1AreFRnakVla2hQYzA3dEtaek1lTlVvNUNmcWhkRWs4Zz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Apr 2022 16:40:23 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1071
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame 03F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEGyE6MBS19-3ok4zkHTZ5yE&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEGyE6MBS19-3ok4zkHTZ5yE&google_cver=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEGyE6MBS19-3ok4zkHTZ5yE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 03F7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1Z89EEV-1U-AEDY&gdpr=1&us_privacy=1---
0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1Z89EEV-1U-AEDY&gdpr=1&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:23 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 82C4BD0EBCA248EE801C94702B5FE063 Ref B: FRAEDGE0718 Ref C: 2022-04-14T16:40:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXcn/NTvUbzVA1i2c6Tew==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1Z89EEV-1U-AEDY&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 03F7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 03F7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODdjZTRkM2M1NTQxM2FjMDE0N2I3NmQ3ZjQ5MjNlMDMwNDJhZTA5Mg&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODdjZTRkM2M1NTQxM2FjMDE0N2I3NmQ3ZjQ5MjNlMDMwNDJhZTA5Mg&gdpr=1&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODdjZTRkM2M1NTQxM2FjMDE0N2I3NmQ3ZjQ5MjNlMDMwNDJhZTA5Mg&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 03F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
v1
ads.yahoo.com/cms/ Frame 03F7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1Z89EEV-1U-AEDY&sigv=1&esig=2~56314b923c34e6886794e6fd130073f90c639668&gdpr=1&us_privacy=1---
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1Z89EEV-1U-AEDY&sigv=1&esig=2~56314b923c34e6886794e6fd130073f90c639668&gdpr=1&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:40:23 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1Z89EEV-1U-AEDY&sigv=1&esig=2~56314b923c34e6886794e6fd130073f90c639668&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 03F7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFaODlFRVYtMVUtQUVEWQ==&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFaODlFRVYtMVUtQUVEWQ==&gdpr=1&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 16:40:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFaODlFRVYtMVUtQUVEWQ==&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame 03F7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:24 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NQEEFYH1GJJDY7ZSY888
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 16:40:24 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KFYWKCYJZXH430FWF89M
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| phpProps object| Cookies function| admiral object| googletag function| __tcfapi function| __uspapi object| special_ops object| propertag object| _comscore function| gtag object| dataLayer object| GlobalSnowplowNamespace function| snowplow boolean| haveWeGotAds undefined| $ function| jQuery function| powerpress_pinw function| documentInitOneSignal function| OneSignal object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent150 string| disqus_shortname object| countVars object| themeMyLogin number| lazyEmbedsYMargin number| lazyEmbedsTimeout object| aax function| 4dm1r11545242527 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI string| google_user_agent_client_hint object| FB object| gaplugins object| gaGlobal object| gaData object| properSpecialOps boolean| payload_loaded function| convertToGeoRiotLinks function| extractItunesLinkFromAffiliateUrl function| getLinkType object| Georiot object| Genius object| DISQUSWIDGETS undefined| disqus_domain undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| google_sa_impl object| googleToken object| googleIMState object| COMSCORE function| udm_ object| ns_p boolean| sekindoFlowingPlayerOn object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properSpaNewSection function| properSpaNewPageView function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device object| amazon_crid_map object| ADAGIO string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId number| alias_accountId number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| webVitals function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| freewheelssp_cache object| sas object| apntag object| _ADAGIO string| proper_ad_page_uuid object| apstag object| link1 object| link2 function| proper_482ddfbd_1703a82f_1 function| proper_b3b3ca3a_312d97be_2 number| proper_rps string| proper_ad_session_uuid string| x string| placementId boolean| apstagLOADED object| admrlWpJsonP object| ID5 object| ats object| PublisherCommonId

89 Cookies

Domain/Path Name / Value
www.themarysue.com/ Name: pmpro_visit
Value: 1
www.themarysue.com/ Name: _sp_ses.8cf7
Value: *
www.themarysue.com/ Name: _sp_id.8cf7
Value: e8f460df-4a39-4b4d-ba32-d5cf87804c39.1649954419.1.1649954419.1649954419.a5881557-f95d-44e0-9e99-a2507aaad7f4
.themarysue.com/ Name: _ga
Value: GA1.2.1819658357.1649954419
.themarysue.com/ Name: _gid
Value: GA1.2.1338656727.1649954419
.themarysue.com/ Name: _gat_gtag_UA_21433528_1
Value: 1
www.themarysue.com/ Name: usprivacy
Value: 1---
www.themarysue.com/ Name: ntv_as_us_privacy
Value: 1---
.scorecardresearch.com/ Name: UID
Value: 145f600a8f9a03d7a5077c21649954419
.themarysue.com/ Name: _sp_cookie
Value: 09be79da-befd-4b18-b549-24dfd3b660d7
.3lift.com/ Name: tluid
Value: 1270494800398790191600
.adnxs.com/ Name: uuid2
Value: 2107558715953330671
.spotxchange.com/ Name: audience
Value: 921b832e-bc11-11ec-820d-14684a3a0206
.postrelease.com/ Name: opt_out
Value: 1
.casalemedia.com/ Name: CMID
Value: YlhOc5NwqB5u1-gAwwcIjQAA
.casalemedia.com/ Name: CMPS
Value: 3165
www.themarysue.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.themarysue.com/ Name: ntvSession
Value: {"id":6869615,"placementID":1024382,"lastInteraction":1649954419559,"sessionStart":1649954419559,"sessionEndDate":1649980800000,"experiment":""}
.casalemedia.com/ Name: CMPRO
Value: 1170
.tremorhub.com/ Name: tvid
Value: 94afd92d224a4ca7b21bba90e3688375
ads.stickyadstv.com/ Name: UID
Value: d34e91afff41c9c8f4c366a2e694ad5
.creativecdn.com/ Name: u
Value: lsITpOU6fmM06BCsd3mx
.creativecdn.com/ Name: ts
Value: 1649954419
.bidswitch.net/ Name: tuuid
Value: 74a940f4-ef3d-43fd-b68f-a89b6f8e720b
.bidswitch.net/ Name: c
Value: 1649954419
.adscale.de/ Name: uu
Value: 9615800b52d24f758cd3b0d020e81956
.yahoo.com/ Name: A3
Value: d=AQABBHROWGICEBAFdzugqtoiyG0O_OXVehMFEgEBAQGfWWJiYgAAAAAA_eMAAA&S=AQAAAj1OGOdaUuw78E_Xn2XKaaw
.bidswitch.net/ Name: tuuid_lu
Value: 1649954420
.analytics.yahoo.com/ Name: IDSYNC
Value: 190z~24bs
.go.sonobi.com/ Name: __uis
Value: 9751f15b-3c0d-495e-98be-3f1cc0dc115e
.go.sonobi.com/ Name: _usd_themarysue.com
Value: ed6d2608-f2c3-4365-bd49-15900baaf9b7
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s57128|YlhOd
.rubiconproject.com/ Name: khaos
Value: L1Z89EEV-1U-AEDY
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1yNASKs+M4+fsKGGM1eolu5vVtDhgOVUO/zJBpTbUTS75uZ65PLoXi8RC8RNaBDGObcmHjLEjsw2jYHTlS9mMvAcQTyO0PAjnQD5U7tEfUTQ==
.adnxs.com/ Name: icu
Value: ChgIh758EAoYASABKAEw9JzhkgY4AUABSAEQ9JzhkgYYAA..
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: 8cba9c39029d49fad30accf8
.themarysue.com/ Name: _awl
Value: 2.1649954420.0.5-933f9ca9d516a115cfd84e62e8b1038f-6763652d6575726f70652d7765737431-0
.themarysue.com/ Name: _admrla
Value: 2.0-933f9ca9-d516-a115-cfd8-4e62e8b1038f
www.themarysue.com/ Name: _lr_geo_location
Value: RO
.justpremium.com/ Name: jpxumaster
Value: r-7d098aca-a6b2-4703-af22-be095aa127dc-22194-666251127
.justpremium.com/ Name: jpxsession
Value: r-63ccc2e1-bc6e-4f90-af09-fae120652198-22194-666290121
.justpremium.com/ Name: jpxuuid
Value: r-87e6d511-92af-4685-82a1-baec03ea5960-22194-666313823
.ibillboard.com/ Name: ibbid
Value: BBID-01-03246684204303323-16576632
.proper.io/ Name: mediagrid
Value: 74a940f4-ef3d-43fd-b68f-a89b6f8e720b
.proper.io/ Name: verizon_media
Value: y-3B3QNjZE2uEyvkUFszalAnYOxghMNy18~A
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550070
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307080
Value: lsITpOU6fmM06BCsd3mx
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550214
Value: ${USER_ID}
.casalemedia.com/ Name: CMST
Value: YlhOc2JYTnQA
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5788521397227936872
.criteo.com/ Name: uid
Value: a2d1a66b-02f6-4043-9bf4-07750f41ceac
.console.adtarget.com.tr/ Name: vmuid
Value: 1d23df33a6eac8f9
.console.adtarget.com.tr/ Name: a307565
Value: 9615800b52d24f758cd3b0d020e81956
.proper.io/ Name: __cf_bm
Value: kY55gmYeptzkV4dDjXsicRzeBd0LFY2rp_foALXnFxQ-1649954418-0-AXsN7JTcFjGWbGAQsw7m5b6FVFsmRCN%2F%2FJmXkAzUNz%2FchjWGBBElfUhc3OAZ0%2F04ogGaSQhdBV3lL5%2FubAtr5IGvycXWiLQwwnVGYCYceSOW
.themarysue.com/ Name: properSessionData
Value: eyJ1dWlkIjoiODkwNDhiZmQtOTViYi00ZWE5LWI3NjAtYzVlMzE1N2MwOTFhIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwiaW5kZXgiOjEsIm9wZW54IjoxLCJzb3ZybiI6MSwidGVhZHMiOjEsImNyaXRlbyI6MSwibWFudGlzIjoxLCJzb25vYmkiOjEsInJ1Ymljb24iOjEsImFwcG5leHVzIjoxLCJtZWRpYW5ldCI6MSwicHVibWF0aWMiOjEsImFkeW91bGlrZSI6MSwicmh5dGhtb25lIjoxLCJ0cmlwbGVsaWZ0IjoxLCJqdXN0cHJlbWl1bSI6MSwic2hhcmV0aHJvdWdoIjoxLCJ0aGlydHl0aHJlZWFjcm9zcyI6MSwibWVkaWFncmlkX3MycyI6MSwidmVyaXpvbl9tZWRpYV9zMnMiOjF9LCJsYXN0X3RocmVzaG9sZCI6MH0=
.mathtag.com/ Name: uuid
Value: 98236258-4e75-4a00-89e2-cc9ff584fd40
.doubleclick.net/ Name: IDE
Value: AHWqTUlSitEZjOQ4MuMIQWNxskUHgwy1450cIa1vM7Tq0HP7k5c_Un6v054lBseJ5Dw
.adscale.de/ Name: cct
Value: 1649954421649
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1649954421821
.m6r.eu/ Name: id
Value: b59f7f89bed3cceedf4508cd6d252b40
.ih.adscale.de/ Name: tu
Value: 4#256887587#48~b59f7f89bed3cceedf4508cd6d252b40~458320~0~0#101~BBID-01-03246684204303323-16576632~458320~0~0#38~CAESEBCEckrnlob_BVdSB8gVDzI~458320~0~0#39~98236258-4e75-4a00-89e2-cc9ff584fd40~458320~0~0#40~a2d1a66b-02f6-4043-9bf4-07750f41ceac~458320~0~0#42~5788521397227936872~458320~0~0#75~2107558715953330671~458320~0~0#63~YlhOc5NwqB5u1-gAwwcIjQAA&1170~458320~0~0
.ads.pubmatic.com/ Name: KCCH
Value: YES
ads.stickyadstv.com/ Name: sessionId
Value: 152f672d554e6a982db6c06c1189afd8
.adsrvr.org/ Name: TDID
Value: 0938438a-244b-4b82-9b46-d75344fd2142
www.themarysue.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%220938438a-244b-4b82-9b46-d75344fd2142%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-14T16%3A40%3A23%22%7D
www.themarysue.com/ Name: pbjs-unifiedid_last
Value: Thu%2C%2014%20Apr%202022%2016%3A40%3A23%20GMT
.themarysue.com/ Name: panoramaId_expiry
Value: 1650040823568
www.themarysue.com/ Name: cto_bundle
Value: mPHw1V9IeEtjM3lsYVY4U0lpd1V5c3daQzJpeWU5RUhtaTlMOFdmalk0MnlRWm9lWVN2NGVzckhHdG0lMkZ1azVmNHUlMkJya3VlUU9QaHljdUIlMkIlMkJIZkdvYXBDR3IlMkJDcEd1Rm5PZjVxYkkwVWFZMlJpZk5BZkFORkJ5SWV0VFBxS2d1ZG5uMjRlUmxMRW1QaGluZWVHd2d5biUyRkpmZGclM0QlM0Q
www.themarysue.com/ Name: cto_bidid
Value: Bulw7l9wYUNteSUyRk1IeXZQUEpmJTJGWTclMkZQMFRlNUVRTTBYVHVpVUlDJTJGVFEyeDFqb1U3SEtyMzd6Q1hiYUJ3czc4Y045JTJGbUNnYVZmRzdkTGxVdSUyRmxwZng4TU5EcnRFZ1dFNFFKOWxMWWg2a0I5JTJCQzl3S21WRzVQNlBXbTRtdzNPc1VhOWtI
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&a63e5e11-6543-4468-87b2-b279a069e829"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDk5NTQ0MjM7MjswMjHD5AyLlPG8VsOAnh86ir6Afkc3bHZB3j49Z07tRV6Qcg==
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2679:u=1:x=1:i=1649954423:t=1650040823:v=2:sig=AQFnvcS1Sfu0KdNKDVqjoATWn7KWDYq7"
.fwmrm.net/ Name: _uid
Value: "l2c9b_7086500286676505089"
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l2c9b_7086500286676505089
ads.stickyadstv.com/ Name: MRM_UID
Value: l2c9b_7086500286676505089
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEL8DdygzvjZAr9OEyq20YG4
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwi6hK3EhpDPOhAFOAFaCXN0aWNreWFkc2AC
ads.stickyadstv.com/ Name: uid-bp-892
Value: 0938438a-244b-4b82-9b46-d75344fd2142
.bidr.io/ Name: bito
Value: AAIO3U7EsJ0AADiSOhOwkQ
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAIO3U7EsJ0AADiSOhOwkQ

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
60687.publishers.tremorhub.com
a.teads.tv
abcheck.proper.io
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
adscale-emea.adnxs.com
adx.adform.net
ap.lijit.com
apex.go.sonobi.com
ats.rlcdn.com
bbnaut.ibillboard.com
bidder.criteo.com
bids.proper.io
btlr.sharethrough.com
c.aaxads.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn.id5-sync.com
cdn.onesignal.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
creativecdn.com
csync.loopme.me
dis.criteo.com
disqus.com
eb.proper.io
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geniuslinkcdn.com
geo.privacymanager.io
global.proper.io
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
ih.adscale.de
image6.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
js.adscale.de
l3.aaxads.com
live.primis.tech
mantodea.mantisadnetwork.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
onesignal.com
p.skimresources.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid-server.rubiconproject.com
prebid.media.net
prg.smartadserver.com
primis-d.openx.net
propermedia-d.openx.net
px.ads.linkedin.com
r.skimresources.com
rules.quantcount.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.ntv.io
s.skimresources.com
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
spc.themarysue.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
superficialeyes.com
sync.console.adtarget.com.tr
sync.mathtag.com
sync.search.spotxchange.com
t.skimresources.com
tag.1rx.io
terrifictooth.com
themarysue.com
themarysue.disqus.com
tlx.3lift.com
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
u.openx.net
unpkg.com
ups.analytics.yahoo.com
usync.proper.io
video.primis.tech
www.google-analytics.com
www.googletagmanager.com
www.themarysue.com
x.bidswitch.net
hbopenbid.pubmatic.com
13.225.80.116
142.250.186.34
142.250.186.98
143.204.98.49
151.101.192.134
151.139.128.11
178.162.133.150
178.250.0.157
178.250.2.131
178.250.2.151
18.134.84.15
18.196.159.207
18.64.79.57
184.31.84.150
185.167.97.84
185.184.8.90
185.64.190.78
185.94.180.126
199.232.196.134
2.18.232.7
2.20.157.141
2.20.157.55
209.250.233.142
209.54.176.128
213.19.147.42
216.52.2.30
23.205.235.133
23.205.241.117
23.206.210.112
23.35.228.23
23.35.229.117
23.35.236.201
23.88.75.189
2600:1f18:612b:4232:dec:f48c:c120:9a90
2600:9000:2156:1c00:f:4f64:8940:93a1
2600:9000:2156:e600:6:44e3:f8c0:93a1
2600:9000:2156:f400:8:48e:53c0:93a1
2600:9000:2240:c00:1a:5235:f980:93a1
2602:803:c004:200::141
2606:4700:10::6816:4185
2606:4700:20::681a:8a9
2606:4700::6810:7daf
2606:4700::6811:4e22
2606:4700::6812:e134
2620:116:800d:21:fcb8:22d2:d390:5f1b
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200e
2a02:2638:1::13
2a03:2880:f02d:100:face:b00c:0:3
2a05:d018:d29:3605:9290:fe02:2ee8:2378
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.120.28.2
3.123.118.27
3.126.56.137
3.127.195.44
3.213.149.116
3.33.220.150
3.65.16.69
34.107.148.139
34.120.157.206
34.149.20.76
34.237.150.112
35.157.246.167
35.190.39.246
35.190.59.101
35.190.91.160
35.201.67.47
35.201.96.133
35.244.159.8
35.244.174.68
37.157.6.245
37.157.6.248
37.252.172.249
37.252.173.215
37.252.173.228
46.105.202.126
51.89.7.198
52.208.103.128
52.213.21.147
52.59.80.165
52.89.97.240
54.185.32.160
54.93.106.38
62.149.0.72
62.209.227.211
69.173.144.139
72.251.241.204
72.251.244.142
74.121.143.245
76.223.111.18
81.17.55.112
99.84.95.10
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0360a66a645694e458fdf7633b1e80df0509688f49ce591edc1068bf046fc818
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
0804cbe4748a8e06bd803cbbaf2a33bc75c9e00f629cceff0f27d1d181ed1fa8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
107b02a6a6c6b1b0c7e003b59a9cde4b57f5da12b6c3566056ea9cff8b226a51
116a3e1052e7e6b064febdc1052724cd04cb0a0c6d79b5163961e32c0dbad89f
14963db49c411d658e069f08d49faf8dc3e459646e28391fc82ccdcbdbe8d277
1517be12d83a9b0c9ceeb4a4269e2f319eae4f2e9adaf524d9948e8a5b06e190
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1592fc21d8e2dd7746f8015467647f6c565c9e7a5ffb5c82bb0d41ec4480b2e4
16a485972b3cd321d932dc162233ede72d49b937f9c9637dc5aa03fa10e09327
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1e1ea4c16ab4ea2245466aeafbd6fa62c0e67fc991b5918a6d36cd024efb1b41
1e584a6383effb3efe00fcf3d6c761e8e7495dd070e2ddf15e5fec8bda6a20d3
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f
2339034839b32959726efdc138a2f7493eeb6a9923da9c86725c10326652361a
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60
25473553f3925a3a064adb60b4ed7154974efe4a53446ae3997ebe1a65118a00
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa79c88552fa266ab87772ac0737e749a11b16389bb18c46aee52b465c33416
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2af09ccbab59b0e94a3847433ffa65f161d3a0fd5d1721497cdd68b5f0bf0bad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e95bcc1d51302added6bad654c12c789b25780c0d03b1e7e54aac653a66a55b
2ebd9240461c4d97137d8d76bd5c709cfd8772b106ea7e7267b942b85f1f95df
31fee77a88fdb65355bd6d032000257cc487872e9ca405f7e1c7db68015ce687
34095db30c60a2ab5d9decdcaf96ddb3fb7d60a56e6080e2b131c0fbcb9db57a
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
3561d2b37624a65db124e3476fab316ef95efde62fa8bfdba5d000fd37890e1d
3c74570e0c7c5f9ee130ada3fb7de82f10d1525cd59d272bfe41ee987a3c0129
3cbeb1e5978920a40cadf4ebd8c6b99ac34aeccd49a255273099543cecc1f3e9
3d0361b3378fbfa7ed364ba8d9e33b16671db022a1d8088f6e1017b098763815
3d1d3ab4a107f189880c33d8a836b0db15dd148d91f4d486c89ffe04d32603c6
3d3703ad334677000a6ea84f38f8cf3df353569eb5297a8050a77e6d2bd075ae
3da031ff072bc0fde56a065bc8971c0dfce5d9176b611422a3f44b43b4b41958
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
429edfb4dfac7953a319b12a4136332ef0c5fc26bd49feeb78df0f1a8a5eaf68
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44865de994df4b713f1613e9b0c14e821220f2b9468e5c8c373ecbb7b7e83958
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
4887329d85e3a31b977f06d6493cfd7478802d5664b7d0caab9b94353cd41066
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f
4ac6c4439caf739282cc7d684fce9977766026b82201b5e6969182faaaae5e14
4f2f5a1538ac5fe38aeda162c6abc7d8e7df72c1c820528845cb68e68bf3e1a5
50ee8e5650e908b3216ef351ad576e513d91c85e417b7aeac2e1d8f72d0be427
516fb604fb9b385996d297bfe61bf9e7bb5172aaae91ff7d8263d4a304c3e7f9
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188
545bf3e9201bb57a7add7c3f3bb2037089b340d7fab3d6b03603f0b5fd04fa9b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c315c6372ea5c2de7533312be7f8f108616e57c1fa70369727bd7f9916e2c4
5692ca54709408ab24a398860591fbeac564e4421bf9ac93e871ef796b7075d6
5aa3fca78756438cdf9a940f6375fc665c0460f6c2de888636b782e39890319d
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5cbaa50905cbfd614dc889e6155550145a3ed92a0085f7cbfcdd5df69145dfdf
5dc23eadbb4d725609927b8b25bc1d0a1de3b21bca995fd4e521fc8601003381
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
63c9f5be692fa019c8a819eeaa89a138bfa0d21f89a8167454addb19e0cf93eb
65dc87cd7689d70f144e02b7be25a63fde527fc649fb7c9b7bc7be209dd18dd9
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68a748a0cacf5f91642f984c40a948e0607f52370693ab61dc396621c0c60b29
68ed51b373caad0b18f95fbe8802c009b09da72191fbd56a3b99a1b7ec5d992a
69860f4656fca75fa70a40251cfdab63ccdaecff4cc12bbd7dbfd0a05d5f1bc5
69eb04e12a206555558a2094a5692b4e2b77b496c5b4ed77bdf1c5bf97559451
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a7d1ca417fcd28f86be043006e474e6cc0c02f98feddaef88d5be9e6dc7656d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
770c405100b64644d50a100e4c15fe29460f4e5872d4f78c66ab6a4dae0704fa
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a2bae68748f843f31d9b0ddc9794fc8371b2a185772425893c4b32cc723eb31
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7d046f89f5cd186d4c16cb06cb17c433c57e5c965b699c0bd3e4e68abc237508
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7de65c6e254274f0b1b5e82e543167bba263639bf19c2736db814e1e57cf83d3
8224f8d161df348d51769b3d83fe9b9c2f0ff8c01a3942069d2004a56a3bf449
82e6888616009964f8f425e138c1c6413ca44f0cb8a04ec5c1291b042b73c6c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dad17c7c62057440ce13ba42120968005b66d0d7125df6b3086e8588fded21e
9130bafafbeee56d02271fdd5a7db6f2e15e839f8b64faad15a08610a93d7119
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
95cafd33a12a3cfdfd4a5e6dab5c728a9f0999bf81cedddafb8c31283305ff1d
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
966ff8715b63c44478f0c4aef3bb6d16a36d1076fb1fa547b8eb6c0764250f16
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09214e8c80e89024f383a1cb50f3a6ab94cd59c3fc7a87a10f26ce79fa8a983
a0b374cb5be30cf745d18c8403fcf6d68c68720a8b72f6205960a38231056bc3
a0bc5488e7a8f89bf3e5ebebec3cde05d38c9d070a716195be795fca11cb0f10
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
ad00407ed22b4ebc9660088fd503836b9a8c8aa28c72c4450d565dd6a8b5bdbf
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cebea345d1e7060b0fa5a35b549e384a8bda33e68cf2be21e5f8394523fc7f
b25ffb114cadb04dcb4afda307993ee526a940c1b3b94f843c6ecef4de9ad70b
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b8d7f8d2eed27061b0191e06014963cbba5e220431f8a0e53759fcc4c80d5f25
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bb7f5695b7f3d8d128002c29e099bde0c8a9b41544922fbc38d98554530080b6
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bddf63c665a69da05cef3a7b9ad4ff0dcd6e2f1c2c8e9d662cbcf09fa0a9a61d
c053204c23eb422ccce30c97973733ffc4f8406ff9fb0433389693ff9fc98194
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
c8a3d6161c2cc5e8a4878b8907a3411a15b2340d166c0dba299d6761cce76323
c8e7b87e1f97f34916d53d4e0c69d68dd056df401debdc252678e973641567e2
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc866a9fb4f1183403e7a466ceec772df0afc6d4ba33e7376bc105a14c542c47
cfa5314fee79c2345f95f11819a54724c2c23754bd9045d17394667349ab12a7
d02f884d93ba8bdcacdb3ec393addf0b6f66665e5d73fd0f5445ac18752b5812
d17758023ec2f1c6ebfde92ce70b5b5f2be2f1e1a204f3c8c1fdc1ad791f6d99
d4b936ca0bb9753f4937ef90ae3797a3a9d2231694a095e07b602735ad494aa3
d54fa435475eaebc9e76f7bfb2b8457c9fb6a616e7d99da01290a6525e071bb8
d73db517e551a81120695ffdc0a1d21559f16ee93dc644da829102d0f37efc8f
d8c6bcbbfcef32acd463fa9971d5e83d6944d7d71060dddc93e4fb29c49e3d0e
da92c61b6fc6b7eeab40a32ac363a3fe29fa805496cd02eb2922ebe13053db7d
dba340cafadf50dec788caca106bb578a9c5593017e1d1e22bdf7f4141907e66
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd17f519ce6b2f4a266ba93e3fede2df688dd96b5427192b8cb79e6689c17981
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de57f834eef4e78ceb5d2e3a7ba145fe3212576be90f41bd7fccbd799fcf66d1
de583452ac6167bae7e07c5c42042ac3aa0f000d26772cb7564d8f5ff2edd7c8
e1153189420fadb5c0ef5add67ad67f57cbc50c24a247d5e7ca03141a4ec017a
e167c7ffcb2c6c5608dcfaaec5a27ea748d74bec805bc0b31d36a2acca5ca32d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e9ccf92e5a2cd1ab8140c4968c3a1ff0ccee53e2358ed33074502879daa5cff9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eeea31a6bfdd138d4b73ba00b67f221be13a1b5058fc3e934b7eee9ef8900e83
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
f1c16c7dac5394666ae211344aa08ce1f619f18f6b905ee30ea7d942a968130b
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083
fc8efb881f52f3dcff9841a3c083b0d3b115757694ce4d8a0d0be398e011857d
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
ff220af9be99ad485403d3f73eb9ca949bdb9992174d675f0338d45acc40e15e