urlscan.io logo urlscan.io
SecurityTrails logo

www.themarysue.com Open in urlscan Pro
2606:4700:10::ac43:14a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://geekosystem.com/
Effective URL: https://www.themarysue.com/
Submission: On January 17 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 12 countries across 98 domains to perform 395 HTTP transactions. The main IP is 2606:4700:10::ac43:14a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.themarysue.com. The Cisco Umbrella rank of the primary domain is 168896.
TLS certificate: Issued by R3 on January 15th 2022. Valid for: 3 months.
This is the only time www.themarysue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.20.95.18 32475 (SINGLEHOP...)
1 31 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 37 63.250.56.141 41436 (CLOUDWEBM...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 35.190.39.246 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
4 34.120.157.206 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 151.101.192.134 54113 (FASTLY)
5 199.232.192.134 54113 (FASTLY)
1 184.30.25.59 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 65.9.71.173 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
8 184.30.24.198 16625 (AKAMAI-AS)
3 3 185.94.180.125 35220 (SPOTX-AMS)
3 35.244.159.8 15169 (GOOGLE)
2 2a0c:5c81:513... 55081 (24SHELLS)
27 185.167.98.14 41436 (CLOUDWEBM...)
10 13 3.123.179.172 16509 (AMAZON-02)
2 2 23.88.75.187 24940 (HETZNER-AS)
6 13 184.30.24.241 16625 (AKAMAI-AS)
3 3 76.223.111.18 16509 (AMAZON-02)
2 143.204.215.18 16509 (AMAZON-02)
4 9 69.173.144.165 26667 (RUBICONPR...)
3 4 37.252.173.27 29990 (ASN-APPNEX)
1 3 2620:116:800d... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
17 75.101.244.20 14618 (AMAZON-AES)
15 17 2.18.234.233 16625 (AKAMAI-AS)
1 185.86.138.122 201081 (SMARTADSE...)
3 185.64.189.112 62713 (AS-PUBMATIC)
2 18.157.100.237 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 54.191.222.20 16509 (AMAZON-02)
4 8 18.156.0.31 16509 (AMAZON-02)
1 51.75.146.199 16276 (OVH)
1 54.70.210.121 16509 (AMAZON-02)
1 44.225.168.153 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
6 2600:9000:206... 16509 (AMAZON-02)
4 6 37.157.3.28 198622 (ADFORM)
4 89.187.169.47 60068 (CDN77 ^_^)
14 62.149.0.72 15497 (COLOCALL ...)
3 3 185.184.8.65 204995 (RTB-HOUSE...)
1 3 46.249.52.248 50673 (SERVERIUS-AS)
1 178.162.133.150 60781 (LEASEWEB-...)
1 213.19.147.42 26120 (RHYTHMONE)
1 185.255.84.151 200271 (IGUANE-)
1 35.156.61.164 16509 (AMAZON-02)
5 34.149.20.76 15169 (GOOGLE)
1 54.80.147.122 14618 (AMAZON-AES)
1 216.52.2.39 29791 (VOXEL-DOT...)
1 23.37.38.181 16625 (AKAMAI-AS)
3 18.157.246.64 16509 (AMAZON-02)
1 2.18.232.7 16625 (AKAMAI-AS)
4 6 37.252.173.62 29990 (ASN-APPNEX)
1 52.28.103.21 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
1 178.250.2.131 44788 (ASN-CRITE...)
1 2602:803:c003... 26667 (RUBICONPR...)
2 3 66.155.71.25 13768 (COGECO-PEER1)
6 5.178.65.245 50673 (SERVERIUS-AS)
2 35.227.252.103 15169 (GOOGLE)
2 6 18.215.193.43 14618 (AMAZON-AES)
4 5.178.65.252 50673 (SERVERIUS-AS)
2 5 168.119.149.178 24940 (HETZNER-AS)
1 24 54.93.80.4 16509 (AMAZON-02)
2 6 23.37.42.132 16625 (AKAMAI-AS)
2 205.234.175.175 23352 (SERVERCEN...)
2 51.89.9.251 16276 (OVH)
19 2606:4700:10:... 13335 (CLOUDFLAR...)
4 12 188.132.147.236 42910 (PREMIERDC...)
8 13 142.250.185.130 15169 (GOOGLE)
1 2 209.54.180.3 16509 (AMAZON-02)
7 9 52.223.40.198 16509 (AMAZON-02)
7 151.101.2.49 54113 (FASTLY)
1 54.84.55.94 14618 (AMAZON-AES)
1 99.86.7.31 16509 (AMAZON-02)
1 46.105.202.126 16276 (OVH)
3 4 35.227.248.159 15169 (GOOGLE)
1 2 37.157.4.24 198622 (ADFORM)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
3 3 54.154.126.215 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.104 24961 (MYLOC-AS ...)
2 6 52.19.22.209 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 35.156.119.137 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 54.154.13.77 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 44.198.36.181 14618 (AMAZON-AES)
1 2 52.94.223.37 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
2 2 52.214.126.220 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
3 3 54.194.44.194 16509 (AMAZON-02)
1 35.167.45.107 16509 (AMAZON-02)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 34.246.26.64 16509 (AMAZON-02)
1 143.204.215.113 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
6 6 185.29.134.248 30419 (MEDIAMATH...)
2 2 194.213.62.34 13036 (TMOBILE-)
2 65.9.58.43 16509 (AMAZON-02)
2 51.15.145.115 12876 (Online SAS)
2 2 178.250.2.151 44788 (ASN-CRITE...)
2 2 37.252.173.214 29990 (ASN-APPNEX)
4 4 72.251.244.140 29791 (VOXEL-DOT...)
1 1 154.54.250.48 26558 (FREEWHEEL)
4 4 18.194.149.16 16509 (AMAZON-02)
5 5 18.157.252.145 16509 (AMAZON-02)
2 2 146.0.227.109 20773 (GODADDY)
2 2 96.46.183.20 7979 (SERVERS-COM)
2 52.57.150.20 16509 (AMAZON-02)
395 105
1    198.20.95.18 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sh02.mediaite.com
geekosystem.com
31    2606:4700:10::ac43:14a1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.themarysue.com
themarysue.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
37    63.250.56.141 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
4    35.190.39.246 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 246.39.190.35.bc.googleusercontent.com
superficialeyes.com
3    2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    34.120.157.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.themarysue.com
3    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    151.101.192.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
5    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
themarysue.disqus.com
1    184.30.25.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-59.deploy.static.akamaitechnologies.com
s.ntv.io
1    2606:4700:10::ac43:1906 (United States)

ASN13335 (CLOUDFLARENET, US)
am22.mediaite.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    65.9.71.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-173.fra56.r.cloudfront.net
c.amazon-adsystem.com
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
propermedia-d.openx.net
2    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
27    185.167.98.14 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
video.primis.tech
13    3.123.179.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
13    184.30.24.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    143.204.215.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-18.fra53.r.cloudfront.net
sync.intentiq.com
9    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
4    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
17    75.101.244.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-244-20.compute-1.amazonaws.com
jadserve.postrelease.com
17    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    18.157.100.237 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    2600:9000:214f:be00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    54.191.222.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-222-20.us-west-2.compute.amazonaws.com
usync.proper.io
8    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    51.75.146.199 (France)

ASN16276 (OVH, FR)
PTR: p12.id5-sync.com
id5-sync.com
1    54.70.210.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-210-121.us-west-2.compute.amazonaws.com
id.sharedid.org
1    44.225.168.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-168-153.us-west-2.compute.amazonaws.com
bids.proper.io
1    2600:9000:206f:d600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    2600:9000:206f:e000:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
6    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
4    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
14    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
3    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
3    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    35.156.61.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-61-164.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    54.80.147.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-147-122.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
1    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    18.157.246.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
6    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    52.28.103.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-103-21.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
6    5.178.65.245 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
6    18.215.193.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-193-43.compute-1.amazonaws.com
a.audrte.com
4    5.178.65.252 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
5    168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de
sync.richaudience.com
24    54.93.80.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
ih.adscale.de
6    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
2    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
19    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
12    188.132.147.236 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-236-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
13    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
2    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
9    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.84.55.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-55-94.compute-1.amazonaws.com
rtb.adentifi.com
1    99.86.7.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-31.fra6.r.cloudfront.net
ats.rlcdn.com
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f608:75dc:ec20:a692:551 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:a15e:14c8:83cf:d3c5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    54.154.126.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-126-215.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.104 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
6    52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    35.156.119.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-119-137.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    54.154.13.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    44.198.36.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-36-181.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    52.214.126.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-126-220.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
4    2a05:d018:d29:3605:7fb0:fdcc:4343:870d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    54.194.44.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-44-194.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    35.167.45.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
dmp.brand-display.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    34.246.26.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-26-64.eu-west-1.compute.amazonaws.com
d.adroll.com
1    143.204.215.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-113.fra53.r.cloudfront.net
geo.privacymanager.io
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
6    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    194.213.62.34 (Novy Jicin, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid3.ibillboard.com
bbnaut.ibillboard.com
2    65.9.58.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-43.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-115.rev.poneytelecom.eu
js.cookieless-data.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    37.252.173.214 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 865.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
adscale-emea.adnxs.com
4    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu
tracking.m6r.eu
1    154.54.250.48 (United States)

ASN26558 (FREEWHEEL, US)
1f2e7.v.fwmrm.net
4    18.194.149.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-149-16.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    18.157.252.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-252-145.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
64 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3190
video.primis.tech — Cisco Umbrella Rank: 6710
5 MB
35 themarysue.com
www.themarysue.com — Cisco Umbrella Rank: 168896
themarysue.com — Cisco Umbrella Rank: 165790
spc.themarysue.com — Cisco Umbrella Rank: 578553
453 KB
30 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7427
ih.adscale.de — Cisco Umbrella Rank: 3772
33 KB
19 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
6 KB
18 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
152 KB
17 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
13 KB
17 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1117
10 KB
17 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2741
token.rubiconproject.com — Cisco Umbrella Rank: 689
27 KB
16 admatic.com.tr
cdn.admatic.com.tr — Cisco Umbrella Rank: 9839
ads3.admatic.com.tr — Cisco Umbrella Rank: 10680
ads4.admatic.com.tr — Cisco Umbrella Rank: 20051
43 KB
16 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 6241
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 6623
8 KB
15 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3752
u-ams02.e-planning.net — Cisco Umbrella Rank: 59486
s.e-planning.net — Cisco Umbrella Rank: 6371
i.e-planning.net — Cisco Umbrella Rank: 6375
7 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1023
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ads.yahoo.com — Cisco Umbrella Rank: 913
6 KB
14 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum.casalemedia.com — Cisco Umbrella Rank: 1337
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
16 KB
13 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
6 KB
13 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image6.pubmatic.com — Cisco Umbrella Rank: 595
43 KB
12 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
ib.adnxs.com — Cisco Umbrella Rank: 241
adscale-emea.adnxs.com — Cisco Umbrella Rank: 19094
9 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1565
122 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
4 KB
8 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
27 KB
8 adform.net
cm.adform.net — Cisco Umbrella Rank: 1786
dmp.adform.net — Cisco Umbrella Rank: 2434
track.adform.net — Cisco Umbrella Rank: 3933
3 KB
7 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1240
sync.mathtag.com — Cisco Umbrella Rank: 421
4 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
556 B
7 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1127
pixel.advertising.com — Cisco Umbrella Rank: 327
2 KB
6 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3719
7 KB
6 disqus.com
disqus.com — Cisco Umbrella Rank: 2768
themarysue.disqus.com — Cisco Umbrella Rank: 125428
7 KB
6 proper.io
global.proper.io — Cisco Umbrella Rank: 10835
usync.proper.io — Cisco Umbrella Rank: 5238
bids.proper.io — Cisco Umbrella Rank: 11632
eb.proper.io — Cisco Umbrella Rank: 12830
116 KB
5 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2070
1 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1648
1 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 710
propermedia-d.openx.net — Cisco Umbrella Rank: 13378
rtb.openx.net — Cisco Umbrella Rank: 1548
1002 B
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
3 KB
4 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 12770
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
tlx.3lift.com — Cisco Umbrella Rank: 600
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
3 KB
4 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 88590
136 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 408
usermatch.krxd.net — Cisco Umbrella Rank: 1214
943 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
3 KB
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3536
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
767 B
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
dis.criteo.com — Cisco Umbrella Rank: 691
1 KB
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1349
346 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 698
1002 B
3 gstatic.com
fonts.gstatic.com
47 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1019
pixel.quantserve.com — Cisco Umbrella Rank: 424
11 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036
onesignal.com — Cisco Umbrella Rank: 1251
73 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
153 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 916
688 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1818
1 KB
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2627
1 KB
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 5866
1 KB
2 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 20532
1 KB
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 193308
429 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27256
673 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1197
793 B
2 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11738
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4235
922 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
2 KB
2 rlcdn.com
api.rlcdn.com Failed
ats.rlcdn.com — Cisco Umbrella Rank: 1554
id.rlcdn.com — Cisco Umbrella Rank: 738
38 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
cdn.id5-sync.com — Cisco Umbrella Rank: 1872
11 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1542
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1175
454 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
83 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 881
2 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1747
592 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1561
112 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
44 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1929
261 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
425 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 466
225 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
324 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
380 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20022
335 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 143344
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7892
324 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 570
163 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
88 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1360
920 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1286
250 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
762 B
1 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 11970
342 B
1 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 5982
254 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4305
747 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
174 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1699
937 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 898
2 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 4825
216 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 533
481 B
1 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1505
560 B
1 google.com
adservice.google.com — Cisco Umbrella Rank: 80
549 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
645 B
1 mediaite.com
am22.mediaite.com — Cisco Umbrella Rank: 165234
138 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3423
113 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
1 geekosystem.com
geekosystem.com
238 B
0 adotmob.com Failed
sync.adotmob.com Failed
395 98
Domain Requested by
37 live.primis.tech 2 redirects www.themarysue.com
live.primis.tech
30 www.themarysue.com 1 redirects www.themarysue.com
27 video.primis.tech live.primis.tech
www.themarysue.com
24 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
17 ads.stickyadstv.com 15 redirects live.primis.tech
17 jadserve.postrelease.com s.ntv.io
www.themarysue.com
14 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
ads.us.e-planning.net
13 mwzeom.zeotap.com ads.us.e-planning.net
13 cm.g.doubleclick.net 8 redirects ssum.casalemedia.com
spl.zeotap.com
ads.us.e-planning.net
bcp.crwdcntrl.net
13 x.bidswitch.net 10 redirects www.themarysue.com
live.primis.tech
ssum.casalemedia.com
9 match.adsrvr.org 7 redirects ssum.casalemedia.com
bcp.crwdcntrl.net
8 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
8 ups.analytics.yahoo.com 4 redirects www.themarysue.com
8 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
ads.us.e-planning.net
8 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
global.proper.io
7 sync-tm.everesttech.net ssum.casalemedia.com
spl.zeotap.com
ads.us.e-planning.net
www.themarysue.com
6 sync.mathtag.com 6 redirects
6 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
6 a.audrte.com 2 redirects ads.us.e-planning.net
a.audrte.com
s.console.adtarget.com.tr
6 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
6 ib.adnxs.com 4 redirects global.proper.io
spl.zeotap.com
6 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
5 pixel.advertising.com 5 redirects
5 sync.richaudience.com 2 redirects ads.us.e-planning.net
spl.zeotap.com
5 ssc.33across.com global.proper.io
5 pixel.rubiconproject.com www.themarysue.com
ads.us.e-planning.net
5 themarysue.disqus.com www.themarysue.com
themarysue.disqus.com
4 ads4.admatic.com.tr 4 redirects
4 pm.w55c.net 4 redirects
4 tracking.m6r.eu 4 redirects
4 track.adform.net 4 redirects
4 token.rubiconproject.com 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ssum.casalemedia.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
4 s.e-planning.net ads.us.e-planning.net
4 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
4 secure.adnxs.com 3 redirects ssum.casalemedia.com
4 fonts.googleapis.com www.themarysue.com
live.primis.tech
4 spc.themarysue.com themarysue.com
4 superficialeyes.com www.themarysue.com
superficialeyes.com
3 sync.crwdcntrl.net bcp.crwdcntrl.net
3 match.prod.bidr.io 3 redirects
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 dpm.demdex.net 3 redirects
3 btlr.sharethrough.com global.proper.io
3 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
3 creativecdn.com 3 redirects
3 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
3 hbopenbid.pubmatic.com live.primis.tech
global.proper.io
3 fonts.gstatic.com fonts.googleapis.com
3 eb2.3lift.com 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 sync.search.spotxchange.com 3 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.themarysue.com
3 pagead2.googlesyndication.com www.themarysue.com
pagead2.googlesyndication.com
2 ps.eyeota.net s.console.adtarget.com.tr
2 ads.betweendigital.com 2 redirects
2 inv-nets.admixer.net 2 redirects
2 adscale-emea.adnxs.com 2 redirects
2 dis.criteo.com 2 redirects
2 js.cookieless-data.com s.e-planning.net
2 tags.crwdcntrl.net s.e-planning.net
2 bbnaut.ibillboard.com 2 redirects
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 onetag-sys.com ads.us.e-planning.net
2 i.e-planning.net ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 rtb.openx.net ads.us.e-planning.net
2 pixel.sitescout.com 2 redirects
2 pixel.quantserve.com 1 redirects www.themarysue.com
2 cm.adform.net s.console.adtarget.com.tr
2 usync.proper.io www.themarysue.com
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 ads.adaptv.advertising.com live.primis.tech
2 sync.intentiq.com www.themarysue.com
2 csync.loopme.me 2 redirects
2 s.console.adtarget.com.tr live.primis.tech
2 u.openx.net live.primis.tech
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net www.themarysue.com
connect.facebook.net
2 unpkg.com 1 redirects www.themarysue.com
2 global.proper.io www.themarysue.com
global.proper.io
2 cdn.onesignal.com www.themarysue.com
cdn.onesignal.com
1 pixel-sync.sitescout.com bcp.crwdcntrl.net
1 1f2e7.v.fwmrm.net 1 redirects
1 eb.proper.io global.proper.io
1 ads.yahoo.com ads.us.e-planning.net
1 id.rlcdn.com ads.us.e-planning.net
1 geo.privacymanager.io ats.rlcdn.com
1 d.adroll.com 1 redirects
1 match.deepintent.com ssum.casalemedia.com
1 dmp.brand-display.com ssum.casalemedia.com
1 ad.turn.com 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 cdn.id5-sync.com www.themarysue.com
1 ats.rlcdn.com www.themarysue.com
1 rtb.adentifi.com ssum.casalemedia.com
1 fastlane.rubiconproject.com global.proper.io
1 bidder.criteo.com global.proper.io
1 prebid.media.net global.proper.io
1 tlx.3lift.com global.proper.io
1 a.teads.tv global.proper.io
1 htlb.casalemedia.com global.proper.io
1 ap.lijit.com global.proper.io
1 mantodea.mantisadnetwork.com global.proper.io
1 pre.ads.justpremium.com global.proper.io
1 hb-api.omnitagjs.com global.proper.io
1 tag.1rx.io global.proper.io
1 propermedia-d.openx.net global.proper.io
1 apex.go.sonobi.com global.proper.io
1 rules.quantcount.com secure.quantserve.com
1 bids.proper.io global.proper.io
1 id.sharedid.org global.proper.io
1 id5-sync.com global.proper.io
1 static.adsafeprotected.com www.themarysue.com
1 prg.smartadserver.com live.primis.tech
1 onesignal.com cdn.onesignal.com
1 secure.quantserve.com global.proper.io
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 am22.mediaite.com www.themarysue.com
1 s.ntv.io www.themarysue.com
1 disqus.com 1 redirects
1 themarysue.com www.themarysue.com
1 www.googletagmanager.com www.themarysue.com
1 geekosystem.com 1 redirects
0 sync.adotmob.com Failed ssum.casalemedia.com
0 api.rlcdn.com Failed global.proper.io
395 150
Subject Issuer Validity Valid
*.themarysue.com
R3		 2022-01-15 -
2022-04-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
superficialeyes.com
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-26 -
2022-01-24		 3 months crt.sh
spc.bestgamingsettings.com
R3		 2022-01-13 -
2022-04-13		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2022-01-06 -
2022-04-06		 3 months crt.sh
sync.console.adtarget.com.tr
R3		 2021-11-28 -
2022-02-26		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads4.admatic.com.tr
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
cdn.id5-sync.com
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.knorex.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.eyeota.net
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 50 frames:

Primary Page: https://www.themarysue.com/
Frame ID: DFAB48EFA03A2D0C4E5B96B18F580DAB
Requests: 159 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 5AFCFAFE77A953AD3E38A6B95FD205BA
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: BC801F5AD49A4BD60AB562D08FBC957D
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 0CED6E12FB5B0AAB13B2020CED670B68
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9356934496955375&output=html&adk=522671305&adf=1178619241&lmt=1642429506&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642429506264&bpp=3&bdt=174&idt=101&shv=r20220112&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3519745203574&frm=20&pv=2&ga_vid=1820599683.1642429506&ga_sid=1642429506&ga_hid=32471509&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064106&oid=2&pvsid=1313864825868176&pem=701&tmod=332&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=116
Frame ID: EE4E9572C9BC5505E46CAB29E513172E
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 77E948B99B2372A8972E731C65310E47
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: F4A94AD033935186308C1C131062054F
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
Frame ID: 94BAC4B113BEE1D46604A226FB3341B6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 58E213C73D7B4E634634DA90A68C6005
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 8CE6F4A479460D32302AC77FF264173B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 0247E6B900A53B0617344CB7C17F4C63
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 56BFF6DCD7F5847B3D639C9937CA758F
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: D1157469BEB6F684C8408BE27811F88B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 67989D23B29212FFE85AAD0BA198CE46
Requests: 7 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: CB73D83E50AA7FAAF71C5F016361F325
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic&tc=1
Frame ID: 88D7B80025E917FCD173B0D3C07AED3F
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 7B01F21310A7E77701271130FE34B54E
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: F64B81C38A8179318778962B9DB42126
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: BF36FE2E06E79E95EB105B8CF17A9248
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
Frame ID: AC38302424363EDC68FAB3240C197662
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 0C662688120BB065DE6D6A00582E83DA
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: AD1518D1A8574AEF4B1BF30A53E40620
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 6AA2244C738B642764141319DB82B092
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dbb253e861238ca18%26uid%3D
Frame ID: BAAA09D8A6A961B51D3F00BBEB3ADCD5
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Frame ID: 0A656FEF0FF1D84A99625359A108469B
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: A5CAAA4F60E4833F1453DFEDA49552F2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 8897018139E01454F8DDA1AE992C2B63
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361&cmp=0
Frame ID: D33C153308DA7704A93621947D01233D
Requests: 31 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic
Frame ID: 5732D677F013ECEC47A1BF383B3A1BDD
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: DC4409F38FFABFE008A6F7D26E1B08FF
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 74375BAF611DBF4986541C340100BE0A
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 4633832CD2AEB019BD6C6A5A6857FFC0
Requests: 4 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 6DD2707AD5ECE72D71E36BEB3CC794D1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 0FA00F93D6031CFD92C9770B24083813
Requests: 7 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: C85988AEDDAD43E12E641E19FCEA915D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: C687CFFF853183BC7A6CFBFD25190B25
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D470ec50ddf821be1%26uid%3D
Frame ID: EA580AEA549CF09BA9533AFBAA30E2CC
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Frame ID: 4831247D88BA9389D33B048640C33C52
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 0B53422346B2E5B13B9A25E7515E050D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: ECB16558E111396CBDC64C440694B84E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=df5e0fb0-23c7-42c3-635e-a663d5e5448a&zdid=1361&cmp=0
Frame ID: A3FBC445689541DB07FF6CD4CDFCBEC8
Requests: 4 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: EB99C81C8BF2467069A552680E2A7410
Requests: 11 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 66E9A342E6043EBA866639DBBF393264
Requests: 11 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 25DC1B0457DDAA3C0C1EA6CD8C9D15D7
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ACRZk8OK9%2f0kaB0L
Frame ID: 60F23B768E4F66CC5556443021CCBC89
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: BC7594CC81DEB65EBF17724B76417D4E
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ACRZk8OK9%2f0kaB0L
Frame ID: 07404B96DDA5E2E62C1B3FAF6CBB5EBC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: CA5D6D84500A035F51CB0058B77D19BC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: DB9872E1FB2361C15E8ECD21A92C6C40
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=249988733/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: D8CDA0410FD837D066ADD9FB5517F13D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Mary Sue - The Nexus of Pop Culture and the Uncharted UniverseTwitterTwittermascot-7The Mary SueArrow Left #1 IconArrow right #1 IconArrow Left #1 IconArrow right #1 Icon

Page URL History Show full URLs

  1. http://geekosystem.com/ HTTP 301
    http://www.themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

395
Requests

79 %
HTTPS

20 %
IPv6

98
Domains

150
Subdomains

105
IPs

12
Countries

6787 kB
Transfer

12116 kB
Size

115
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://geekosystem.com/ HTTP 301
    http://www.themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@2.1.3/dist/web-vitals.iife.js
Request Chain 42
  • https://disqus.com/forums/themarysue/count.js HTTP 302
  • https://themarysue.disqus.com/count.js
Request Chain 70
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=449a8f6b-77a1-11ec-8478-191344880206 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
Request Chain 77
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=93&advUuid=221ce9c0-7226-45ea-940a-ad5e355ff825
Request Chain 78
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=99&advUuid=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
Request Chain 79
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D9000822360144460123&advId=121&advUuid=9000822360144460123 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
Request Chain 81
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61e57c423bfbb%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=105&advUuid=5585149758427474447
Request Chain 119
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D98c49a0b-5748-453b-83db-44722e755269%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_6c942d99_7a005d12_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D98c49a0b-5748-453b-83db-44722e755269%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_6c942d99_7a005d12_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=98c49a0b-5748-453b-83db-44722e755269&uid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4
Request Chain 120
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_6b48f64a_d7ac58c3_2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_6b48f64a_d7ac58c3_2&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-PPj5pcRE2uF9J9DuIH5kW0TLhvFC3gTP~A
Request Chain 131
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic&tc=1
Request Chain 132
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 140
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
Request Chain 146
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=93&advUuid=d0ffc34a-5be9-4a69-adb7-9f373b68537c
Request Chain 147
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=99&advUuid=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
Request Chain 148
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D9000822360144460123&advId=121&advUuid=9000822360144460123 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
Request Chain 150
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=105&advUuid=5585149758427474447
Request Chain 194
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dbb253e861238ca18 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=bb253e861238ca18
Request Chain 198
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dbb253e861238ca18 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 199
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dbb253e861238ca18%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=bb253e861238ca18&uid=5585149758427474447
Request Chain 200
  • https://ih.adscale.de/uu?cbfn=receive&t=1642429507 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1642429507&nut&uu=f1242d1e926a4ceea224760e3c470708
Request Chain 202
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 224
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic
Request Chain 238
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D470ec50ddf821be1 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=470ec50ddf821be1
Request Chain 242
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D470ec50ddf821be1 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 243
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D470ec50ddf821be1%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=470ec50ddf821be1&uid=5585149758427474447
Request Chain 245
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB&dcc=t
Request Chain 246
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YeV8Qoog6kSjYDIORdrQ6QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFtvCAtukmZcjfKM5XYMPoQ&google_cver=1&gdpr=1
Request Chain 248
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=f7FT0H7jAtZksVSEceMb0S-2DoFk4gTWcbFI3pWq
Request Chain 260
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 268
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5dfecd54-82c4-48c1-9901-065929d583b9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Request Chain 270
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0b51a042-55eb-419b-9d1a-588097b5dbef&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Request Chain 274
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5bdc6f4e-1fcc-4cf7-b82c-b1a75d4d6f66&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 275
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=62451f14-e505-4f35-4b78-2b62bb367f61&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=62451f14-e505-4f35-4b78-2b62bb367f61&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=41965462099077558390676927975621826688&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Request Chain 277
  • https://bn01.er.bemail.it/zeotap.php?_bid=62451f14-e505-4f35-4b78-2b62bb367f61&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022011715-35191-0.094866001642429501-c758fd18e48c4d45628f001417dd79c3&zdid=533&env=mWeb
Request Chain 278
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7054181018560493717&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Request Chain 280
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=62451f14-e505-4f35-4b78-2b62bb367f61&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=62451f14-e505-4f35-4b78-2b62bb367f61&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361&bounce=1&random=562422161 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=tZAKUCniJFsw0gPpK6pg/.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Request Chain 282
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=62451f14-e505-4f35-4b78-2b62bb367f61?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=62451f14-e505-4f35-4b78-2b62bb367f61?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=96ff8ae2ab71f5ed9ced8076b48dd725&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Request Chain 283
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-1tP..J1E2ooHh6zUSoKKqjsGPjnlm4kVNA--~A&zpartnerid=570&env=mWeb
Request Chain 284
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3hCRgwaNA7CCB4lfvxuSvcOHpHV21lmn%2BS41iYitP1U%3D
Request Chain 289
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=926f61e5-7c43-4e00-9cf8-caee62b89e54&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Request Chain 290
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Request Chain 291
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=62451f14-e505-4f35-4b78-2b62bb367f61&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=62451f14-e505-4f35-4b78-2b62bb367f61&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361&dcc=t
Request Chain 293
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Request Chain 303
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7417070056426588851
Request Chain 304
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHDSE7DyvkAAECYZLj0pQ&expiration=1643639107&gdpr=1
Request Chain 308
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 313
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Ddf5e0fb0-23c7-42c3-635e-a663d5e5448a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=df5e0fb0-23c7-42c3-635e-a663d5e5448a&zdid=1361
Request Chain 321
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYIS4EEX-12-JYNB&sigv=1&esig=2~2126b44ae990f31ff00631f626cc11d4e718204e
Request Chain 322
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjdjOWVmZTk1OWE3OGQzNWM1YzU3ODcxMGQzOWRlYzhmYTc2NjQzMA
Request Chain 323
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ymEaLVTl5QT0BPhU2NK-EMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1854281649878674696
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM5r2NdRJnZbyqxxkD7XuoY&google_cver=1
Request Chain 325
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJUzRFRVgtMTItSllOQg==
Request Chain 326
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=151761e5-7c43-4500-8123-b027c158ae2f
Request Chain 332
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=f1242d1e926a4ceea224760e3c470708&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=101&tpuid=BBID-01-03171435075825673-16501464
Request Chain 333
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=f1242d1e926a4ceea224760e3c470708&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=101&tpuid=BBID-01-03171435075845009-16501464
Request Chain 342
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=cf42bb72c5e7ef3771476b2d169dc22d771beda227b9762d9dd1649f006096ad&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
Request Chain 343
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=cf42bb72c5e7ef3771476b2d169dc22d771beda227b9762d9dd1649f006096ad&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
Request Chain 349
  • https://track.adform.net/serving/cookie/match/?party=9&uid=9649dbb39a8808f04cee553431f64e8411ce067b3b6064d888e57927f4fa80c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=9649dbb39a8808f04cee553431f64e8411ce067b3b6064d888e57927f4fa80c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=42&gdpr=0&tpuid=8396081303094538686
Request Chain 351
  • https://track.adform.net/serving/cookie/match/?party=9&uid=9649dbb39a8808f04cee553431f64e8411ce067b3b6064d888e57927f4fa80c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=9649dbb39a8808f04cee553431f64e8411ce067b3b6064d888e57927f4fa80c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=42&gdpr=0&tpuid=6905369395768256520
Request Chain 355
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=b1678e99cc27afb23b7acec17fd91ec59223f9f2f871ca7f5e298ac8edf43dda&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa6e427c-edc3-41cd-93a2-a09e2008c82a&gdpr=0
Request Chain 356
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=b1678e99cc27afb23b7acec17fd91ec59223f9f2f871ca7f5e298ac8edf43dda&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4bc6371b-bae8-48cb-931e-3dde37e9b6cb&gdpr=0
Request Chain 357
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=eff9daad27734519a46d529a221366ac2f92fe693f4c0ef0a929e44588712dbf&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
Request Chain 358
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=eff9daad27734519a46d529a221366ac2f92fe693f4c0ef0a929e44588712dbf&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&gdpr=0&tpuid=CAESEEc3RAZXARufti-PtRS3A-I&google_cver=1
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&gdpr=0&tpuid=CAESEEc3RAZXARufti-PtRS3A-I&google_cver=1
Request Chain 361
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=75&tpuid=5585149758427474447&gdpr=0
Request Chain 362
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=75&tpuid=5585149758427474447&gdpr=0
Request Chain 363
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=df5f37f702a02a770ee2f65aaa91f0f4d0fbdb6ad056a7bd0a0510c52fc21491&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=df5f37f702a02a770ee2f65aaa91f0f4d0fbdb6ad056a7bd0a0510c52fc21491&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/js?tpid=48&tpuid=05b2a29632285800fcc8c897d1906b08
Request Chain 364
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=df5f37f702a02a770ee2f65aaa91f0f4d0fbdb6ad056a7bd0a0510c52fc21491&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=df5f37f702a02a770ee2f65aaa91f0f4d0fbdb6ad056a7bd0a0510c52fc21491&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/js?tpid=48&tpuid=928afeaa0a87b1f41c41dd2bf06a7f59
Request Chain 366
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=0b51a042-55eb-419b-9d1a-588097b5dbef&_origin=1&gdpr=1&gdpr_consent=
Request Chain 367
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5fd629a681f2153ec3f352f6a32089&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ebb50_7054181018551120054 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWZkNjI5YTY4MWYyMTUzZWMzZjM1MmY2YTMyMDg5&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDnqx5mvrOWrHGH88QY2QAU&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0b51a042-55eb-419b-9d1a-588097b5dbef HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/5fd629a681f2153ec3f352f6a32089?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-bfEcbrBE2oONLrpMebFGytGr6D0jD3iTeT5uaWbV~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5585149758427474447 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=8gceW7du1N9sWw5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Request Chain 369
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA0NThhM2NiNy03N2ExLTExZWMtYTFjNC0wNjQ1ZTMyNDg2OTI%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
Request Chain 372
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%3D087b4890-7cfb-46ed-ba0c-3d7cfa20efe4%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=9417762d98454368b17cc6e210a83611&ssp=admatic&bsw_param=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=24468a3e-ec88-5311-ad08-65eecced19aa&ssp=admatic&expires=30&user_group=1 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
Request Chain 375
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0b51a042-55eb-419b-9d1a-588097b5dbef HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5585149758427474447 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/5fd629a681f2153ec3f352f6a32089?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-bfEcbrBE2oONLrpMebFGytGr6D0jD3iTeT5uaWbV~A HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=7521w7ET1N9sWw5&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAHDSE7DyvkAAECYZLj0pQ&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
Request Chain 376
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA0NThhM2NiNy03N2ExLTExZWMtYTFjNC0wNjQ1ZTMyNDg2OTI%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
Request Chain 377
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=0b51a042-55eb-419b-9d1a-588097b5dbef&_origin=1&gdpr=1&gdpr_consent=
Request Chain 379
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=0b51a042-55eb-419b-9d1a-588097b5dbef&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
Request Chain 380
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%3D087b4890-7cfb-46ed-ba0c-3d7cfa20efe4%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ec40b023d4cd4acf8a80f62d3c115378&ssp=admatic&bsw_param=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
Request Chain 383
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6905369395768256520 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=bg3NvHPG-vTTH692q3dKHPm9Q&gdpr=0&gdpr_consent=
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=bg3NvHPG-vTTH692q3dKHPm9Q&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=bg3NvHPG-vTTH692q3dKHPm9Q&gdpr=0&gdpr_consent=&google_gid=CAESEBQelSKYypuGWSP-_mVTepg&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 386
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=926f61e5-7c43-4e00-9cf8-caee62b89e54
Request Chain 388
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=96ff8ae2ab71f5ed9ced8076b48dd725&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41965462099077558390676927975621826688
Request Chain 390
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=96ff8ae2ab71f5ed9ced8076b48dd725&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5dfecd54-82c4-48c1-9901-065929d583b9

395 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.themarysue.com/
Redirect Chain
  • http://geekosystem.com/
  • http://www.themarysue.com/
  • https://www.themarysue.com/
107 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26acf4d15a2e6fdc8f786af6528452ffb23e6050badc70464290d0ed56514e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html; charset=UTF-8
cf-ray
6cf04031b8403745-MXP
link
<https://www.themarysue.com/wp-json/>; rel="https://api.w.org/", </wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/style-index.css?ver=1641882089>; rel=preload; as=style, </wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.8.3>; rel=preload; as=style, </wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22>; rel=preload; as=script, </wp-includes/js/wp-embed.min.js?ver=5.8.3>; rel=preload; as=script
vary
Accept-Encoding, Accept-Encoding
cf-cache-status
BYPASS
cf-apo-via
origin,no-cache
cf-edge-cache
cache,platform=wordpress
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
content-encoding
br
cf-h2-pushed
</wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/style-index.css?ver=1641882089>,</wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.8.3>,</wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22>,</wp-includes/js/wp-embed.min.js?ver=5.8.3>

Redirect headers

Date
Mon, 17 Jan 2022 14:25:04 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 17 Jan 2022 15:25:04 GMT
Location
https://www.themarysue.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6cf040312f673743-MXP
style-index.css
www.themarysue.com/wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/style-index.css?ver=1641882089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 06:21:29 GMT
server
cloudflare
age
6683
etag
W/"61dd21e9-1665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=5733
cf-ray
6cf0403cfcce3745-MXP
cf-bgj
minify
pmpromc.css
www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/ 		182 B
274 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 11:12:11 GMT
server
cloudflare
age
5190
etag
W/"603f6f0b-dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=220
cf-ray
6cf0403cfcd03745-MXP
cf-bgj
minify
comment_count.js
www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/ 		708 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Mar 2019 08:40:52 GMT
server
cloudflare
age
5190
etag
W/"5c91fc94-379"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=889
cf-ray
6cf0403cfcd13745-MXP
cf-bgj
minify
wp-embed.min.js
www.themarysue.com/wp-includes/js/ 		1 KB
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 11:13:32 GMT
server
cloudflare
age
5190
etag
W/"603f6f5c-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6cf0403cfcd23745-MXP
am-asap-500.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500.woff2?2107011725
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 21:25:53 GMT
server
cloudflare
age
5190
etag
"60de32e1-2e68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cf0403d3d7b3745-MXP
content-length
11880
am-asap-500i.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500i.woff2?2107011725
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 21:25:53 GMT
server
cloudflare
age
5190
etag
"60de32e1-31dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cf0403d3d7f3745-MXP
content-length
12764
crit-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		44 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/crit-main.min.css?2112171821
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e2f32b584ba1e0811bdd21889949c60d5b994f32fee8e4379f441e039eaa20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Dec 2021 23:21:33 GMT
server
cloudflare
age
5190
etag
W/"61bd1b7d-b1a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
6cf0403d3d803745-MXP
def-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		290 B
289 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/def-main.min.css?2110151600
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Oct 2021 20:00:12 GMT
server
cloudflare
age
5190
etag
W/"6169ddcc-122"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
6cf0403d4d863745-MXP
min.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/min.js?2111190411
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Nov 2021 09:11:50 GMT
server
cloudflare
age
5190
etag
W/"61976a56-32db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=13019
cf-ray
6cf0403d4d873745-MXP
cf-bgj
minify
flying-focus.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/flying-focus.js?2108231028
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Aug 2021 14:28:13 GMT
server
cloudflare
age
5190
etag
W/"6123b07d-ecb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=3787
cf-ray
6cf0403d7dfd3745-MXP
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4323b9a7468fe9f7e1afab48fc491d97bb8d2060bf8a1d252987ef4087ed53d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51981
x-xss-protection
0
server
cafe
etag
13292749888028230900
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 14:25:06 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b36ae0331fcc9926fd84459a30b434e1ee944fd26d73719067b23b48de03c816
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36522
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jan 2022 14:25:06 GMT
ads-prebid-banner-proper-outbrain.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		25 B
137 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/ads-prebid-banner-proper-outbrain.js?2111190533
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Nov 2021 10:33:12 GMT
server
cloudflare
age
5190
etag
W/"61977d68-1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=27
cf-ray
6cf0403d4d883745-MXP
cf-bgj
minify
idontfeelathome-768x432.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/idontfeelathome-768x432.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f330b5540c14decacd98185a7bc6eb031b1f5667a64e872fc58f723f57a6f3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Jan 2022 21:02:07 GMT
server
cloudflare
age
1513
etag
"61e487cf-12f59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=77657, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403d7dfe3745-MXP
content-length
61311
cf-bgj
imgq:100,h2pri
pjimage-2022-01-15T111909.005-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/pjimage-2022-01-15T111909.005-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f343b1ba486cdc0df67a71ba82df707cf0447479e1b0ad403255227105da9f9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Sat, 15 Jan 2022 19:20:32 GMT
server
cloudflare
age
1513
etag
"61e31e80-7272"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=29298, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403d7dff3745-MXP
content-length
28298
cf-bgj
imgq:100,h2pri
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4c6ca6e89f19a3a2e028f79bbed3c64248a500b6b6fbaa9cdf8872cf9c86c4bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
promo-gossip.jpg
www.themarysue.com/wp-content/themes/m2019-tms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/images/promo-gossip.jpg?v=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
age
1136
cf-polished
origFmt=jpeg, origSize=3659
content-disposition
inline; filename="promo-gossip.webp"
content-length
3474
last-modified
Mon, 14 Oct 2019 15:08:43 GMT
server
cloudflare
etag
"5da48f7b-e4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cf0403d7e023745-MXP
cf-bgj
imgq:100,h2pri
email-decode.min.js
www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Jan 2022 19:09:30 GMT
server
cloudflare
etag
W/"61df276a-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6cf0403d7def3745-MXP
vary
Accept-Encoding
expires
Wed, 19 Jan 2022 14:25:06 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1642
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6cf0403dcbee5a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 20 Jan 2022 14:25:06 GMT
v2hxy1I2DadD9_UqgflZCzeDduq1c01Waovlzw4IO3xzRl7hrwYLJWBwNH5vqt34i
superficialeyes.com/ 		516 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2hxy1I2DadD9_UqgflZCzeDduq1c01Waovlzw4IO3xzRl7hrwYLJWBwNH5vqt34i
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
701d37a5305015e62c0655b67f04bd1699e539c0d6b7e430e5342cb0560b11c6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"2735a03e3ff36a0d84f6e6583037f934a21db88bee64d98e38dc63108561c015"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-fwlm
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 17 Jan 2022 14:25:06 GMT
timing-allow-origin
*
themarysue.min.js
global.proper.io/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/themarysue.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab6b3470cfb52c420289aa1631788af5fdf56d04147e1dda0d584a5cabf54c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Jan 2022 20:53:50 GMT
server
cloudflare
age
105576
etag
W/"61e1e2de-6a2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6cf0403ddf0e3745-MXP
expires
Mon, 17 Jan 2022 14:30:06 GMT
plow.lite.js
themarysue.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.com/plow.lite.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Jan 2022 02:24:24 GMT
server
cloudflare
age
6682
etag
W/"61df8d58-97a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=38821
cf-ray
6cf0403d9e623745-MXP
cf-bgj
minify
web-vitals.iife.js
unpkg.com/web-vitals@2.1.3/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@2.1.3/dist/web-vitals.iife.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.3/dist/web-vitals.iife.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4ccf2942489bb44fa7923b2cb00f6c5e41faad154c568903446f825507ad4c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
914028
fly-request-id
01FRRZ4V57MJXZM3GZ0Z052XNR
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"112d-5fb1Z84a6BgN6nyOVQbUEi27EBM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6cf0403e29db59b9-MXP

Redirect headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FSM6ET07N576V3S6BAATR3HP
server
cloudflare
age
392
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.3/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6cf0403dc89659b9-MXP
access-control-allow-origin
*
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
37059b1f1f0860ce272bc675cf1e5094f75a200dd3ea32f6a329e3f97c1e420a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
lss/Gd3DrqGyIbgUYG9Sgw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 17 Jan 2022 14:31:21 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
aeOac2+f/H7QaBqKB4LEWdhCGmwVxXvah2d7CWrvW4zkteZSMLP9bNnzWHvqlIZwLWPpmaLkgBe0KTfuHVKv7w==
x-fb-trip-id
917726464
x-fb-content-md5
8e6d99286c5196448fbe3dbc767f49ab
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 17 Jan 2022 14:25:06 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"325770a1df71fac6019360686800dce1"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
all.js
connect.facebook.net/en_US/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=f9227bc99abfe0a83d4db0948610486d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ab30339cab471615463e28a9d6ab1890611c1583ba79eec6fe45324c55bd3d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9b6rW+KoplgFkDXee438Mw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 17 Jan 2023 13:24:52 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82087
x-fb-rlafr
0
x-fb-debug
m7IX0EEEnpauu0BFmFDkKj2F1+NBRQmd+ij/b9RM7K8ANivtvCrdVwp6PPYNNPfSyxjUQO/tN71rk26/YskGDw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ab1b880c28ef9012fa34c8b5078f3499
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 14:25:06 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"6cd036032e37ff6c4dbba7bbca34b96b"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.themarysue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
x-cloud-trace-context
e3a079ee9083c736c7e2793063e9274f
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html
server
Google Frontend
content-length
0
via
1.1 google
alt-svc
clear
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: themarysue.com
URL: https://themarysue.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
7742a1c48cc11087d2f978cd6e5d3c09
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
liveView.php
live.primis.tech/live/ Frame 5AFC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
98b854ea906ce79e583110e4025dd920cb43fff807033cc4e1bc9bc0bf39558c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5040
date
Mon, 17 Jan 2022 13:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 17 Jan 2022 15:01:06 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com&bust=31064106
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94264e80d02aee478cab597737b2e4defdb90659167ceb87e82543494b98d9f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104505
x-xss-protection
0
server
cafe
etag
8896997718913292229
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 14:25:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame BC80 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Mon, 17 Jan 2022 02:05:13 GMT
expires
Mon, 31 Jan 2022 02:05:13 GMT
cache-control
public, max-age=1209600
age
44393
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
d2a363422fda12758b1d6787775431eeee412de949b2156b3d1376e0ab69b4e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
latest.js
global.proper.io/payloads/ 		413 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/themarysue.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df46046effa30ba22f79dbdd78ef028b6f4aa16b1544a74cd09d9780d8f2e8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Nov 2021 20:25:34 GMT
server
cloudflare
age
414958
etag
W/"618441be-675d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6cf0403e583b3745-MXP
expires
Mon, 17 Jan 2022 14:30:06 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 5AFC 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:05 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 5AFC 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:05 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 5AFC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:05 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 5AFC 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:05 GMT
prebidVid.5.18.0_6.min.js
live.primis.tech/content/prebid/ Frame 5AFC 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:28:42 GMT
server
nginx
etag
W/"619b8cfa-7892b"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:06 GMT
liveVideo.php
live.primis.tech/live/ Frame 5AFC 		550 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6699149d8536655fd190a86d5771602bfc6d109ac9dbeca72aa1619b06b26801

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=32471509&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=720706136&gjid=368863102&cid=1820599683.1642429506&tid=UA-21433528-1&_gid=130079663.1642429506&_r=1&gtm=2ou1c0&z=366743999
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=32471509&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1820599683.1642429506&tid=UA-21433528-1&_gid=130079663.1642429506&gtm=2ou1c0&z=707263934
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 01:16:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47346
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ Frame 0CED 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
aefd359d216ba523b56434f4a022d63acc17a39b1e151a58d8822866fa711ed7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
count.js
themarysue.disqus.com/
Redirect Chain
  • https://disqus.com/forums/themarysue/count.js
  • https://themarysue.disqus.com/count.js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
212
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 14 Jan 2022 19:31:02 GMT
Server
nginx
ETag
"61e1cf76-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
U30O9nKYKDrmRPUyvDfI_St6wBOICgNk419b7ES2FK-7VFnVpaNjQg==

Redirect headers

Date
Mon, 17 Jan 2022 14:25:06 GMT
Server
Varnish
Strict-Transport-Security
max-age=300; includeSubdomains
Location
https://themarysue.disqus.com/count.js
Cache-Control
public, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
count.js
themarysue.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
212
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 14 Jan 2022 19:31:02 GMT
Server
nginx
ETag
"61e1cf76-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
U30O9nKYKDrmRPUyvDfI_St6wBOICgNk419b7ES2FK-7VFnVpaNjQg==
load.js
s.ntv.io/serve/ 		389 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/wp-content/themes/m2019-tms/js/min.js?2111190411
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-59.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e43093c06c8f9c7b919924e29e95936ea776f462adf4c1a7bb8b8714f3907d21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:06 GMT
Content-Encoding
gzip
x-amz-request-id
SPS86R0DKK5SEWAT
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
KeQWE2R7Z9NJnXD5lpe47r85SXXpuRtIFT4U2jBlqj5OVC5jVELweNPozAfM/Jxl6MF5YF2Jpsg=
Last-Modified
Thu, 13 Jan 2022 19:51:28 GMT
Server
AmazonS3
ETag
"62f0fc828fa7fc16f48e5d93db315540"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1667
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6cf0403edfe83746-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 20 Jan 2022 14:25:06 GMT
BELLE-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/BELLE-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc4253621b3a2065fee057616fcd27d31578b2fc80a09d7878af38d971e4055

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Jan 2022 17:56:16 GMT
server
cloudflare
age
3899
etag
"61e1b940-7c6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=31852, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec9513745-MXP
content-length
28748
cf-bgj
imgq:100,h2pri
Zendaya-Euphoria-HBO-432x243.jpg
www.themarysue.com/wp-content/uploads/2019/06/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2019/06/Zendaya-Euphoria-HBO-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2849108f9ac551e4d168d83274730110ea921be04ba5b85c86755025ce63af39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Jun 2019 21:10:13 GMT
server
cloudflare
age
1067
etag
"5d016a35-3b74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=15220, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec9553745-MXP
content-length
14772
cf-bgj
imgq:100,h2pri
xiran-zaho-iron-widow-charity-1-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/xiran-zaho-iron-widow-charity-1-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5547777620b84bfa99ee611d0e3a042c9f29292ce515e8857de5dee56bd7a875

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Jan 2022 19:06:42 GMT
server
cloudflare
age
1508
etag
"61e1c9c2-8008"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=32776, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec9563745-MXP
content-length
27989
cf-bgj
imgq:100,h2pri
babysitters-club-review-432x243.jpg
www.themarysue.com/wp-content/uploads/2020/07/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2020/07/babysitters-club-review-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97708f9a1e72744f32e6486df05083f3b326c01b952168fa25039f9940b04ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Jul 2020 17:50:24 GMT
server
cloudflare
age
1508
etag
"5eff6fe0-9278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=37496, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec9583745-MXP
content-length
31880
cf-bgj
imgq:100,h2pri
pjimage-2021-12-05T113119.133-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/12/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/12/pjimage-2021-12-05T113119.133-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939c798ab0e5e8bbfdd392a59c326debf2be4c17fe5fb7a393f2515b0d782f47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Dec 2021 19:31:36 GMT
server
cloudflare
age
1505
etag
"61ad1398-6403"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=25603, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec95a3745-MXP
content-length
24841
cf-bgj
imgq:100,h2pri
Yellowjackets_102_0596_R2c-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/11/Yellowjackets_102_0596_R2c-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda28b525740ae4ff6041f1b17c3ae1574cd5853c48e8f603a9dca329487096d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Sun, 28 Nov 2021 19:25:34 GMT
server
cloudflare
age
1505
etag
"61a3d7ae-468b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=18059, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec95b3745-MXP
content-length
17716
cf-bgj
imgq:100,h2pri
pjimage-2022-01-16T110213.021-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/pjimage-2022-01-16T110213.021-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbf4ae84305f1c5695bc9185133563c3fde7bbf603a378a559ad884dd821bef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Jan 2022 19:06:44 GMT
server
cloudflare
age
1505
etag
"61e46cc4-5c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=23696, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec9683745-MXP
content-length
22969
cf-bgj
imgq:100,h2pri
pjimage-2022-01-15T141723.554-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/pjimage-2022-01-15T141723.554-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0b683fb7c3d684752db8b60b359afce8be42fec5d3e634e2e6de1ad5edd1c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Sat, 15 Jan 2022 22:17:31 GMT
server
cloudflare
age
1505
etag
"61e347fb-2c8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=11405, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec9693745-MXP
content-length
11382
cf-bgj
imgq:100,h2pri
peacemaker-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/peacemaker-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb52004e62aafaa828e52cd085ca014f79f6dbbd1e0814c55a7006b1f3fe59b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Sat, 15 Jan 2022 20:54:41 GMT
server
cloudflare
age
1505
etag
"61e33491-836e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=33646, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec96b3745-MXP
content-length
32126
cf-bgj
imgq:100,h2pri
tms-youtube-background-nomascot-432x243.jpg
www.themarysue.com/wp-content/uploads/2018/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2018/05/tms-youtube-background-nomascot-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c8f9f8ac07ad5688411afc87c4dfbf14c0d82ece30f3fa776d7c000231b152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Thu, 10 May 2018 19:42:53 GMT
server
cloudflare
age
1505
etag
"5af4a0bd-2f5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=12125, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec9773745-MXP
content-length
10343
cf-bgj
imgq:100,h2pri
meg-murry-a-wrinkle-in-time-432x243.jpg
www.themarysue.com/wp-content/uploads/2018/03/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2018/03/meg-murry-a-wrinkle-in-time-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd2e6733c3616ff78c73ba9d4bfefadf589d5d85fb84e1eff5240a2203ef0c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Mar 2018 15:13:58 GMT
server
cloudflare
age
1505
etag
"5aafd3b6-6232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=25138, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec9793745-MXP
content-length
23753
cf-bgj
imgq:100,h2pri
eleven-screams-stranger-things-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/eleven-screams-stranger-things-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bffecd8ba370b28d70011a881045c61c66394f700ef47c43588f54797a9ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Jan 2022 22:03:47 GMT
server
cloudflare
age
1505
etag
"61e1f343-53b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=21431, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ec97a3745-MXP
content-length
18345
cf-bgj
imgq:100,h2pri
babyyoda-432x243.jpg
www.themarysue.com/wp-content/uploads/2020/01/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2020/01/babyyoda-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea66a2b8b388a536536faa19481eb2526654b2968e2aed985b4b9684e279e262

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Jan 2020 17:08:26 GMT
server
cloudflare
age
1505
etag
"5e21ea0a-434c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
origSize=17228, status=webp_bigger
accept-ranges
bytes
cf-ray
6cf0403ed9943745-MXP
content-length
16803
cf-bgj
imgq:100,h2pri
TMS-Newsletter-promo-1.27.20.png
am22.mediaite.com/tms/cnt/uploads/2021/10/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am22.mediaite.com/tms/cnt/uploads/2021/10/TMS-Newsletter-promo-1.27.20.png
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d861557eb9ebf623f534bda4f9524c02b1533bb40b086f9c4873cc7e6265b7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
cf-cache-status
HIT
age
531376
content-length
140591
pragma
public
last-modified
Tue, 26 Oct 2021 22:54:11 GMT
server
cloudflare
etag
"61788713-2252f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6cf0403f3a9a0f7e-MXP
expires
Tue, 18 Jan 2022 10:48:49 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.themarysue.com&callback=_gfp_s_&client=ca-pub-9356934496955375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com&bust=31064106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
464417bab5ec6e9fe79f2afdeb5386666526c446758902e65036ea3e4cc4391b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com&bust=31064106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com&bust=31064106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.themarysue.com%2F&tn=DIV&id=skin&cls=proper-ad-unit&ign=false&pw=1600&ph=1200&x=0&y=139.2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EE4E 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9356934496955375&output=html&adk=522671305&adf=1178619241&lmt=1642429506&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642429506264&bpp=3&bdt=174&idt=101&shv=r20220112&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3519745203574&frm=20&pv=2&ga_vid=1820599683.1642429506&ga_sid=1642429506&ga_hid=32471509&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064106&oid=2&pvsid=1313864825868176&pem=701&tmod=332&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com&bust=31064106
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 17 Jan 2022 14:25:06 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Jan 2022 14:25:06 GMT
cache-control
private
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5AFC 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
774
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0BR13VRP87GANAB4KEPT
date
Mon, 17 Jan 2022 14:12:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
zbsVBpGzoZftbzMI0ez2YNFug0CX65dC5KJ58MVPe53Jw2ogQgfrcg==
css
fonts.googleapis.com/ Frame 77E9 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 12:52:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 14:25:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 14:25:06 GMT
css
fonts.googleapis.com/ 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 12:46:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 14:25:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 14:25:06 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F4A9 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=81302
expires
Tue, 18 Jan 2022 13:00:08 GMT
date
Mon, 17 Jan 2022 14:25:06 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 94BA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

server
nginx
date
Mon, 17 Jan 2022 14:25:05 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 17 Jan 2022 14:25:06 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
X-fe
21
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 58E2 		43 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame 8CE6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
91b6f080e43a72c936561690e976bf196087f333a4a55bca0b956b843fbf8efb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

Server
VertaMedia 1.0
Date
Mon, 17 Jan 2022 14:25:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
874
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 5AFC 		43 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2YkODqyZWUlNTx5ODtkMmY2Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTtkJaZcZF9wo250ZW50X2Ryp2M9VE1TK0yhqGVlqzyyq3MeQU5HRUkBK1JPQxyOU09OK0RcpzVwqG9lK29zK1BST0ZFU1NPUvgNQVJTVE9OKlUlNvgUSEUeV09OREVSK1qPTUVOJaZcZF9wo250ZW50X3RcqGkyPVRNUlgJoaRypaZcZXqmK0FOR0VMQSgST0JJTyNPTvgEnXJyY3RipvgiZvgQUx9GRVNTT1IeTUFSU1RPTvfyMwYeVEuFK1qPTxRFUvgXT01FTvZ2nWRsY29hqGVhqF9xqXJuqGyiow0lMTpzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK3N0YXJ0ZGVfYXyUZXN0KlUlRvfkKlUlRvgiozk5MCZ4PTMjMCZ5PTI1MCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmEmNmVGMmEmNwqEN0I3MmMkMmYmODM4MmxmMDM3MmY3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZFNTI2RwVBNTpmMTY4NwM2RTZDN0E2NDU3NTU3NTU5MmImOTp0N0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmEmNwqEN0I1OTMlMmMmNDqEN0I2NwMkN0Q3QwplNTE1NTRBNTU0OTQmMmt2NmYmMmM1MwY4NwM2RTUlNxI1QTU3Nmt2ODY1NTY1MwZDNwMmMmUkNwp0Qmp5NDE3ODQ5NDMmODY3NwImMwM1NmM2NTU0NDEmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl42NC4kNTEhMwtzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWU1N2M0MwNvZzJvJzNvqXN0ZXI9MTY0MwQlOTUjNwUkNvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6a30491a0d025df71558a85ab6b621b204e6e98178aa31c3c2a067248dd2f493

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6284
chunklist_480.m3u8
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
d973c6e94d697867cee725159b5bd497687c9c06f57ffa4787f25014fb9c6b5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P3
content-length
1334
last-modified
Tue, 16 Nov 2021 10:01:06 GMT
server
Tengine
etag
"d320b17dbc6273b047ebc353536646c0"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
85xxZjftdEpU-4ELsPltZms8xZXD_FTkYTedELcHcdNyCoMisJlslw==
expires
Mon, 31 Jan 2022 14:25:06 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0MwQlOTUjNvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow1BQyQyMwAyMxYyMwBmqGFlqGRyoGF5VGVmqCUlMCUlRvUlMDEyMwAyMxYyMwBiozk5MCZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmElRDMkMmp1RwMkMmY3RDqCNmMmMTM2MmtmODM5MmAmNmM2N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RTUlNxY1QTU3MmE2ODYmNxU2QmqBNwQ1NmU1NmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMkMmY3RDqCNTxmMwMmMmQ3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp2MmMmNTI2ODYmNxU1MwZCNUE1Nmp4Nwt2NTU2NTI2QmYmMmM1MTY3NEM3OTQkNmt0OTQmMmt2NmYlMmImNTpmNwU1NDQkM0Q3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIkNl42NC4kNTEhMwtzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTphMC40NwxlLwpkJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MWU1N2M0MwNvZzJvJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NDI0Mwx1MDY1MDtzqWyxPVNyn2yhZG9TUGkurWVlNwFyNTqwNDI0Y2VyYSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 5AFC 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.179.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 5AFC
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=93&advUuid=221ce9c0-7226-45ea-940a-ad5e355ff825
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=93&advUuid=221ce9c0-7226-45ea-940a-ad5e355ff825
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=93&advUuid=221ce9c0-7226-45ea-940a-ad5e355ff825
date
Mon, 17 Jan 2022 14:25:06 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 5AFC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=99&advUuid=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=99&advUuid=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=99&advUuid=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 17 Jan 2022 14:25:06 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 5AFC
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D9000822360144...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
cache-control
no-store
content-type
text/html; charset=utf-8
sync.php
pixel.rubiconproject.com/exchange/ Frame 5AFC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 5AFC
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61e57c423bfbb%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=105&advUuid=5585149758427474447
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=105&advUuid=5585149758427474447
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:06 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
76007ea9-78b2-4511-b545-0103712fa402
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c423bfbb&pixel=&advId=105&advUuid=5585149758427474447
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid61937f187eee2599881366.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
788f565a8b4e3e2a40083a23e7a46fc83d189c8893b70dd6ac07988923b271f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 09:59:57 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"865bfebc780eb969fd39fdb3a07262c7"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
17442
x-amz-cf-id
S0NKsGiWDEsNzc9iudr1XU34vxA_ZcJUNsyR2b85gCivp_2m11vudA==
x-proxy-cache
HIT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 24 Jan 2022 14:25:06 GMT
liveView.php
live.primis.tech/live/ Frame 5AFC 		43 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2YkODqyZWUlNTx5ODtkMmY2Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTtkJaZcZF9wo250ZW50X2Ryp2M9VE1TK0yhqGVlqzyyq3MeQU5HRUkBK1JPQxyOU09OK0RcpzVwqG9lK29zK1BST0ZFU1NPUvgNQVJTVE9OKlUlNvgUSEUeV09OREVSK1qPTUVOJaZcZF9wo250ZW50X3RcqGkyPVRNUlgJoaRypaZcZXqmK0FOR0VMQSgST0JJTyNPTvgEnXJyY3RipvgiZvgQUx9GRVNTT1IeTUFSU1RPTvfyMwYeVEuFK1qPTxRFUvgXT01FTvZ2nWRsY29hqGVhqF9xqXJuqGyiow0lMTpzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK3N0YXJ0ZGVfYXyUZXN0KlUlRvfkKlUlRvgiozk5MCZ4PTplMCZ5PTQjNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmEmNmVGMmEmNwqEN0I3MmMkMmYmODM4MmxmMDM3MmY3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZFNTI2RwVBNTpmMTY4NwM2RTZDN0E2NDU3NTU3NTU5MmImOTp0N0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmEmNwqEN0I1OTMlMmMmNDqEN0I2NwMkN0Q3QwplNTE1NTRBNTU0OTQmMmt2NmYmMmM1MwY4NwM2RTUlNxI1QTU3Nmt2ODY1NTY1MwZDNwMmMmUkNwp0Qmp5NDE3ODQ5NDMmODY3NwImMwM1NmM2NTU0NDEmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl42NC4kNTEhMwtzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWU1N2M0MwNvZzJvJzNvqXN0ZXI9MTY0MwQlOTUjNwU3NlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
66d3f34cd7b69f2973307525f4ed0813a588d6b8cfd85d1515ed890041d23428

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6088
liveView.php
live.primis.tech/live/ Frame 5AFC 		43 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2YkODqyZWUlNTx5ODtkMmY2Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTtkJaZcZF9wo250ZW50X2Ryp2M9VE1TK0yhqGVlqzyyq3MeQU5HRUkBK1JPQxyOU09OK0RcpzVwqG9lK29zK1BST0ZFU1NPUvgNQVJTVE9OKlUlNvgUSEUeV09OREVSK1qPTUVOJaZcZF9wo250ZW50X3RcqGkyPVRNUlgJoaRypaZcZXqmK0FOR0VMQSgST0JJTyNPTvgEnXJyY3RipvgiZvgQUx9GRVNTT1IeTUFSU1RPTvfyMwYeVEuFK1qPTxRFUvgXT01FTvZ2nWRsY29hqGVhqF9xqXJuqGyiow0lMTpzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK3N0YXJ0ZGVfYXyUZXN0KlUlRvfkKlUlRvgiozk5MCZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmEmNmVGMmEmNwqEN0I3MmMkMmYmODM4MmxmMDM3MmY3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZFNTI2RwVBNTpmMTY4NwM2RTZDN0E2NDU3NTU3NTU5MmImOTp0N0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmEmNwqEN0I1OTMlMmMmNDqEN0I2NwMkN0Q3QwplNTE1NTRBNTU0OTQmMmt2NmYmMmM1MwY4NwM2RTUlNxI1QTU3Nmt2ODY1NTY1MwZDNwMmMmUkNwp0Qmp5NDE3ODQ5NDMmODY3NwImMwM1NmM2NTU0NDEmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl42NC4kNTEhMwtzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWU1N2M0MwNvZzJvJzNvqXN0ZXI9MTY0MwQlOTUjNwU3OCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
388bf3021074bb90303ce1c99498cb6d9fed075592a2cb12378a25b21c1df099

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6094
liveView.php
live.primis.tech/live/ Frame 5AFC 		43 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2YkODqyZWUlNTx5ODtkMmY2Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTtkJaZcZF9wo250ZW50X2Ryp2M9VE1TK0yhqGVlqzyyq3MeQU5HRUkBK1JPQxyOU09OK0RcpzVwqG9lK29zK1BST0ZFU1NPUvgNQVJTVE9OKlUlNvgUSEUeV09OREVSK1qPTUVOJaZcZF9wo250ZW50X3RcqGkyPVRNUlgJoaRypaZcZXqmK0FOR0VMQSgST0JJTyNPTvgEnXJyY3RipvgiZvgQUx9GRVNTT1IeTUFSU1RPTvfyMwYeVEuFK1qPTxRFUvgXT01FTvZ2nWRsY29hqGVhqF9xqXJuqGyiow0lMTpzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK3N0YXJ0ZGVfYXyUZXN0KlUlRvfkKlUlRvgiozk5MCZ4PTplMCZ5PTQjNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmEmNmVGMmEmNwqEN0I3MmMkMmYmODM4MmxmMDM3MmY3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZFNTI2RwVBNTpmMTY4NwM2RTZDN0E2NDU3NTU3NTU5MmImOTp0N0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmEmNwqEN0I1OTMlMmMmNDqEN0I2NwMkN0Q3QwplNTE1NTRBNTU0OTQmMmt2NmYmMmM1MwY4NwM2RTUlNxI1QTU3Nmt2ODY1NTY1MwZDNwMmMmUkNwp0Qmp5NDE3ODQ5NDMmODY3NwImMwM1NmM2NTU0NDEmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl42NC4kNTEhMwtzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MWU1N2M0MwNvZzJvJzNvqXN0ZXI9MTY0MwQlOTUjNwU3OSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554413D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only0&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c423bfbb&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only0&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
679557074d44e5a142207f8e856e62148579ac771f2c9526aa1fce1787abdea2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6318
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 0CED 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:05 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 0CED 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:06 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 0CED 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:05 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 0CED 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:05 GMT
prebidVid.5.18.0_6.min.js
live.primis.tech/content/prebid/ Frame 0CED 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:28:42 GMT
server
nginx
etag
W/"619b8cfa-7892b"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 17 Jan 2023 14:25:06 GMT
liveVideo.php
live.primis.tech/live/ Frame 0CED 		549 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1642429506&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
8b8eaa86e1c49b20cabbe9d46b65af645458e86bf6bccba829435289c6856f81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: themarysue.com
URL: https://themarysue.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
e294f92512eb0c17472427f80f851e31
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.themarysue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
x-cloud-trace-context
6a5478f06bafe0cf937bbaaa46fb9faf
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html
server
Google Frontend
content-length
0
via
1.1 google
alt-svc
clear
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
261918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:39:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 77E9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
261918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:39:48 GMT
count-data.js
themarysue.disqus.com/ 		904 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=566688%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566688&1=566716%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566716&1=566982%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D566982&1=567048%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567048&1=567071%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567071&1=567075%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567075&1=567076%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567076&1=567086%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567086&1=567144%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567144&1=567150%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567150
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3ed3d7f1c67a9a645d228efed07043a15b62c587ea5318d6ed70eac56792b5
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:06 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
83
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
904
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		904 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=567153%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567153&1=567155%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567155&1=567156%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567156&1=567160%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567160&1=567163%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567163&1=567170%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567170&1=567210%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567210&1=567229%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567229&1=567240%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567240&1=567277%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567277
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f3d0b282e582118d62ea81297aef449d49b2a6d15a51a272bffdcee0bdd66ac
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:06 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
83
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
904
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		627 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=567280%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567280&1=567283%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567283&1=567286%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567286&1=567291%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567291&1=567293%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567293&1=567296%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D567296
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3887d316cbea6e18e98e26aa08c2025e3a0a58e862f73a0c954eef53360c318a
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:06 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
83
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
627
X-XSS-Protection
1; mode=block
web
onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a5a01b70722f3026b8d4b07c3339f14a6fee09ff43ccc3fb1485e4ed6d3d540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1088
cf-polished
origSize=3421
status
200 OK
x-envoy-upstream-service-time
124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
60dfd4bb-dc2d-4667-9795-27d275e203d2
x-runtime
0.123122
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"e6ce6e835e676d22ad60fc7057fed253"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6cf04040acaf5a0d-MXP
access-control-allow-headers
SDK-Version
expires
Mon, 17 Jan 2022 15:25:06 GMT
t
jadserve.postrelease.com/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.themarysue.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
797edf1e15087bd09fd57e19cfeaebd77f1ea99b9647744f7619076997be3b35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
3152
expires
Mon, 1 Jan 1990 12:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 5AFC 		67 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1642429506712&pKey=871857262&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.themarysue.com%2F&playerSize=720x405&schain=1.0%2C1!primis.tech%2C29569%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:06 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1642429506756023-368
Expires
Mon, 17 Jan 2022 14:25:06 GMT
v1
prg.smartadserver.com/prebid/ Frame 5AFC 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame 5AFC 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 17 Jan 2022 14:25:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
ads.adaptv.advertising.com/rtb/ Frame 5AFC 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
vid61937f187eee2599881366_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
32e193d4ca123202b96bf63ee239e7eb9e4797ec289566a16ab9aa8f1caf962c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 2408979685aa1bdb752824d292e63bf6.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 09:59:58 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"3de74cd02a8412674d3184dc1f5e051a"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2627
x-amz-cf-id
tSQjubmKU3OKKPcum9k6ozeNfh9u2FrGUfI-_PdlF2M1xeN-AIbHaQ==
x-proxy-cache
HIT
vid619641618e3df811072436_thumb.jpg
video.primis.tech/uploads/cn5/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn5/video/users/converted/29569/video_6192662ccd5fb839743211/vid619641618e3df811072436_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
a4397059274dd4337a809167ccce9b11550280b9dc51a0409957cfc937828e87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified
Thu, 18 Nov 2021 12:06:55 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"8b85fdbebe16676a17902756caa402a8"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3038
x-amz-cf-id
2LPyuQPOcIR3TdrVKcORg2CxDPRT8YFCRZFtbYuJuvkwt4Fr-zBspg==
x-proxy-cache
HIT
vid6192d4105b33e076950737_thumb.jpg
video.primis.tech/uploads/cn2/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192d4105b33e076950737_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
635e0cc36774866d8c63bdfe28234c030577929403e90528e5ddd108af489992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 22:05:04 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"5c3078be05c261d5ad6842c7338f7f5c"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1917
x-amz-cf-id
h_chINOT7yowS77xRsIuiC_eG94EjH540FaizMz2LhWFSdcJHVqmsw==
x-proxy-cache
HIT
vid6192e30186e31144925064_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192e30186e31144925064_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
30b582e9bfdbf0af2563f1220ace33de65ad5f1b73d0a0542ffd9c02788cf2be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 22:56:58 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"4b1ee2f4006359616ae4eb451186ee4a"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2800
x-amz-cf-id
F_m_3jC21eaD4ouvmlWcGVQar9qhytU9PzjJJ3Z_G5oHEdD2Agu-lw==
x-proxy-cache
HIT
vid6193821c72d3b115576273_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6193821c72d3b115576273_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
9c2603e1c4e75d210896f2e40f940e1cd05958e7f831d87624a7d592c614d01f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 10:08:05 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"06e50a8827f2a3e3ae4ba9149e56ce9d"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2441
x-amz-cf-id
oClFOIpPTBxWX_Mavk3w1VSFLCsSJ4qgEyL8ZnGL1u5ISqI5-W_BEQ==
x-proxy-cache
HIT
vid61df42bc035e9082382955_thumb.jpg
video.primis.tech/uploads/cn9/video/users/converted/29569/video_6192662ccd5fb839743211/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn9/video/users/converted/29569/video_6192662ccd5fb839743211/vid61df42bc035e9082382955_thumb.jpg?cbuster=1642024421
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
f10694f87d14598945aa46ef8044b570dc5bac82b8e641a50e37b118cd7f2bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 91f3147e9f66b9e5e2ff9fa00ee626c0.cloudfront.net (CloudFront)
last-modified
Wed, 12 Jan 2022 22:03:53 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"d6eed91f7687c8b51c7f97afe2b80358"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4234
x-amz-cf-id
7K7aIjP6f5eWPIBgYh0uSbN2k9wYmCORHIvUiF9mzgTRqxcqATxGzw==
x-proxy-cache
HIT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5AFC 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
37380
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
date
Mon, 17 Jan 2022 04:02:07 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
UCExeQFNVyjWYHJEFNJNZ4poNdEqkeDTsfnC4gsEAmPV2iyEo24u5Q==
w_480_00000.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/ 		347 KB
348 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
245e2163a828fd738129b3fd0be694d90372e3a102b9e604d09ca7d10df3bded

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 63c9a084de27504ef34be3673921d01e.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
355508
last-modified
Tue, 16 Nov 2021 10:01:07 GMT
server
Tengine
etag
"79ef0698505c1f16c654f612faa1fa99"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
LBdWpCoP_BezAz3B8BpAHpH64NyBfPWKphGsCBAl7HLHClVuQ6OQXA==
expires
Mon, 31 Jan 2022 14:25:06 GMT
acv.json
superficialeyes.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/acv.json
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2hxy1I2DadD9_UqgflZCzeDduq1c01Waovlzw4IO3xzRl7hrwYLJWBwNH5vqt34i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Fri, 14 Jan 2022 15:39:56 GMT
x-datacenter
gce-europe-west1
date
Mon, 17 Jan 2022 14:25:06 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-fwlm
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
age
14163032
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
f60RntCaiky-Tz7iKYngo6GUCRubEQcTVrGHQsXjgehlFS18FC6lpw==
c27cc7a8-863c-487b-8186-a37b2475986d
https://www.themarysue.com/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.themarysue.com/c27cc7a8-863c-487b-8186-a37b2475986d
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
PugMaster
image6.pubmatic.com/AdServer/ Frame F4A9 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95987463&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c423bfbb%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
37ffaf519d628423e1ea7147364a8d2af10c3b63f3ec5a9b598f989aeaafd74c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26979
x-xss-protection
0
server
sffe
etag
"1104 / 620 of 1000 / last-modified: 1642206167"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Jan 2022 14:25:06 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D98c49a0b-5748-453b-83db-44722e755269%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D98c49a0b-5748-453b-83db-44722e755269%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=98c49a0b-5748-453b-83db-44722e755269&uid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4
183 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=98c49a0b-5748-453b-83db-44722e755269&uid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
54.191.222.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-222-20.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a915c87bce3b7eea9dfc9ba7fd5365f110678134cf109878952adf1e8ccd4f06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=98c49a0b-5748-453b-83db-44722e755269&uid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4
Date
Mon, 17 Jan 2022 14:25:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_6b48f64a_d7ac58c3_2
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_6b48f64a_d7ac58c3_2&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-PPj5pcRE2uF9J9DuIH5kW0TLhvFC3gTP~A
151 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-PPj5pcRE2uF9J9DuIH5kW0TLhvFC3gTP~A
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
54.191.222.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-222-20.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
51640e5f1515c17578d1af91c278b4bfad05d7b425f96e4abfdbe71d3a6479c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.18.0
content-length
151
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-PPj5pcRE2uF9J9DuIH5kW0TLhvFC3gTP~A
date
Mon, 17 Jan 2022 14:25:06 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
445.json
id5-sync.com/g/v2/ 		213 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.199 , France, ASN16276 (OVH, FR),
Reverse DNS
p12.id5-sync.com
Software
/
Resource Hash
c7c10796abde311eb6dfd733445be5d95188bf3d8ccb23eade09a3fa70ed1352
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Mon, 17 Jan 2022 14:25:06 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.sharedid.org/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.210.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-210-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.168.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-168-153.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Jan 2022 14:25:07 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 13:32:07 GMT
content-encoding
gzip
age
3180
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 22:03:49 GMT
server
AmazonS3
etag
W/"ebff52074a206856b4f1993710373d93"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
uFydRJrVckf7TayIxc9Np9RVmDvu5ORNSNRyrekQaU4N0ZQnLrprow==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0247 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=81302
expires
Tue, 18 Jan 2022 13:00:08 GMT
date
Mon, 17 Jan 2022 14:25:06 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 56BF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
x-amz-version-id
6Aq591PsFKZg.nhWoLRNYsxuGl0lv087
server
AmazonS3
content-encoding
gzip
date
Mon, 17 Jan 2022 13:20:39 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
aO1YUdgbEupfZ6RgR7XvDVrfzqWFeGmYqI_djhZZUXb1wi2oj9nB9g==
age
3868
cookie
cm.adform.net/ Frame D115 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 6798 		251 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
SE
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-storageserver
DE-51
cdn-fileserver
141
cdn-proxyver
1.02
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-cachedat
12/27/2021 07:28:04
cdn-edgestorageid
756
cdn-status
200
cdn-requestid
7da35c8ccf166f9d2543a32195f10bdc
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame CB73 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 17 Jan 2022 14:25:08 GMT
Content-Length
0
Etag
43e9f44424995545
csync
sync.console.adtarget.com.tr/ Frame 88D7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 17 Jan 2022 14:25:08 GMT
Content-Length
0
Etag
43e9f44424995545

Redirect headers

date
Mon, 17 Jan 2022 14:25:06 GMT Mon, 17 Jan 2022 14:25:06 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 7B01
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e350a348dcbe690252677662664688b7e73104e88b4968f782df34feb81064f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Mon, 17 Jan 2022 14:25:06 GMT
x-sid
AMS-745
content-encoding
gzip

Redirect headers

server
openresty
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-745
csync
sync.console.adtarget.com.tr/ Frame 8CE6 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
VertaMedia 1.0
Etag
43e9f44424995545
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 8CE6 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
VertaMedia 1.0
Etag
43e9f44424995545
Content-Length
43
Content-Type
image/gif
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0CED 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
774
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0BR13VRP87GANAB4KEPT
date
Mon, 17 Jan 2022 14:12:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
nc41srahydcjOTQJdLUZlM1-Ct6bpZDLvgrHVhg1bQXznmCDx1CpDA==
css
fonts.googleapis.com/ Frame F64B 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 12:50:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 14:25:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 14:25:06 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 12:48:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 14:25:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 14:25:06 GMT
sync
x.bidswitch.net/ Frame 0CED 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.179.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BF36 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=81302
expires
Tue, 18 Jan 2022 13:00:08 GMT
date
Mon, 17 Jan 2022 14:25:06 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame AC38
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

server
nginx
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 17 Jan 2022 14:25:06 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=94&advUuid=449a8ef8-77a1-11ec-8478-191344880206
X-fe
131
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 0C66 		43 B
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame AD15 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
11ef6e0c7513e3cafcea7ac7b4f30ba74bf9e3aeb80a017f67441fdc2d5e12dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

Server
VertaMedia 1.0
Date
Mon, 17 Jan 2022 14:25:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
868
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 0CED 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2Q1ZzMlZWUlODM1ODM1ODtmLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTp4JaZcZF9wo250ZW50X2Ryp2M9VE1TK0yhqGVlqzyyq3MeTFVLRSgFVxFOUlgiZvgQUx9GRVNTT1IeTUFSU1RPTvfyMwYeVEuFK1qPTxRFUvgXT01FTvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeSW50ZXJ2nWV3plgMVUgFK0VWQU5TK29zK1BST0ZFU1NPUvgNQVJTVE9OKlUlNvgUSEUeV09OREVSK1qPTUVOJaZcZF9wo250ZW50X2R1pzF0nW9hPTIkNSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYep3RupaRxZWkurVRyp3QeJTJGKmEeJTJGK29hoHxkJat9MmAjJax9MwUjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTM3NUYmMTM2N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwMmMmUlNwt2MmZFNTI2QwVBNTp3ODY4NwU1NwUlNxM2MmMmNTE2NmRDNmx0MTp4NDx0MmM4Nwp2MwMlMmU3MmY1NTQ0NTNEN0Q3QwRDMmEmMwMlMmpmOTqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MwE3LwY0LwE1MS4lOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTphMC40NwxlLwpkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYkZTU3YmQlNTA2OTxzY2J1p3Rypw0kNwQlNDI5NTA2OTA3JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6da9709bb7e11952722d24e5ca0253885f4d34b7d54910d7c030ed69f5f6bf47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
4646
chunklist_480.m3u8
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
25611cbf38dbe8da43a7b8258cf7417bf6a4b2e9fdee73beeb789445b62f88f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 84465451fc5898ca8155a82c8976074e.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
1301
last-modified
Tue, 16 Nov 2021 09:52:37 GMT
server
Tengine
etag
"0b3d83020701cdd139690ecd900051b8"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
J0dmO3H2Hubicriwg4QIROvs3KLtDPuh3DSNh5zyY--GH0zz51sfeg==
expires
Mon, 31 Jan 2022 14:25:06 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0MwQlOTUjNvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow1BQyQyMwAyMxYyMwBmqGFlqGRyoGF5VGVmqCUlMCUlRvUlMDEyMwAyMxYyMwBiozk5MSZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmElRDMkMmp1RwMkMmY3RDqCNmMmMTM2MmtmODM5MmAmNmM2N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RTUlNxY1QTU3MmE2ODYmNxU2QmqBNwQ1NmU1NmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMkMmY3RDqCNTxmMwMmMmQ3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp2MmMmNTI2ODYmNxU1MwZCNUE1Nmp4Nwt2NTU2NTI2QmYmMmM1MTY3NEM3OTQkNmt0OTQmMmt2NmYlMmImNTpmNwU1NDQ1M0Q3RDqCNEMmMTMlMmImNmM5N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIkNl42NC4kNTEhMwtzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTphMC40NwxlLwpkJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MWU1N2M0MwUjNwx5JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NDI0Mwx1MDY5MDAzqWyxPVNyn2yhZG9TUGkurWVlNwFyNTqwNDI5NwE3NSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveCS.php
live.primis.tech/live/ Frame 0CED
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=93&advUuid=d0ffc34a-5be9-4a69-adb7-9f373b68537c
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=93&advUuid=d0ffc34a-5be9-4a69-adb7-9f373b68537c
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=93&advUuid=d0ffc34a-5be9-4a69-adb7-9f373b68537c
date
Mon, 17 Jan 2022 14:25:06 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 0CED
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=99&advUuid=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=99&advUuid=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=99&advUuid=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 17 Jan 2022 14:25:06 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 0CED
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D9000822360144...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
cache-control
no-store
content-type
text/html; charset=utf-8
sync.php
pixel.rubiconproject.com/exchange/ Frame 0CED 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 0CED
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61e57c4250699%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=105&advUuid=5585149758427474447
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=105&advUuid=5585149758427474447
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:06 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bcbe076a-72af-4061-9245-9b26e30a8df2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61e57c4250699&pixel=&advId=105&advUuid=5585149758427474447
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid61937d5fc2ee2835835883.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
d3cbf444344c0a016ae65118bf7c53de50a57ae90ca72ba872b0737ce5a34115

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 09:51:38 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"7781f9e40787f65451ac6d502918532b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
9568
x-amz-cf-id
mr7bBoO9vwmhy80dFAfVcBbOp5MOub0akatAmvx0FBg2N61CZoaP5Q==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame 0CED 		43 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2Q1ZzMlZWUlODM1ODM1ODtmLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTp4JaZcZF9wo250ZW50X2Ryp2M9VE1TK0yhqGVlqzyyq3MeTFVLRSgFVxFOUlgiZvgQUx9GRVNTT1IeTUFSU1RPTvfyMwYeVEuFK1qPTxRFUvgXT01FTvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeSW50ZXJ2nWV3plgMVUgFK0VWQU5TK29zK1BST0ZFU1NPUvgNQVJTVE9OKlUlNvgUSEUeV09OREVSK1qPTUVOJaZcZF9wo250ZW50X2R1pzF0nW9hPTIkNSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYep3RupaRxZWkurVRyp3QeJTJGKmEeJTJGK29hoHxkJat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTM3NUYmMTM2N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwMmMmUlNwt2MmZFNTI2QwVBNTp3ODY4NwU1NwUlNxM2MmMmNTE2NmRDNmx0MTp4NDx0MmM4Nwp2MwMlMmU3MmY1NTQ0NTNEN0Q3QwRDMmEmMwMlMmpmOTqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MwE3LwY0LwE1MS4lOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTphMC40NwxlLwpkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYkZTU3YmQlNTA2OTxzY2J1p3Rypw0kNwQlNDI5NTA2OTIlJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6ebf49204c74031c33e588c3691f8b29d8b1a37b6cda6d3e35996531bc1db232

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6087
liveView.php
live.primis.tech/live/ Frame 0CED 		43 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2Q1ZzMlZWUlODM1ODM1ODtmLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTp4JaZcZF9wo250ZW50X2Ryp2M9VE1TK0yhqGVlqzyyq3MeTFVLRSgFVxFOUlgiZvgQUx9GRVNTT1IeTUFSU1RPTvfyMwYeVEuFK1qPTxRFUvgXT01FTvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeSW50ZXJ2nWV3plgMVUgFK0VWQU5TK29zK1BST0ZFU1NPUvgNQVJTVE9OKlUlNvgUSEUeV09OREVSK1qPTUVOJaZcZF9wo250ZW50X2R1pzF0nW9hPTIkNSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYep3RupaRxZWkurVRyp3QeJTJGKmEeJTJGK29hoHxkJat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTM3NUYmMTM2N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwMmMmUlNwt2MmZFNTI2QwVBNTp3ODY4NwU1NwUlNxM2MmMmNTE2NmRDNmx0MTp4NDx0MmM4Nwp2MwMlMmU3MmY1NTQ0NTNEN0Q3QwRDMmEmMwMlMmpmOTqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MwE3LwY0LwE1MS4lOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTphMC40NwxlLwpkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYkZTU3YmQlNTA2OTxzY2J1p3Rypw0kNwQlNDI5NTA2OTImJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
20c0f534a9c9407de869b67ecd1b629fc08d54349e1e2735e848e78d17bd5afe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6090
liveView.php
live.primis.tech/live/ Frame 0CED 		27 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxmN2Q1ZzMlZWUlODM1ODM1ODtmLz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU4NTp4JaZcZF9wo250ZW50X2Ryp2M9VE1TK0yhqGVlqzyyq3MeTFVLRSgFVxFOUlgiZvgQUx9GRVNTT1IeTUFSU1RPTvfyMwYeVEuFK1qPTxRFUvgXT01FTvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeSW50ZXJ2nWV3plgMVUgFK0VWQU5TK29zK1BST0ZFU1NPUvgNQVJTVE9OKlUlNvgUSEUeV09OREVSK1qPTUVOJaZcZF9wo250ZW50X2R1pzF0nW9hPTIkNSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYep3RupaRxZWkurVRyp3QeJTJGKmEeJTJGK29hoHxkJat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMkMxQmMTM3NUYmMTM2N0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwMmMmUlNwt2MmZFNTI2QwVBNTp3ODY4NwU1NwUlNxM2MmMmNTE2NmRDNmx0MTp4NDx0MmM4Nwp2MwMlMmU3MmY1NTQ0NTNEN0Q3QwRDMmEmMwMlMmpmOTqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MwE3LwY0LwE1MS4lOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTphMC40NwxlLwpkK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYkZTU3YmQlNTA2OTxzY2J1p3Rypw0kNwQlNDI5NTA2OTImJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D31375F31367D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A554943386763335268636E526B5A5778686556526C633351674C79417849433867623235736554453D7D7B4C31323237397DFEFE&userIpAddr=217.64.151.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=ABT+%2F+startdelayTest+%2F+1+%2F+only1&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61e57c4250699&debugInfo=16889076_ABT+%2F+startdelayTest+%2F+1+%2F+only1&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbolzikhps&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
3f86e2ccbc7b6fd6ef1ff947c1e06b22fbd9ceee97ed051ba91205efe014622e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
5528
trinity.json
apex.go.sonobi.com/ 		282 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228a311db38ba15aa6aa75%22%3A%228a311db38ba15aa6aa75%7C728x90%7C0.1%22%2C%22209775575b35341aca88%22%3A%22209775575b35341aca88%7C160x600%7C0.1%22%2C%223b3718792ba43287996a%22%3A%223b3718792ba43287996a%7C160x600%7C0.1%22%2C%22c2cb660426b08c6c338d%22%3A%22c2cb660426b08c6c338d%7C300x250%7C0.1%22%2C%22c79143fd09a5a4fe39d1%22%3A%22c79143fd09a5a4fe39d1%7C300x250%7C0.1%22%2C%22c19a3bac825004343486%22%3A%22c19a3bac825004343486%7C300x250%7C0.1%22%2C%22de684bf25025721a84ef%22%3A%22de684bf25025721a84ef%7C300x600%7C0.1%22%2C%22d82478e93591573e21db%22%3A%22d82478e93591573e21db%7C300x600%7C0.1%22%7D&ref=https%3A%2F%2Fwww.themarysue.com%2F&s=60ae0b12-5d37-4c2c-bb69-716cde26fa7d&pv=7a8ad5ba-e0ef-4f94-866b-0a99cf837e4e&vp=desktop&lib_name=prebid&lib_v=5.18.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%2298c49a0b-5748-453b-83db-44722e755269%22%2C%22id5id%22%3A%7B%22uid%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
30f6d6d018f2f86981999a034ca131fa1bab5452af23e49398cfbd2862a8e000
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
210
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
propermedia-d.openx.net/w/1.0/ 		73 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=300x600%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%7C300x250%7C728x90%2C970x90&auid=551036772%2C551036773%2C551036774%2C551036775%2C551036776&aumfs=100%2C100%2C100%2C100%2C100&dddid=fa10b42a-867b-4fd0-9c43-b520f71de768%2C0382e797-a7ed-4fba-b58e-5a2b1434b369%2C8f376d4a-79e0-4d9c-96d6-d4b4d441283b%2C98480539-7c19-4e79-b02f-e082aee0673b%2Ccf8cb4be-1f13-47d8-b02b-9ecbb8cc7215&divIds=openx-e4997db9-d95b-4c75-8869-7ec381a51fc8%2Copenx-612b9d36-ddc6-4e82-a1bb-447b2907f6ea%2Copenx-1d68036f-bd6c-457e-87ab-522122560a5c%2Copenx-6d973550-4df5-4683-bcdb-89d97df6b428%2Copenx-5066d3e6-5fec-4b5f-b328-ca7ed66e82a2&be=1&bc=hb_pb_3.0.1&nocache=1642429506976&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&id5id=0&_pubcid=98c49a0b-5748-453b-83db-44722e755269
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
689186408fd8ece557b754a36950896a6aff7b8345097af77ccaf7da69316771

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/243908/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/243908/0/mvo?z=1r&hbv=5.18,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		396 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.themarysue.com%2F
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d18cd6d89fd419b35c4a73f333b7ddd931bebba2550ccabf34c9cc69a10a4010
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
396
expires
0
xhr
pre.ads.justpremium.com/v/2.0/t/ 		44 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1642429506978
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.61.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-61-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7961a1433b796f1546f9e9c53ce2bfbaa7c91742773edad8d9fa5ddf71898f0a

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 17 Jan 2022 14:25:07 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
hb
ssc.33across.com/api/v1/ 		87 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1d25f21de7c2809c0eb89ec2a3e7451af3ebdd6e3cbc537718dce681ad6b9d95

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9e129afbfe295a8aba49e1e040b381da190441aefce0e289fd18dac2d3272eb8

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ea9c96c9285cf4e53561a30b7364754ae158a87fee5ceb101bfc0717002098a5

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7c0359e1423bf1b32dba6795b039e59446000b31a9458455a66a7b1e591e0663

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
771435dd7074e40438f788ed4ce49131e722c1c90b1292cfae2d288a21a4df6c

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1642429506980&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F&measurable=true&property=61aea1e3e80a27001e1bcc49&bids[0][bidId]=themarysue_728x90-1&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[1][bidId]=themarysue_160x600-1&bids[1][sizes][0][width]=160&bids[1][sizes][0][height]=600&bids[2][bidId]=themarysue_160x600-2&bids[2][sizes][0][width]=160&bids[2][sizes][0][height]=600&bids[3][bidId]=themarysue_300x250-1&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[4][bidId]=themarysue_300x250-2&bids[4][sizes][0][width]=300&bids[4][sizes][0][height]=250&bids[5][bidId]=themarysue_300x250-3&bids[5][sizes][0][width]=300&bids[5][sizes][0][height]=250&bids[6][bidId]=themarysue_300x600-1&bids[6][sizes][0][width]=300&bids[6][sizes][0][height]=600&bids[7][bidId]=themarysue_300x600-2&bids[7][sizes][0][width]=300&bids[7][sizes][0][height]=600&foo
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
5239ecc8df25c4f09a3e782c29b0e79e3a335617a4f4c40c05de250986d37abe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
x-powered-by
Express
etag
W/"38-/4nYcM0w0yQXrxRgC2/E5aAQ6lY"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
bid
ap.lijit.com/rtb/ 		115 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
24038ee6fd0b52b9df3a8d4c2bd0b55ba69b7ae3b5a2589dd7ecadb9978ac43e

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
111
cygnus
htlb.casalemedia.com/ 		58 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=756014&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22bdf91793-510a-44e0-a3de-b2694be9200e%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-K0xvi%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-K0xvi%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22160x600-1-TK5u6%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-TK5u6%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22160x600-2-LBnXe%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-LBnXe%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x250-1-x2ttj%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-x2ttj%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-rEsCS%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-rEsCS%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-yBEa5%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-yBEa5%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-4mOBS%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-4mOBS%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x600-2-NFvVe%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-NFvVe%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4fca4c6391f23a9fdb50d3058531c77370c59f23dea08b8c838fd9da6c4bdd89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
58
x-ak-client-geo
12
expires
Mon, 17 Jan 2022 14:25:07 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6hyebUJszkf3PkJLaMDzyhiq&bidId=6hyebUJszkf3PkJLaMDzyhiq&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=98c49a0b-5748-453b-83db-44722e755269&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 17 Jan 2022 14:25:07 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=dESAilA5HXF6Rz4cOVKZ8zRA&bidId=dESAilA5HXF6Rz4cOVKZ8zRA&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=98c49a0b-5748-453b-83db-44722e755269&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 17 Jan 2022 14:25:07 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=QxTtv6aap0y632t3ocsEAT7O&bidId=QxTtv6aap0y632t3ocsEAT7O&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=98c49a0b-5748-453b-83db-44722e755269&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 17 Jan 2022 14:25:07 GMT
access-control-allow-credentials
true
vary
Origin
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
774
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0BR13VRP87GANAB4KEPT
date
Mon, 17 Jan 2022 14:12:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mP-1LRPsneZjFxqLWuPO7XZhC7Ft3UI0dMJzX88iqP5y8VvgT17Jyg==
bid-request
a.teads.tv/hb/ 		16 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 17 Jan 2022 14:25:07 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0bb1eb07-d161-4f10-9468-c8f63a3fc62e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.18.0&referrer=https%3A%2F%2Fwww.themarysue.com%2F&tmax=1200
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.103.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-103-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
49b80a07ec5e8cf43f4db4bdc64edb5080cbe368ed777d4b135ae58798d97c94

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.18.0&cb=18061785569&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 17 Jan 2022 14:25:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		715 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=399458&zone_id=2234776&size_id=2%3B15%3B15%3B15%3B10&alt_size_ids=55%3B9%2C10%3B9%3B%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=dd923cd4-2992-40c4-9ee4-154fcd8f4558%3B3949579b-7415-4ba0-9fae-9d043db0e11f%3Bb820ad37-40df-47dc-8196-a5ff9ced9027%3Bb2bdd11a-3ddf-48e2-867c-545ce28f703f%3Bf2908a2c-a161-43e3-806a-48e6e3825bc2&p_screen_res=1600x1200&tg_fl.eid=2234776-5%3B2234776-2%3B2234776-3%3B2234776-4%3B2234776-1&rf=https%3A%2F%2Fwww.themarysue.com%2F&x_source.pchain=proper.io%3A48cb0d23-4635-11ec-91ed-06ef03bc0096&ppuid=98c49a0b-5748-453b-83db-44722e755269&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=98c49a0b-5748-453b-83db-44722e755269%5E1&rp_schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&slots=5&rand=0.006640899850155035
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3f9d64702654ac8bce049e494928bec39c789a1407ce879fe7a6df3adb8cfbfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
715
Expires
Wed, 17 Sep 1975 21:32:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F64B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
261919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:39:48 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 0CED 		67 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1642429507069&pKey=871880488&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.themarysue.com%2F&playerSize=720x405&schain=1.0%2C1!primis.tech%2C29569%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1642429506980068-366
Expires
Mon, 17 Jan 2022 14:25:07 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 0CED 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ Frame 0CED 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 17 Jan 2022 14:25:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vid61937d5fc2ee2835835883_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
d5bdfea83c1332f51bb70622bd72c493cff535b14db348aeafa647cb1d12b59b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 c3e656776c8a9f0e1ea24405ab1dcc84.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 09:51:38 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"f58866bbe1e4c8eec2559856291a0ca6"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:07 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1783
x-amz-cf-id
Hk8ki6iqSk77j_RKl-gZiaAvn0_EZ0CIuyM46Anja4u9_CC8_Zi5CA==
x-proxy-cache
HIT
vid61df2e1daa15b682313598_thumb.jpg
video.primis.tech/uploads/cn9/video/users/converted/29569/video_6192662ccd5fb839743211/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn9/video/users/converted/29569/video_6192662ccd5fb839743211/vid61df2e1daa15b682313598_thumb.jpg?cbuster=1642018637
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
f9527881e94959663d2fab50c6a349b951f9b4383cf2a554828055dc2c636126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
last-modified
Wed, 12 Jan 2022 20:20:42 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"2c17077ae2252ac1c7bf5871bf610975"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:07 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4531
x-amz-cf-id
Pn1OuhTMPZxFBcjc1ulVnqZ2JAhGXiRg32BV15m3qIabODbV8SYBRA==
x-proxy-cache
HIT
vid6192e59ba6733810325426_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192e59ba6733810325426_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
df4f3632c137908c059c07c2f89bec5c6ceb2ff174924664909fd6baafe2a629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 23:07:16 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"ba08f298fe0cca8ad48a60c03787a09b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:07 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2699
x-amz-cf-id
mvFJ55fDECDwKsBPkiaret60AxHBI64hynJBzPFFGovGHKgg6vCvtg==
x-proxy-cache
HIT
vid619266ac9e28c233859352_thumb.jpg
video.primis.tech/uploads/cn2/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/29569/video_6192662ccd5fb839743211/vid619266ac9e28c233859352_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
24b9dedd14370b96b36701131e76af8c2101b0f9ca445666912c98d2643b7977

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 14:11:41 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"043fd6fdc49a311a03e957fdf4358b60"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:07 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2420
x-amz-cf-id
3N86u78-T1QGZ7v7cTVcKbRdklP3VLvleN1S50gSfOH63GDPue2aKw==
x-proxy-cache
HIT
vid619374ce45c9d535454074_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid619374ce45c9d535454074_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
810a7d4211e18bcc8d8dc0918ead45a299d2375dc5e15b053ab996672d966205

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 09:09:50 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"d874ffe225bf541c6be56b904b4ef09e"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 14:25:07 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1416
x-amz-cf-id
ySl5TCkPnz5O7R-BkbUUOvy2gz-wCbeUF0REFTu_YiT_YgeqLH_AaA==
x-proxy-cache
HIT
pixel;r=2109366234;labels=type.article%2Ctitle.The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe%2Csite.%40TheMarySue;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2109366234;labels=type.article%2Ctitle.The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe%2Csite.%40TheMarySue;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.themarysue.com%2F;uht=2;fpan=1;fpa=P0-1028619136-1642429507093;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=themarysue.com;je=0;sr=1600x1200x24;dst=0;et=1642429507093;tzo=0;ogl=locale.en_US%2Csite_name.The%20Mary%20Sue%2Ctype.article%2Ctitle.The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe%2Cdescription.The%20Mary%20Sue%20is%20the%20premier%20destination%20for%20entertainment%20geeks%252C%20female%20or%20other%2Curl.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2F%2Cimage.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2Fwp-content%2Fuploads%2F2020%2F12%2Fthemarysue-defult-social%252Ej%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2Fwp-content%2Fuploads%2F2020%2F12%2Fthemarysue-defult-social%252Ej
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 Jan 2023 14:19:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		244 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c29961849a7671f9ab16fc32cbe0b82a1574f8586791d2447102a7757439bf7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138
x-xss-protection
0
expires
Mon, 17 Jan 2022 14:25:07 GMT
bundle.js
cdn.admatic.com.tr/user/ Frame 6798 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-199
cdn-cachedat
12/27/2021 09:53:15
cdn-pullzone
266102
server
BunnyCDN-DE1-756
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"604aed10-d908"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
edfb6b3c16a0b3d03a50c76fd32d4f38
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0CED 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
37381
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
date
Mon, 17 Jan 2022 04:02:07 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
_TmUq7Snd8R8ep0my-_fRtcp8S6RlC6lL3dWx140097xZEAh57L0kQ==
w_480_00000.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/ 		312 KB
313 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
7a25dfe494f71b8b1470977ee67d2a48e8313c4c5eb85cc10490421780d3bb6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
319788
last-modified
Tue, 16 Nov 2021 09:52:37 GMT
server
Tengine
etag
"d528046cb78dbb00dedb34d684bd5466"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
s2vmrLsP4gn-CkmwG3JHvfiKq4eoLEqXCml2Z9XYYDeNm8ykxG5iCQ==
expires
Mon, 31 Jan 2022 14:25:07 GMT
um
u-ams02.e-planning.net/ Frame 7B01
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dbb253e861238ca18
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=bb253e861238ca18
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=bb253e861238ca18
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=bb253e861238ca18
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 7B01 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dbb253e861238ca18%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
h3ko9h6ibh9bk9bov84mk659pa81obm3
ptag
a.audrte.com/ Frame 7B01 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6e71766e93a1d643494044996f1fea9a71b7d7918972b90e06624064fb25e7e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 7B01 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 16 Jan 2027 14:25:06 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 7B01
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dbb253e861238ca18
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 7B01
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dbb253e861238ca18%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=bb253e861238ca18&uid=5585149758427474447
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=bb253e861238ca18&uid=5585149758427474447
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dcc3f16d-7725-402d-a9d6-68ed812f9d45
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=bb253e861238ca18&uid=5585149758427474447
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uu
ih.adscale.de/ Frame 56BF
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1642429507
  • https://ih.adscale.de/uu?cbfn=receive&t=1642429507&nut&uu=f1242d1e926a4ceea224760e3c470708
44 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1642429507&nut&uu=f1242d1e926a4ceea224760e3c470708
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6442efd349b0762ef0a54984c1780acb19c724a41223c7044d48f2aaee56c5bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1642429507&nut&uu=f1242d1e926a4ceea224760e3c470708
date
Mon, 17 Jan 2022 14:25:07 GMT
content-length
0
3772ec14-f1be-4127-94c9-ded7e0c779af
https://www.themarysue.com/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.themarysue.com/3772ec14-f1be-4127-94c9-ded7e0c779af
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
usync.html
eus.rubiconproject.com/ Frame 6AA2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 17 Jan 2022 14:25:07 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Mon, 17 Jan 2022 14:25:07 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BAAA 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dbb253e861238ca18%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=81301
expires
Tue, 18 Jan 2022 13:00:08 GMT
date
Mon, 17 Jan 2022 14:25:07 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 0A65 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a6603111f46633367414c8d665c248e0c043a7a4d490c7f11f27fdf0b2166a41

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|81|13|88|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1798
Expires
Mon, 17 Jan 2022 14:25:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame A5CA 		1 KB
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf-rand
58.812
x-cf3
M
cf4age
0
x-cf-tsc
1641922213
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
accept-ranges
bytes
server
CFS 0215
x-cf1
29080:dA.waw1:co:1585621119:cacheN.waw1-01:D
/
onetag-sys.com/usync/ Frame 8897 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame D33C 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c83228e68021d6e61774b17a3e8903fd1c9fcbfb18a291918c67ebde40d7bd2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cf040442d4a0f7e-MXP
content-encoding
br
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8257806&ntv_pl=1024382
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=72417426-ec1e-40f4-bd21-2d1ed99790d6&ntv_fl=CF4se3gYGjAPzQcMJoAeWQqsPt2l_q8KQYbuXRZcjU_IhgnV0RT6SW9Zktn2QO7gWfZ8mSdJ26b_3CQajoCgZXcptzbP4cjMexHkh1A4wxeyWifsYADF4rF_BAxFC50s7zxjryduLe9dl6t_9i2q7MMc5MsURrOiSLRM4ZF-5RWZgTkqkg1x8495qKqM6SAf&ntv_ht=QnzlYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAfqEPA&ord=1642429507173&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=f6e80071-8cbf-4ce0-a092-800c544e718a&ntv_fl=CF4se3gYGjAPzQcMJoAeWQ4Ag_rEUY9escSf7g_EwDSabFRSXUxEQZfvcM07deQ8DRXKBJTi72vqNBidJeMfVGWewtVadvhCu4sDBPGaCedCglTXyVljt2KWGn4CcQNY4nSXFTPtQNyoVoiEUXOsHquQbqbrdImaNsqMxiYWkgsR3Us8kICDX5hO2VIUMVof&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAhlwQA&ord=1642429507175&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=1d4a5b18-9b03-4237-9879-88717a23d859&ntv_fl=CF4se3gYGjAPzQcMJoAeWd85f48hdcyhDBqA4yy99BAZ7vsWqVgkdLaIyb_EiCkZ83TfrFqChqjAkFCkGXGTfafGApCsAW079WlNMzWJ1jUmYykHZe4n4PqpcUuzo6Ra3LDw-hH1ZgcnnOaJUYD7A6vp10HxfZErtqbWXs1LDJ45cqNL6PQcpoOzrzppqqLJ&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAxvkQA&ord=1642429507175&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ae492e9e-323d-4015-92a1-ba4f50921ae5&ntv_fl=CF4se3gYGjAPzQcMJoAeWev-HfnNSWDD1Y73RyypuVZhNGvSiYpXE5Li9Q_klcDvOIOwUMC-yrTrqHvyBb6c2A2kwTqDORXNQ5ukQNUd6XnY2dV-jRh-owFdT6VfOiBMHYBkPYjIdUMXZ4RHgoUwmcHH1dw_QalB_cw_glIH_tzRvi4dhh5vESkKWPxdJgep&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAh1wQA&ord=1642429507175&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ae492e9e-323d-4015-92a1-ba4f50921ae5&ntv_fl=CF4se3gYGjAPzQcMJoAeWev-HfnNSWDD1Y73RyypuVZhNGvSiYpXE5Li9Q_klcDvOIOwUMC-yrTrqHvyBb6c2A2kwTqDORXNQ5ukQNUd6XnY2dV-jRh-owFdT6VfOiBMHYBkPYjIdUMXZ4RHgoUwmcHH1dw_QalB_cw_glIH_tzRvi4dhh5vESkKWPxdJgep&ntv_ht=QnzlYQA&ntv_at=323&ntv_a=AAAAAAAAAAh1wQA&ntv_jtr=3&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=a95e9e67-8cf7-45d3-b326-4ae71270f4ed&ntv_fl=CF4se3gYGjAPzQcMJoAeWad9BbOBKDv0xbROXKHnW30uWUjJhnd3q4jBKCoHnbE423le_Tfehn-c8cv4Y0LTBQ_se4ItCMfANEdDwMKzKPQ9szskczwdaMNbeFjRDWZu0z0_EeiTd9vaFJ4hQL8hNQFMFigTInYLE6TiJBASVH7jkCs-Bjw8eqmYHHhphKP6&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAx_kQA&ord=1642429507175&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=90d7c97d-e40e-4e50-b2bd-ab23c3682fe4&ntv_fl=CF4se3gYGjAPzQcMJoAeWdxnlwHUTI2-tyqwg-vGwE1aZtl8FIWnx_cPmUyoJdjMfZBlXdOgpPAYmCa6RxOvIHHN4i5jpo1SNJDPIUtkXOrly_sGmSrsn5KgbYxzk9jHJtNpg9kPPkGzU2YBrUQUZpPn-TZKUtmhcpvA_hDvacJwSHQ0P2ekO1eU6F4bdRpS&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAyPkQA&ord=1642429507176&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=e785425f-b9ed-47ca-99db-7798632d6096&ntv_fl=CF4se3gYGjAPzQcMJoAeWfIYZs2lgp8c1XBwScmMlav6ql04FUWxFEtPlLUMVFRcGa0X68tVMQeZ9qIDpiBqw5DCLfSO_JfyeXhLkZ2Rh2-qECQHrwaC_rHMNCGX66I7WdZ31sqNC2tr50NPF0yTmNLZnZr8EFZzwi_AHO3qt9CQ6X2iLuy-sKb5fLtoqzIC&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAeXcQA&ord=1642429507176&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=de0ec37a-3079-4357-930b-c5a7db300586&ntv_fl=CF4se3gYGjAPzQcMJoAeWcV_25sXK3RIEdmu5BV7I25B_TYl3ply8E0OeYIxITQXVLv5lZAYgm94J4Y-rSRCJHdRQaFlIKh4JCBRXWoOG7nq-29vW0_-UHUqkUw1CVSIAzwTdX6hL1KgqTAaOzRlGeC4Nks1M1kQ1wwY_Lq8i5E0HC7_qbRVMe_yE2bMp2Ch&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAyfkQA&ord=1642429507176&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=21af358d-d116-43c4-9348-db5886a6ecc6&ntv_fl=CF4se3gYGjAPzQcMJoAeWT8Uf4COhGFhQJXqFSGPJgJvC9f5qBIA1bfts1Fjy5Qm26-PaQYiIOrAl7GsNwCZG874rzEtLDd-8qoLdu0z_yk2kyskkR6wnwrmes1pQweSHtaxQT5zLxMdWU4WODuCz7L_3MtlXrIl0ZEdgbLjntUZq9niMxxRt3_79RPUwH3J&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAencQA&ord=1642429507177&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=21af358d-d116-43c4-9348-db5886a6ecc6&ntv_fl=CF4se3gYGjAPzQcMJoAeWT8Uf4COhGFhQJXqFSGPJgJvC9f5qBIA1bfts1Fjy5Qm26-PaQYiIOrAl7GsNwCZG874rzEtLDd-8qoLdu0z_yk2kyskkR6wnwrmes1pQweSHtaxQT5zLxMdWU4WODuCz7L_3MtlXrIl0ZEdgbLjntUZq9niMxxRt3_79RPUwH3J&ntv_ht=QnzlYQA&ntv_at=323&ntv_a=AAAAAAAAAAencQA&ntv_jtr=5&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=f6300a40-5732-422f-bb40-85a71542e4c5&ntv_fl=CF4se3gYGjAPzQcMJoAeWQOmprLsHgIeqn35TTWxZGLaOfGc81IjGkTKiXe26VKa62DtywRxJaPfNKYZ-Uyu9QDxrSp5kf4GbogYV5ZHET3qBFGzDCBrYDhtr17HcCeM_8-d1LndWUAXO0gAVEmvBr49XsfjlAcsrxfhvQTQvR9ht97l779i84OCKuVitCP3&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAyvkQA&ord=1642429507177&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=d56d54f6-d9eb-425a-991c-32abcc8e37fb&ntv_fl=CF4se3gYGjAPzQcMJoAeWSIA6C_GZiyvPqB7KBp42aWYReMRQ84a4aZCJSHRuahmDiBuFjPczL6dwn9oNjUQyA66mhvjO6EWAvm5r0Pj_nmBPas35U7tChv76vwbpu7EDNWiF2koeI5jeXMcco5xP3AUR2DrPph9e7gjPlS9H3o_hA5ZFrELztNZ1bqQeLCz&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAPPwQA&ord=1642429507177&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=10599ff0-8a14-40de-8394-1407ae83691c&ntv_fl=CF4se3gYGjAPzQcMJoAeWej5eXZ_sJQFyBOSWHNXWkJVfXMg4zXANWLmpszpRpLF41g0Vc140UlogUIYhXIhTs01tpjSGXIIMFNaObSeh2CEQgrvuJyG4UNIDcte7Nj6gD_EL60oJdbB1sve2chE4MJo3KXerHySt78MZZQXmErMZHh-_P7KBUhqKFRVb9Sj&ntv_ht=QnzlYQA&ntv_at=303&ntv_a=AAAAAAAAAAvfkQA&ord=1642429507177&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1024382&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame 5732
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 17 Jan 2022 14:25:08 GMT
Content-Length
0
Etag
43e9f44424995545

Redirect headers

date
Mon, 17 Jan 2022 14:25:07 GMT Mon, 17 Jan 2022 14:25:07 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=I6zw7ldhv7hKYSxvThFB&pi=admatic
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame DC44 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d1eb1d8d03148dbe8f4bc6cbe6d598a26f07192f26d0b705e0e17d875dd074a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Mon, 17 Jan 2022 14:25:07 GMT
x-sid
AMS-745
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7437 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=81301
expires
Tue, 18 Jan 2022 13:00:08 GMT
date
Mon, 17 Jan 2022 14:25:07 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 4633 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
x-amz-version-id
6Aq591PsFKZg.nhWoLRNYsxuGl0lv087
server
AmazonS3
content-encoding
gzip
date
Mon, 17 Jan 2022 13:20:39 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
AxIFctLnfZojtN60Y4A2wuEmam9svP1QbYwQIqNTrHaq87Eqw8g0qA==
age
3869
cookie
cm.adform.net/ Frame 6DD2 		43 B
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 0FA0 		251 B
657 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
SE
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-storageserver
DE-51
cdn-fileserver
141
cdn-proxyver
1.02
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-cachedat
12/27/2021 07:28:04
cdn-edgestorageid
756
cdn-status
200
cdn-requestid
23dca6478cc85773a278c7e2881b844a
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame C859 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 17 Jan 2022 14:25:08 GMT
Content-Length
0
Etag
43e9f44424995545
csync
sync.console.adtarget.com.tr/ Frame AD15 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
VertaMedia 1.0
Etag
43e9f44424995545
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame AD15 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
VertaMedia 1.0
Etag
43e9f44424995545
Content-Length
43
Content-Type
image/gif
user
ads3.admatic.com.tr/ Frame 6798 		75 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
8d47a45f2f8909a17fd936e7ba3c71511aeb7b67d23bbfed442956e8fc62ea4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
application/json; charset=utf-8
server
AdMatic
x-powered-by
AdMatic
vary
Origin
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
content-length
75
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
37381
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
date
Mon, 17 Jan 2022 04:02:07 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ouOaEqVorVLBhFcO6XKuIfrmJDu3httOtwX9abzVD5fXCyuWzgGejQ==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.themarysue.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
831eaf6f1c288f766382de0ff923046ec00f3e7346af39b1849c0630203215ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 10:10:21 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
server
Server
age
15286
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
1123
x-amz-cf-id
-o5nQRBUf6spx9yIGM8KVaAhlxU6fTA9HbdviojMewXsLR4vjO81bw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.themarysue.com%2F&pid=oQkoBX9pnzdcK&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
CVQ8VD3P9E11E3ET25ZP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
UKR55ZVhGG4NKgNYJk2A50HzT3FwJtqJKnpK_YRGtyyhpuDAoo3VIQ==
bundle.js
cdn.admatic.com.tr/user/ Frame 0FA0 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-199
cdn-cachedat
12/27/2021 09:53:15
cdn-pullzone
266102
server
BunnyCDN-DE1-756
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"604aed10-d908"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
250fa81c21100a4a9d88a116370551b8
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
um
u-ams02.e-planning.net/ Frame DC44
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D470ec50ddf821be1
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=470ec50ddf821be1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=470ec50ddf821be1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=470ec50ddf821be1
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame DC44 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D470ec50ddf821be1%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
aq34e5bd88p7rtet5880dmulra4ot3at
ptag
a.audrte.com/ Frame DC44 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6e71766e93a1d643494044996f1fea9a71b7d7918972b90e06624064fb25e7e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame DC44 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 16 Jan 2027 14:25:06 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame DC44
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D470ec50ddf821be1
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame DC44
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D470ec50ddf821be1%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=470ec50ddf821be1&uid=5585149758427474447
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=470ec50ddf821be1&uid=5585149758427474447
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
587364de-3798-4ff6-a8db-85fdc1d6a4e3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=470ec50ddf821be1&uid=5585149758427474447
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0A65 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0A65
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VSCMS9NE23QF1ZZ8TPBS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F1TBMDKNR4YH3D088TDD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0A65
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YeV8Qoog6kSjYDIORdrQ6QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFtvCAtukmZcjfKM5XYMPoQ&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFtvCAtukmZcjfKM5XYMPoQ&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 17 Jan 2022 14:25:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFtvCAtukmZcjfKM5XYMPoQ&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0A65 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 0A65
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=f7FT0H7jAtZksVSEceMb0S-2DoFk4gTWcbFI3pWq
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=f7FT0H7jAtZksVSEceMb0S-2DoFk4gTWcbFI3pWq
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 17 Jan 2022 14:25:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=f7FT0H7jAtZksVSEceMb0S-2DoFk4gTWcbFI3pWq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame 0A65 		0
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 0A65 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642429507.389335,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mxp6935-MXP
CookieIndex
rtb.adentifi.com/ Frame 0A65 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.55.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-55-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
um
u-ams02.e-planning.net/ Frame 0A65 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=bb253e861238ca18&uid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbb253e861238ca18%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
server
openresty
content-type
image/gif
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-31.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
72861
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Sun, 16 Jan 2022 18:10:47 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
QHlEjKZ8YpWvcEsWsIqEkm2qu5G8YV1nC7l7uOEIwacrwuLL_flgZA==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Mon, 17 Jan 2022 14:14:42 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10430
x-request-id
467275700
userconnect.js
js.adscale.de/ Frame 56BF 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
.aJwg_KmjGd9NAOcsIdaU7E4wOJILkbc
content-encoding
br
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
server
AmazonS3
age
2153
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 17 Jan 2022 13:49:14 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
lf7Co26HtTbjTunmdNmtU_x83V8a8_96LlEWNdXrYc9s0kftMd6DWg==
csync
sync.console.adtarget.com.tr/ Frame 56BF 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=f1242d1e926a4ceea224760e3c470708
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
VertaMedia 1.0
Etag
80d2f13afe66f851
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 6AA2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c401d531fdcab348299740e6fdadd87d77c7aca6ffb45c675b96bfd9f1daa1aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:16 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=56729
content-type
text/html; charset=UTF-8
content-length
9703
expires
Tue, 18 Jan 2022 06:10:36 GMT
csync
sync.console.adtarget.com.tr/ Frame 4633 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=f1242d1e926a4ceea224760e3c470708
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
VertaMedia 1.0
Etag
80d2f13afe66f851
Content-Length
0
userconnect.js
js.adscale.de/ Frame 4633 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
.aJwg_KmjGd9NAOcsIdaU7E4wOJILkbc
content-encoding
br
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
server
AmazonS3
age
2153
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 17 Jan 2022 13:49:14 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
OvCu26gY2Q5tuvCyNsE7_gjttEBW_PDWOe-C-bjXXzTC7n6PIgLWig==
usync.html
eus.rubiconproject.com/ Frame C687
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 17 Jan 2022 14:25:07 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Mon, 17 Jan 2022 14:25:07 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA58 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D470ec50ddf821be1%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=81301
expires
Tue, 18 Jan 2022 13:00:08 GMT
date
Mon, 17 Jan 2022 14:25:07 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 4831 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
281796d5fd28a4535ef870e4638f6f21ef342a7a226dd35a3a093db3d60511b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|4|130|191|51|176|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1347
Expires
Mon, 17 Jan 2022 14:25:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 0B53 		1 KB
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf-rand
58.812
x-cf3
M
cf4age
0
x-cf-tsc
1641922213
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
accept-ranges
bytes
server
CFS 0215
x-cf1
29080:dA.waw1:co:1585621119:cacheN.waw1-01:D
/
onetag-sys.com/usync/ Frame ECB1 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame A3FB 		530 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5abba60a16d278195ad694ce1a6fb7622c2a2ade1bc76e021c970d20205ae828

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cf04044deab0f7e-MXP
content-encoding
br
getuid
ib.adnxs.com/ Frame D33C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame D33C 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=5dfecd54-82c4-48c1-9901-065929d583b9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5dfecd54-82c4-48c1-9901-065929d583b9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf04045880b0f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=5dfecd54-82c4-48c1-9901-065929d583b9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame D33C 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df...
  • https://mwzeom.zeotap.com/mw?cid=0b51a042-55eb-419b-9d1a-588097b5dbef&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0b51a042-55eb-419b-9d1a-588097b5dbef&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf04045d8b10f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=0b51a042-55eb-419b-9d1a-588097b5dbef&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame D33C 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
27
date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1642429507.402969,VS0,VE27
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6928-MXP
u
dmp.v.fwmrm.net/ad/ Frame D33C 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f608:75dc:ec20:a692:551 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D33C 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=5bdc6f4e-1fcc-4cf7-b82c-b1a75d4d6f66&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5bdc6f4e-1fcc-4cf7-b82c-b1a75d4d6f66&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf04045f9110f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=5bdc6f4e-1fcc-4cf7-b82c-b1a75d4d6f66&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=62451f14-e505-4f35-4b78-2b62bb367f61&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=62451f14-e505-4f35-4b78-2b62bb367f61&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=41965462099077558390676927975621826688&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=41965462099077558390676927975621826688&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf0404609210f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v026-0a67b47cd.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
JWxhzcirTkA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=41965462099077558390676927975621826688&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame D33C 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=62451f14-e505-4f35-4b78-2b62bb367f61&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022011715-35191-0.094866001642429501-c758fd18e48c4d45628f001417dd79c3&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022011715-35191-0.094866001642429501-c758fd18e48c4d45628f001417dd79c3&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf04045b88a0f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022011715-35191-0.094866001642429501-c758fd18e48c4d45628f001417dd79c3&zdid=533&env=mWeb
Date
Mon, 17 Jan 2022 14:25:01 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7054181018560493717&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7054181018560493717&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf04045b88c0f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7054181018560493717&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame D33C 		95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=62451f14-e505-4f35-4b78-2b62bb367f61
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=62451f14-e505-4f35-4b78-2b62bb367f61&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=62451f14-e505-4f35-4b78-2b62bb367f61&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=tZAKUCniJFsw0gPpK6pg/.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=tZAKUCniJFsw0gPpK6pg/.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf0404609240f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
last-modified
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=tZAKUCniJFsw0gPpK6pg/.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame D33C 		36 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=62451f14-e505-4f35-4b78-2b62bb367f61&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.104 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=62451f14-e505-4f35-4b78-2b62bb367f61?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=62451f14-e505-4f35-4b78-2b62bb367f61?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=96ff8ae2ab71f5ed9ced8076b48dd725&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-58...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=96ff8ae2ab71f5ed9ced8076b48dd725&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf04046ba8b0f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=96ff8ae2ab71f5ed9ced8076b48dd725&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
cache-control
no-cache
x-server
10.45.5.249
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-1tP..J1E2ooHh6zUSoKKqjsGPjnlm4kVNA--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-1tP..J1E2ooHh6zUSoKKqjsGPjnlm4kVNA--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf04046ba8c0f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 17 Jan 2022 14:25:07 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-1tP..J1E2ooHh6zUSoKKqjsGPjnlm4kVNA--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3hCRgwaNA7CCB4lfvxuSvcOHpHV21lmn%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3hCRgwaNA7CCB4lfvxuSvcOHpHV21lmn%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf040467a2d0f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3hCRgwaNA7CCB4lfvxuSvcOHpHV21lmn%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame D33C 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=62451f14-e505-4f35-4b78-2b62bb367f61&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame D33C 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.13.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1642429507
x-served-by
beacon-n001-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D33C 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=62451f14-e505-4f35-4b78-2b62bb367f61&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame D33C 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642429508.532585,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mxp6935-MXP
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=926f61e5-7c43-4e00-9cf8-caee62b89e54&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f966015...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=926f61e5-7c43-4e00-9cf8-caee62b89e54&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf040471b650f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
MT3 4133 baa842e master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=926f61e5-7c43-4e00-9cf8-caee62b89e54&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 17 Jan 2022 14:25:06 GMT
usermatch.gif
beacon.krxd.net/ Frame D33C
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf30072...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
54.154.13.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1642429507
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
date
Mon, 17 Jan 2022 14:25:07 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame D33C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=62451f14-e505-4f35-4b78-2b62bb367f61&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b7...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=62451f14-e505-4f35-4b78-2b62bb367f61&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b7...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=62451f14-e505-4f35-4b78-2b62bb367f61&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0THFH59NBNFBSB83D829
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BFPK061MBSAJGS0T49AD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=62451f14-e505-4f35-4b78-2b62bb367f61&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame D33C 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=62451f14-e505-4f35-4b78-2b62bb367f61&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame D33C
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D624...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf04046aa780f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
date
Mon, 17 Jan 2022 14:25:07 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame D33C 		557 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c178073716b435c57d3418ff15d5d8e359b6927cc1e90843e22e2472b5407e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6cf04044eee10f7e-MXP
date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 17 Jan 2022 14:25:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
user
ads3.admatic.com.tr/ Frame 0FA0 		75 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
8d47a45f2f8909a17fd936e7ba3c71511aeb7b67d23bbfed442956e8fc62ea4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
application/json; charset=utf-8
server
AdMatic
x-powered-by
AdMatic
vary
Origin
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
content-length
75
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6AA2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=KYIS4EEX-12-JYNB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
userconnect
ih.adscale.de/ Frame 56BF 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1642429507385&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-length
149
content-type
application/javascript
userconnect
ih.adscale.de/ Frame 4633 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1642429507387&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-length
149
content-type
application/javascript
new
ads3.admatic.com.tr/user/ Frame 6798 		169 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
edbb8a65f9cb56a2b3c1ed0ea50c28a9c1c3823a9a6798b0aa65fb6b7e80e07d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 14:25:07 GMT
etag
UomLxdg--rRwyvypssdcPAyFG5aeC90M0gEjDZJeA_jbCKEQ9AU1pbyFwi8dNk2v9AEUxDSKZO4Vxcn6APPohg
last-modified
Mon, 17 Jan 2022 15:25:07 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
169
new
ads3.admatic.com.tr/user/ Frame 0FA0 		169 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
3ab1b8eee3f73970ddf274b5ffc0deab10f568138658e7ed9e89b90018f1d704

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 14:25:07 GMT
etag
a80TbAwx3BG52QvOd3y_yENKm_Zq_CsWXAyNi5JqTUFNoTeAtqXFFUnDLbQ2qRbcJ6fgel4AXe-U1CC35Z4AsQ
last-modified
Mon, 17 Jan 2022 15:25:07 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
169
getuid
secure.adnxs.com/ Frame 4831 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4831 		43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YeV8Qoog6kSjYDIORdrQ6QAABKMAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:7fb0:fdcc:4343:870d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 4831
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7417070056426588851
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7417070056426588851
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 17 Jan 2022 14:25:07 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7417070056426588851
pragma
no-cache
date
Mon, 17 Jan 2022 14:25:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4831
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHDSE7DyvkAAECYZLj0pQ&expiration=1643639107&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHDSE7DyvkAAECYZLj0pQ&expiration=1643639107&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 17 Jan 2022 14:25:07 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHDSE7DyvkAAECYZLj0pQ&expiration=1643639107&gdpr=1
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
index
dmp.brand-display.com/cm/api/ Frame 4831 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
last-modified
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 17 Jan 2022 14:25:08 GMT
sync
x.bidswitch.net/ Frame 4831 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.179.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
113
match.deepintent.com/usersync/ Frame 4831 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-length
0
server
a
crum
dsum-sec.casalemedia.com/ Frame 4831
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 17 Jan 2022 14:25:07 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx/1.20.0
content-length
76
um
u-ams02.e-planning.net/ Frame 4831 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=470ec50ddf821be1&uid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D470ec50ddf821be1%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
server
openresty
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame C687 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c401d531fdcab348299740e6fdadd87d77c7aca6ffb45c675b96bfd9f1daa1aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:16 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=56729
content-type
text/html; charset=UTF-8
content-length
9703
expires
Tue, 18 Jan 2022 06:10:36 GMT
cmp
spl.zeotap.com/ Frame D33C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cf040456fd50f7e-MXP
/
geo.privacymanager.io/ 		28 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 05:02:24 GMT
via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
age
33763
x-amzn-requestid
859d934d-0b4e-49bf-aa36-ed0a17274a1c
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61e4f860-230d3aa83cc11b852310ee80;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA53-C1
x-amz-apigw-id
MEu_DEprjoEF3qg=
content-length
28
x-amz-cf-id
M3PIi7dVgvD8ZlXRee_OjGCnF-EZ5K9bvzv7ZbhIduzE4gfpv7K-7A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
mw
mwzeom.zeotap.com/ Frame A3FB
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D624...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=df5e0fb0-23c7-42c3-635e-a663d5e5448a&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=df5e0fb0-23c7-42c3-635e-a663d5e5448a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cf040467a200f7e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=df5e0fb0-23c7-42c3-635e-a663d5e5448a&zdid=1361
date
Mon, 17 Jan 2022 14:25:07 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame A3FB 		557 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=df5e0fb0-23c7-42c3-635e-a663d5e5448a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1742d9360d9749cfdfb46de62c892caf0b2468720840a0370bdab52a5f13231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6cf040457fe30f7e-MXP
date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 17 Jan 2022 14:25:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
map
ih.adscale.de/ Frame EB99 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a97fe30ad5748e17e04a4bb382417602a53b4779363920e0b1469260dd32dedd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
map
ih.adscale.de/ Frame 66E9 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9cf72f1fca9111f4a1b4130d5b95848ac556b822f489c51305f11e5f23a3d04f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
w_480_00001.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/ 		338 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
c000f8b67ac8b8b9e1f54b28bd980a8941087173eaf0cdee1fc4d411c25df7c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 312b9f49a05a10af1e6462e1c59bae9a.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
345732
last-modified
Tue, 16 Nov 2021 10:01:07 GMT
server
Tengine
etag
"abd988985fc09721fffde8a577e47d23"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
ak0El5eM0pzIy3Kwy7IYLSvYgYQBB240XHcdVfTh0UYlDugu8uofrA==
expires
Mon, 31 Jan 2022 14:25:07 GMT
csync
sync.console.adtarget.com.tr/ Frame 6798 		0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=rjwACAaw2F6OG8WC-7A2pW4U8PUMEB7xWivFy9MTMAQOlf-EK9DlrIythpwMet3HUpeImY-2i2YgE1LeUNig0A
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
VertaMedia 1.0
Etag
0dea4c5f78ee9bb8
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 0FA0 		0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=OaV80tSQTrNhYzoE4Kswaz9BI4jTrDrG3r2BnmOikBEXdzx5fZyfOnbMt8Bwe0i8dR5MwQQh0LFMJwlFvpOw6w
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:09 GMT
Server
VertaMedia 1.0
Etag
0dea4c5f78ee9bb8
Content-Length
0
709414.gif
id.rlcdn.com/ Frame 6AA2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
v1
ads.yahoo.com/cms/ Frame 6AA2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYIS4EEX-12-JYNB&sigv=1&esig=2~2126b44ae990f31ff00631f626cc11d4e718204e
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYIS4EEX-12-JYNB&sigv=1&esig=2~2126b44ae990f31ff00631f626cc11d4e718204e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYIS4EEX-12-JYNB&sigv=1&esig=2~2126b44ae990f31ff00631f626cc11d4e718204e
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6AA2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjdjOWVmZTk1OWE3OGQzNWM1YzU3ODcxMGQzOWRlYzhmYTc2NjQzMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjdjOWVmZTk1OWE3OGQzNWM1YzU3ODcxMGQzOWRlYzhmYTc2NjQzMA
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjdjOWVmZTk1OWE3OGQzNWM1YzU3ODcxMGQzOWRlYzhmYTc2NjQzMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6AA2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ymEaLVTl5QT0BPhU2NK-EMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1854281649878674696
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1854281649878674696
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Mon, 17 Jan 2022 14:25:07 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1854281649878674696
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 6AA2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM5r2NdRJnZbyqxxkD7XuoY&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM5r2NdRJnZbyqxxkD7XuoY&google_cver=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM5r2NdRJnZbyqxxkD7XuoY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6AA2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJUzRFRVgtMTItSllOQg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJUzRFRVgtMTItSllOQg==
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lJUzRFRVgtMTItSllOQg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6AA2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=151761e5-7c43-4500-8123-b027c158ae2f
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=151761e5-7c43-4500-8123-b027c158ae2f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
MT3 4133 baa842e master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=151761e5-7c43-4500-8123-b027c158ae2f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Jan 2022 14:25:06 GMT
btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 6AA2 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642429507.497675,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mxp6935-MXP
cmp
spl.zeotap.com/ Frame A3FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=df5e0fb0-23c7-42c3-635e-a663d5e5448a&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=df5e0fb0-23c7-42c3-635e-a663d5e5448a&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cf04045d8b60f7e-MXP
match.js
js.adscale.de/ Frame EB99 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
fd5SxP75_inNwuwuiiECHv1D808VkMYU
content-encoding
br
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
server
AmazonS3
age
3312
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 17 Jan 2022 13:29:56 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
p8FmDD-jk4PUXMYPXLiofaxS7wlhykcpEZMdx7XR5MS5ZRTFSqTbNA==
match.js
js.adscale.de/ Frame 66E9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
fd5SxP75_inNwuwuiiECHv1D808VkMYU
content-encoding
br
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
server
AmazonS3
age
3312
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 17 Jan 2022 13:29:56 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ZvdzBnXseLsIQ17fWWMi-GrA-1dF_AaSk_IJ169PcmUG1HfjFNqHsA==
w_480_00001.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/ 		257 KB
258 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
673ff2f2ffe9975d2042432684eda48fa15a0db2e8d6cb94495d4d3201340c25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 fac12edd3ea2d7d16f6e74eebe042dcc.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
263388
last-modified
Tue, 16 Nov 2021 09:52:37 GMT
server
Tengine
etag
"97f4215709e49eb506a65c5bc5c682a8"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
wJMY1MuE5_UrnKsakV-LCh-aatDZcr7G-usafvjMoNyRP_QKbbEvUQ==
expires
Mon, 31 Jan 2022 14:25:07 GMT
img
ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/ Frame EB99
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=f1242d1e926a4ceea224760e3c470708&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=101&tpuid=BBID-01-03171435075825673-16501464
49 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=101&tpuid=BBID-01-03171435075825673-16501464
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=101&tpuid=BBID-01-03171435075825673-16501464
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
img
ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/ Frame 66E9
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=f1242d1e926a4ceea224760e3c470708&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=101&tpuid=BBID-01-03171435075845009-16501464
49 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=101&tpuid=BBID-01-03171435075845009-16501464
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=101&tpuid=BBID-01-03171435075845009-16501464
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
w_480_00002.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/ 		359 KB
360 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
fd39c42a8ebfeb721aa964bf2ac344ae3240481310c3225f253ff7cd60eedcbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
367540
last-modified
Tue, 16 Nov 2021 10:01:07 GMT
server
Tengine
etag
"587672bc045b8bd056699dcb9e0eca8d"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
MKl1uzBj6Plm6d-ncQRJvOTXtj8HVcKtPJMqTgizmZqKBgstjhWVtA==
expires
Mon, 31 Jan 2022 14:25:07 GMT
s2s
eb.proper.io/ 		373 B
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a927693b353317cfd18f94a5ff3f3bcdc6513ac06b3546b7bf73465cb39ba7aa

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:151
cf-ray
6cf040466cd43745-MXP
expires
-1
w_480_00002.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/ 		331 KB
332 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
d673d47d14f8871da620dea403a92edcfa0248dbe08c712a388840a43d1fe48f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
content-length
339152
last-modified
Tue, 16 Nov 2021 09:52:37 GMT
server
Tengine
etag
"88c65e66d39ed87c30df571b97623d1f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
JOYi3YW3_ODgnxrX13IWDNFynLGuoqtfh1SzjqqEP9tJY9TNKGoOrg==
expires
Mon, 31 Jan 2022 14:25:07 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame 7B01 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 02:47:15 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
41873
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
xQ6YR4NVw5SeuBzAzozJAalkMW94N99UVa5gKoFoNB4zM4RAo5jeXw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 25DC 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sat, 16 Jan 2027 14:25:06 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 60F2 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ACRZk8OK9%2f0kaB0L
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Mon, 17 Jan 2022 14:25:08 GMT
Content-Length
0
Etag
169a2157a1e1b68f
GS.d
js.cookieless-data.com/ Frame 25DC 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1642429507610
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
w_480_00003.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/ 		316 KB
317 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
fcd3940376fa3329655d425fcbaf919e3d5065680b8c27c329b52cfea165e038

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
323360
last-modified
Tue, 16 Nov 2021 10:01:07 GMT
server
Tengine
etag
"ed66232eccd8ebe798c85197a9141cdc"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
41oE996EclBWsb6N16qet5d5uqLOWQ1kDtKmpCbYSY4DsOoXcKsr6A==
expires
Mon, 31 Jan 2022 14:25:07 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 66E9
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=cf42bb72c5e7ef3771476b2d1...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
49 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Mon, 17 Jan 2022 14:25:07 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame EB99
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=cf42bb72c5e7ef3771476b2d1...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
49 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YeV8Qoog6kSjYDIORdrQ6QAA%261187
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Mon, 17 Jan 2022 14:25:07 GMT
w_480_00003.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/ 		287 KB
288 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
a9a9660bfecf4235369b01301285993aaca1700df285c2d13d73e6a803971232

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
293844
last-modified
Tue, 16 Nov 2021 09:52:37 GMT
server
Tengine
etag
"64a87341f3da65cd398b01bfe1cb804c"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
oBsdGsBJV-iSFbuFhsRioU0JicXeefveffIJ3P8YMITC2m1cCbxlLQ==
expires
Mon, 31 Jan 2022 14:25:07 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame DC44 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 02:47:15 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
41873
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ad0RNOtz_6HT9xhDcjUEetuWNhALLU0q7lI8TNNWN2vEugyKf_Ivag==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame BC75 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Mon, 17 Jan 2022 14:25:06 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sat, 16 Jan 2027 14:25:06 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 0740 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ACRZk8OK9%2f0kaB0L
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Mon, 17 Jan 2022 14:25:08 GMT
Content-Length
0
Etag
169a2157a1e1b68f
w_480_00004.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/ 		353 KB
353 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
6d4a3b22a354fb82584105bb451d3c8f3c55c436fe6c0b396e34108480783531

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 2e44a3b2c1d0f478404fb20d9971a778.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
360960
last-modified
Tue, 16 Nov 2021 10:01:07 GMT
server
Tengine
etag
"949a708b32fd43d8ec08ddaab6742de5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
7VfnvEKoQ81GWaBSNhrF_ctxrhVbHEFp2ZEQeP2LpiaO8nV6AdQj4Q==
expires
Mon, 31 Jan 2022 14:25:07 GMT
img
ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/ Frame 66E9
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=9649dbb39a8808f04cee553431f64e8411ce067b3b6064d888e57927f4fa80c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=9649dbb39a8808f04cee553431f64e8411ce067b3b6064d888e57927f4fa80c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd847339...
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=42&gdpr=0&tpuid=8396081303094538686
49 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=42&gdpr=0&tpuid=8396081303094538686
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx
location
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=42&gdpr=0&tpuid=8396081303094538686
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
w_480_00004.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/ 		281 KB
282 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
bc922b19f9686942646092f52dec45d91d6df4a5648ca3c5a03e2d7c8a3d44f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
288016
last-modified
Tue, 16 Nov 2021 09:52:37 GMT
server
Tengine
etag
"13e31a363de7fa927a2eecfb9d29b908"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
hHq3glc1HLktrKI6ZgsH_99Gt_W9RumcDl3JJXvr4mH1Mp1BapdWyQ==
expires
Mon, 31 Jan 2022 14:25:07 GMT
img
ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/ Frame EB99
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=9649dbb39a8808f04cee553431f64e8411ce067b3b6064d888e57927f4fa80c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=9649dbb39a8808f04cee553431f64e8411ce067b3b6064d888e57927f4fa80c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a18...
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=42&gdpr=0&tpuid=6905369395768256520
49 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=42&gdpr=0&tpuid=6905369395768256520
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
nginx
location
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=42&gdpr=0&tpuid=6905369395768256520
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
GS.d
js.cookieless-data.com/ Frame BC75 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1642429507745
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
w_480_00005.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937f187eee2599881366.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
70097e69b8c332a8fe6c1d64ab71ddc0e8944f86c2e496ad0bc1cca529135d36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
374684
last-modified
Tue, 16 Nov 2021 10:01:07 GMT
server
Tengine
etag
"1d35ba379995b3eca440f38b831b49d0"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
k6ffMAdOBir4CsosBB8_OAD0LtR4mOEoepm-2qkuSnw2LLwm6gOx1g==
expires
Mon, 31 Jan 2022 14:25:07 GMT
w_480_00005.ts
video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/ 		288 KB
288 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn3/video/users/hls/29569/video_6192662ccd5fb839743211/vid61937d5fc2ee2835835883.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
af579584a624e4edfbeb45e4ec3b46e57dcf9cabae44a51913640c1fef0626c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
294596
last-modified
Tue, 16 Nov 2021 09:52:37 GMT
server
Tengine
etag
"86c9192f0477010d1295879c9a0982d8"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
oimfnCXeZtgICst2x9sBI64Ohae-JtKLEVgVM6NE9EuEJ4lGK2-jUQ==
expires
Mon, 31 Jan 2022 14:25:07 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 66E9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa6e427c-edc3-41cd-93a2-a09e2008c82a&gdpr=0
49 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa6e427c-edc3-41cd-93a2-a09e2008c82a&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa6e427c-edc3-41cd-93a2-a09e2008c82a&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3405905
content-length
0
expires
Mon, 17 Jan 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame EB99
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4bc6371b-bae8-48cb-931e-3dde37e9b6cb&gdpr=0
49 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4bc6371b-bae8-48cb-931e-3dde37e9b6cb&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4bc6371b-bae8-48cb-931e-3dde37e9b6cb&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1569284
content-length
0
expires
Mon, 17 Jan 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame EB99
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=eff9daad27734519a46d529a...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
49 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Jan 2022 14:25:06 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 66E9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=eff9daad27734519a46d529a...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
49 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 17 Jan 2022 14:25:07 GMT
Server
MT3 4133 baa842e master cdg-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Jan 2022 14:25:06 GMT
img
ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/ Frame EB99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66b...
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&gdpr=0&tpuid=CAESEEc3RAZXARufti-PtRS3A-I...
49 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&gdpr=0&tpuid=CAESEEc3RAZXARufti-PtRS3A-I&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&gdpr=0&tpuid=CAESEEc3RAZXARufti-PtRS3A-I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/ Frame 66E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10d...
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&gdpr=0&tpuid=CAESEEc3RAZXARufti-PtRS3A-I...
49 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&gdpr=0&tpuid=CAESEEc3RAZXARufti-PtRS3A-I&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?uid=7df68dafb10a8a6940a60b6b0842f63458bb6a97d2f80126ff75d95756a52394&tpid=38&gdpr=0&tpuid=CAESEEc3RAZXARufti-PtRS3A-I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/ Frame EB99
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842a187789d0102d67d76%2F1642429507439%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=75&tpuid=5585149758427474447&gdpr=0
49 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=75&tpuid=5585149758427474447&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:08 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 865.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9ff61e5d-9e0a-4b1a-969d-c0c208f05cae
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/img?tpid=75&tpuid=5585149758427474447&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/ Frame 66E9
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd8473391da9c5f2e30af73%2F1642429507441%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=75&tpuid=5585149758427474447&gdpr=0
49 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=75&tpuid=5585149758427474447&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:08 GMT
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 865.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c35cfa46-4158-45f1-9fbb-081c66d59ba2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/img?tpid=75&tpuid=5585149758427474447&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
js
ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/ Frame EB99
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=df5f37f702a02a770ee2f65aaa91f0f4d0fbdb6ad056a7bd0a0510c52fc21491&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=df5f37f702a02a770ee2f65aaa91f0f4d0fbdb6ad056a7bd0a0510c52fc21491&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F66be36ff20b842...
  • https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/js?tpid=48&tpuid=05b2a29632285800fcc8c897d1906b08
44 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/js?tpid=48&tpuid=05b2a29632285800fcc8c897d1906b08
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9c6524af09bc4c6098d1315bbfd30ad242f056f34202bc0b184f4d74182c3c87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/66be36ff20b842a187789d0102d67d76/1642429507439/0/js?tpid=48&tpuid=05b2a29632285800fcc8c897d1906b08
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
js
ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/ Frame 66E9
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=df5f37f702a02a770ee2f65aaa91f0f4d0fbdb6ad056a7bd0a0510c52fc21491&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd847...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=df5f37f702a02a770ee2f65aaa91f0f4d0fbdb6ad056a7bd0a0510c52fc21491&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F10dffa759dd847...
  • https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/js?tpid=48&tpuid=928afeaa0a87b1f41c41dd2bf06a7f59
44 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/js?tpid=48&tpuid=928afeaa0a87b1f41c41dd2bf06a7f59
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dc0da2120802eab382328506b597ba835ec8dff78ce09e82c44a10bf933aad23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/10dffa759dd8473391da9c5f2e30af73/1642429507441/0/js?tpid=48&tpuid=928afeaa0a87b1f41c41dd2bf06a7f59
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CA5D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=81300
expires
Tue, 18 Jan 2022 13:00:08 GMT
date
Mon, 17 Jan 2022 14:25:08 GMT
vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/55953/ Frame 5AFC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=0b51a042-55eb-419b-9d1a-588097b5dbef&_origin=1&gdpr=1&gdpr_consent=
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0b51a042-55eb-419b-9d1a-588097b5dbef&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0b51a042-55eb-419b-9d1a-588097b5dbef&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
wGbQAlJJ
sync-tm.everesttech.net/upi/pid/ Frame 5AFC
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5fd629a681f2153ec3f352f6a32089&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ebb50_7054181018551120054
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWZkNjI5YTY4MWYyMTUzZWMzZjM1MmY2YTMyMDg5&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDnqx5mvrOWrHGH88QY2QAU&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0b51a042-55eb-419b-9d1a-588097b5dbef
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/5fd629a681f2153ec3f352f6a32089?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-bfEcbrBE2oONLrpMebFGytGr6D0jD3iTeT5uaWbV~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5585149758427474447
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=8gceW7du1N9sWw5&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642429509.783522,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mxp6935-MXP

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1642429508604098-431
Expires
Mon, 17 Jan 2022 14:25:08 GMT
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame 5AFC 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642429508.166569,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mxp6935-MXP
sync
ups.analytics.yahoo.com/ups/57304/ Frame 5AFC
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA0NThhM2NiNy03N2ExLTExZWMtYTFjNC0wNjQ1ZTMyNDg2OTI%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
date
Mon, 17 Jan 2022 14:25:08 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sium
ih.adscale.de/ Frame EB99 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 17 Jan 2022 14:25:08 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
sium
ih.adscale.de/ Frame 66E9 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.80.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-80-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 17 Jan 2022 14:25:08 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
user
ads3.admatic.com.tr/ Frame 6798
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=9417762d98454368b17cc6e210a83611&ssp=admatic&bsw_param=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 14:25:08 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame 0FA0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=24468a3e-ec88-5311-ad08-65eecced19aa&ssp=admatic&expires=30&user_group=1
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 14:25:08 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB98 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=81300
expires
Tue, 18 Jan 2022 13:00:08 GMT
date
Mon, 17 Jan 2022 14:25:08 GMT
vary
Accept-Encoding
wGbQAlJJ
sync-tm.everesttech.net/upi/pid/ Frame 0CED
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0b51a042-55eb-419b-9d1a-588097b5dbef
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5585149758427474447
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/5fd629a681f2153ec3f352f6a32089?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-bfEcbrBE2oONLrpMebFGytGr6D0jD3iTeT5uaWbV~A
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=926f61e5-7c43-4e00-9cf8-caee62b89e54&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=7521w7ET1N9sWw5&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAHDSE7DyvkAAECYZLj0pQ&gdpr=0
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642429509.859444,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mxp6935-MXP

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1642429508827004-355
Expires
Mon, 17 Jan 2022 14:25:08 GMT
sync
ups.analytics.yahoo.com/ups/57304/ Frame 0CED
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA0NThhM2NiNy03N2ExLTExZWMtYTFjNC0wNjQ1ZTMyNDg2OTI%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDVzXPW-ZxZaMUZZHYAss1U&google_cver=1&apid=UP458a3cb7-77a1-11ec-a1c4-0645e3248692
date
Mon, 17 Jan 2022 14:25:08 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 0CED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=0b51a042-55eb-419b-9d1a-588097b5dbef&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0b51a042-55eb-419b-9d1a-588097b5dbef&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0b51a042-55eb-419b-9d1a-588097b5dbef&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame 0CED 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642429508.421334,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mxp6935-MXP
user
ads3.admatic.com.tr/ Frame 6798
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=0b51a042-55eb-419b-9d1a-588097b5dbef&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 14:25:08 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame 0FA0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ec40b023d4cd4acf8a80f62d3c115378&ssp=admatic&bsw_param=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:25:08 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 14:25:08 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=087b4890-7cfb-46ed-ba0c-3d7cfa20efe4&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
ptrack
a.audrte.com/ Frame DC44 		368 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.64.151.28&p=M1353665098&artime=2022-01-17T14:25:08.719Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuY29uc29sZS5hZHRhcmdldC5jb20udHIlMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc0NDIlMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7a44f090eee217f6e0fc87cfa728f98e292d50cdf1c137b13b919a66c380b319

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
pixel
ps.eyeota.net/ Frame DC44 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=bg3NvHPG-vTTH692q3dKHPm9Q&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/ Frame DC44
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6905369395768256520
  • https://ps.eyeota.net/match?bid=kh51m51&uid=bg3NvHPG-vTTH692q3dKHPm9Q&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=bg3NvHPG-vTTH692q3dKHPm9Q&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=bg3NvHPG-vTTH692q3dKHPm9Q&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame DC44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=bg3NvHPG-vTTH692q3dKHPm9Q&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=bg3NvHPG-vTTH692q3dKHPm9Q&gdpr=0&gdpr_consent=&google_gid=CAESEBQelSKYypuGWSP-_mVTepg&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 17 Jan 2022 14:25:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=249988733/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame D8CD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=249988733/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
bc7ce947f19355d57b4fa76b4616e8b7eefb95313a6c1aed688ddf9d83aa0e01

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 17 Jan 2022 14:25:10 GMT
content-type
text/html;charset=utf-8
content-length
1274
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.17.170
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
qmap
sync.crwdcntrl.net/ Frame D8CD
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=926f61e5-7c43-4e00-9cf8-caee62b89e54
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=926f61e5-7c43-4e00-9cf8-caee62b89e54
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=249988733/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.56
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Mon, 17 Jan 2022 14:25:10 GMT
Server
MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=926f61e5-7c43-4e00-9cf8-caee62b89e54
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Jan 2022 14:25:09 GMT
generic
match.adsrvr.org/track/cmf/ Frame D8CD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=249988733/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=41965462099077558390676927975621826688
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame D8CD
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=96ff8ae2ab71f5ed9ced8076b48dd725&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41965462099077558390676927975621826688
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41965462099077558390676927975621826688
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=249988733/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.98
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-2-v026-09d2da899.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
z8Zg4LPZR70=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41965462099077558390676927975621826688
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pixel
cm.g.doubleclick.net/ Frame D8CD 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OTZmZjhhZTJhYjcxZjVlZDljZWQ4MDc2YjQ4ZGQ3MjU
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=249988733/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=5dfecd54-82c4-48c1-9901-065929d583b9
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame D8CD
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=96ff8ae2ab71f5ed9ced8076b48dd725&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5dfecd54-82c4-48c1-9901-065929d583b9
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5dfecd54-82c4-48c1-9901-065929d583b9
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=249988733/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.6.236
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5dfecd54-82c4-48c1-9901-065929d583b9
date
Mon, 17 Jan 2022 14:25:10 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame D8CD 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=249988733/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 14:25:10 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
v2hgjN9y7tAw1YLsXtX3gU6eFkC6OpTlPB4vWdiRXrBrYIjoE7Wpmkz3mDHmPpF98twaCAyK1EPZ2cD24-A
superficialeyes.com/ 		209 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2hgjN9y7tAw1YLsXtX3gU6eFkC6OpTlPB4vWdiRXrBrYIjoE7Wpmkz3mDHmPpF98twaCAyK1EPZ2cD24-A
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2hxy1I2DadD9_UqgflZCzeDduq1c01Waovlzw4IO3xzRl7hrwYLJWBwNH5vqt34i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
341a25d6e2d00caf436bb651cf931b01581e188ef132902aeda4574bde49f0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 17 Jan 2022 14:25:11 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-fwlm
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Mon, 17 Jan 2022 14:25:10 GMT
v2nseArdFkTmS9sE2ubp_Kz5_VxR34zfEUjlAGK-0iGS_zaffH6ITmEhgfqLW8DJzDHaIPWtcv_Hzg_-veQ
superficialeyes.com/ 		3 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2nseArdFkTmS9sE2ubp_Kz5_VxR34zfEUjlAGK-0iGS_zaffH6ITmEhgfqLW8DJzDHaIPWtcv_Hzg_-veQ
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2hxy1I2DadD9_UqgflZCzeDduq1c01Waovlzw4IO3xzRl7hrwYLJWBwNH5vqt34i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 17 Jan 2022 14:25:12 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-fwlm
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| phpProps object| Cookies function| admiral object| googletag object| special_ops object| propertag function| gtag object| dataLayer object| GlobalSnowplowNamespace function| snowplow boolean| haveWeGotAds function| powerpress_pinw function| documentInitOneSignal function| OneSignal object| FB object| google_tag_manager object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent366 object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint boolean| payload_loaded object| gaplugins object| gaGlobal object| gaData object| webVitals function| constructsekindoParent91 function| nativoLoadFooter string| disqus_shortname object| countVars object| wp number| lazyEmbedsYMargin number| lazyEmbedsTimeout function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| sekindoFlowingPlayerOn object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| properSpecialOps object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId object| DISQUSWIDGETS undefined| disqus_domain number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| 4dm1r11545242527 string| proper_ad_page_uuid function| proper_6c942d99_7a005d12_1 function| proper_6b48f64a_d7ac58c3_2 string| proper_ad_session_uuid function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| x object| apstag object| link1 object| link2 string| placementId object| freewheelssp_cache function| __tcfapi object| response boolean| apstagLOADED object| ats object| ID5

115 Cookies

Domain/Path Name / Value
www.themarysue.com/ Name: pmpro_visit
Value: 1
www.themarysue.com/ Name: _sp_ses.8cf7
Value: *
www.themarysue.com/ Name: _sp_id.8cf7
Value: 06ab67e1-1484-41a7-94e1-59d596ab2c6f.1642429506.1.1642429506.1642429506.0459bae6-201f-4e30-abd2-2ab0a80ea21a
.themarysue.com/ Name: _ga
Value: GA1.2.1820599683.1642429506
.themarysue.com/ Name: _gid
Value: GA1.2.130079663.1642429506
.themarysue.com/ Name: _gat_gtag_UA_21433528_1
Value: 1
.themarysue.com/ Name: _sp_cookie
Value: 0a30be37-271d-4252-87a2-4b9f6cf44450
.3lift.com/ Name: tluid
Value: 9000822360144460123
.adnxs.com/ Name: uuid2
Value: 5585149758427474447
.casalemedia.com/ Name: CMID
Value: YeV8Qoog6kSjYDIORdrQ6QAA
.casalemedia.com/ Name: CMPS
Value: 5204
.spotxchange.com/ Name: audience
Value: 449a8ef8-77a1-11ec-8478-191344880206
.themarysue.com/ Name: __gads
Value: ID=611aaa066093ac49-222d9ed321cd0000:T=1642429506:RT=1642429506:S=ALNI_Mbc4tLfQm6vVVGDjiFs-XsBmTRqgg
.casalemedia.com/ Name: CMPRO
Value: 1187
www.themarysue.com/ Name: _lr_retry_request
Value: true
www.themarysue.com/ Name: _lr_env_src_ats
Value: false
.bidswitch.net/ Name: tuuid
Value: 087b4890-7cfb-46ed-ba0c-3d7cfa20efe4
.bidswitch.net/ Name: c
Value: 1642429506
.bidswitch.net/ Name: tuuid_lu
Value: 1642429506
.yahoo.com/ Name: A3
Value: d=AQABBEJ85WECEMeviVIHm9xlV4wfMwp13WoFEgEBAQHN5mHvYQAAAAAA_eMAAA&S=AQAAAlSiphhVlteaUJ6tcEFx5-U
.creativecdn.com/ Name: u
Value: I6zw7ldhv7hKYSxvThFB
.creativecdn.com/ Name: ts
Value: 1642429506
ads.us.e-planning.net/ Name: CT
Value: 1
ads.stickyadstv.com/ Name: UID
Value: 5fd629a681f2153ec3f352f6a32089
.e-planning.net/ Name: E
Value: ACRZk8OK9/0kaB0L
.postrelease.com/ Name: opt_out
Value: 1
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s569|YeV8R
.quantserve.com/ Name: mc
Value: 61e57c43-1ba8c-4f68d-b2381
www.themarysue.com/ Name: ntvSession
Value: {"id":8257806,"placementID":1024382,"lastInteraction":1642429507171,"sessionStart":1642429507171,"sessionEndDate":1642464000000,"experiment":""}
.adscale.de/ Name: uu
Value: f1242d1e926a4ceea224760e3c470708
.themarysue.com/ Name: __qca
Value: P0-1028619136-1642429507093
.casalemedia.com/ Name: CMST
Value: YeV8QmHlfEMA
ads.stickyadstv.com/ Name: pxId
Value: 247
ads.stickyadstv.com/ Name: sessionId
Value: 9964146f7efa323ceea6de3ea8ae1f
.rubiconproject.com/ Name: khaos
Value: KYIS4EEX-12-JYNB
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qryaGnexfdLfCAkF7RiBdb4AgvEG2sPPZq/zJBpTbUTS4TOEuNx1xRt8RC8RNaBDGObcmHjLEjsw2jYHTlS9mMvAcQTyO0PAjnQD5U7tEfUTQ==
.zeotap.com/ Name: zc
Value: 62451f14-e505-4f35-4b78-2b62bb367f61
.themarysue.com/ Name: properSessionData
Value: eyJ1dWlkIjoiNmMyZDczMWItNDg4Ny00OWM4LWE0NzYtNzI5ZWI4YzhmNTgzIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwiaW5kZXgiOjEsIm9wZW54IjoxLCJzb3ZybiI6MSwidGVhZHMiOjEsImNyaXRlbyI6MSwibWFudGlzIjoxLCJzb25vYmkiOjEsInJ1Ymljb24iOjEsImFwcG5leHVzIjoxLCJtZWRpYW5ldCI6MSwicHVibWF0aWMiOjEsImFkeW91bGlrZSI6MSwicmh5dGhtb25lIjoxLCJ0cmlwbGVsaWZ0IjoxLCJqdXN0cHJlbWl1bSI6MSwic2hhcmV0aHJvdWdoIjoxLCJ0aGlydHl0aHJlZWFjcm9zcyI6MX0sImxhc3RfdGhyZXNob2xkIjowfQ==
www.themarysue.com/ Name: sharedid
Value: %7B%22id%22%3A%2201FSM6TSR3S0QBWZ1EH7SBCWYA%22%2C%22ts%22%3A1642429507332%2C%22ns%22%3Atrue%7D
www.themarysue.com/ Name: sharedid_last
Value: Mon%2C%2017%20Jan%202022%2014%3A25%3A07%20GMT
.quantserve.com/ Name: d
Value: EEIBDQGcJbjvsQA
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 2e25d12d61a27898215929d22f53ea590a56c829be315653c07e15cae5cb3700
.richaudience.com/ Name: avcid-zeo-uid
Value: 62451f14-e505-4f35-4b78-2b62bb367f61
.zeotap.com/ Name: zsc
Value: 4T%1C%91%EE%26%B4%EDp%10%83%25%EB%94%CFq%ECkA2%DF%900%DE%EB%B5%FA2%A0mQ%9D%AB%22%3E%5B%B3%148%82J%E7%A0%1B%1CQ%E8m%DELQW%AF%CB%9BgdX%40%0D%95%E7y%DE%E7%DE%E7d%8E%13B%BCb%89%1B%05j%A4%E8P+%B4%84%C5%F6%EFv%AF%8E%3FK%C2F8%1A%AD%A0%83%9A%D6B%3F%25%01%D7%CE%A4%9C%EF%225%F6%BE%8F%9B%C8%B0%D0XP%B9%DE7%0E4%FE%DBj%82D4%09l%D9%22%C3%F2%E4%2BC%10%A5%B4%09%E1m%40%18E%21%3E%D5%F5%85~%D3%18%B6%9B%CAa%98z%AEJ%28%DDf
.tapad.com/ Name: TapAd_TS
Value: 1642429507366
.tapad.com/ Name: TapAd_DID
Value: 5dfecd54-82c4-48c1-9901-065929d583b9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adsrvr.org/ Name: TDID
Value: 0b51a042-55eb-419b-9d1a-588097b5dbef
.doubleclick.net/ Name: IDE
Value: AHWqTUkjYO3y5HH64WpkklfjiQYTZ40X665DVtrino4DGamTG4msBVHcfzJB69J8mh8
.adfarm1.adition.com/ Name: UserID1
Value: 7054181018560493717
.tidaltv.com/ Name: tidal_ttid
Value: 5bdc6f4e-1fcc-4cf7-b82c-b1a75d4d6f66
.demdex.net/ Name: demdex
Value: 41965462099077558390676927975621826688
.weborama.fr/ Name: AFFICHE_W
Value: VjAbRuI2HsFW39
www.themarysue.com/ Name: _lr_geo_location
Value: DE
.theadex.com/ Name: axd
Value: 4283294225583188784
.theadex.com/ Name: tis_dQL
Value: dQLeAtov
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjAwsDK0MAIAwfROvAkAAAA="
.dpm.demdex.net/ Name: dpm
Value: 41965462099077558390676927975621826688
.turn.com/ Name: uid
Value: 7417070056426588851
.proper.io/ Name: mediagrid
Value: 087b4890-7cfb-46ed-ba0c-3d7cfa20efe4
.agkn.com/ Name: ab
Value: 0001%3AL%2F2SHT1NFeAaO3NyrzmkOdkrEnhZqJrw
.proper.io/ Name: verizon_media
Value: y-PPj5pcRE2uF9J9DuIH5kW0TLhvFC3gTP~A
.ibillboard.com/ Name: ibbid
Value: BBID-01-03171435075845009-16501464
.bidr.io/ Name: bito
Value: AAHDSE7DyvkAAECYZLj0pQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 96ff8ae2ab71f5ed9ced8076b48dd725
.casalemedia.com/ Name: CMRUM3
Value: 8261e57c432760AAHDSE7DyvkAAECYZLj0pQ&5861e57c4305a0&f161e57c4305a0&6961e57c4305a00&0d61e57c4305a0&2d61e57c432760CAESEFtvCAtukmZcjfKM5XYMPoQ&bc61e57c4305a00&5161e57c432760f7FT0H7jAtZksVSEceMb0S-2DoFk4gTWcbFI3pWq&e661e57c432760&2761e57c430b40
.krxd.net/ Name: _kuid_
Value: Om26QnSW
.mathtag.com/ Name: uuid
Value: 926f61e5-7c43-4e00-9cf8-caee62b89e54
.adform.net/ Name: C
Value: 1
.fwmrm.net/ Name: _uid
Value: "ebb50_7054181018551120054"
.proper.io/ Name: __cf_bm
Value: HTbalnw3R3ecZ8Nr3gTPUP443SY5xs9S5Mq6cox4.0c-1642429506-0-ActIQO%2FnySex4ZGS8x%2FQ9Vrtu21ho010hoEYzLsQSm3sZgulyHYX0%2FyeOr6s8OlaMjfxoszfJHstOEISyKULdo4AYuaQKNzjKwcGXgoOD22M
.adform.net/ Name: uid
Value: 6905369395768256520
.criteo.com/ Name: uid
Value: fa6e427c-edc3-41cd-93a2-a09e2008c82a
.adscale.de/ Name: cct
Value: 1642429508039
.m6r.eu/ Name: test
Value: true
.advertising.com/ Name: APID
Value: UP458a3cb7-77a1-11ec-a1c4-0645e3248692
.analytics.yahoo.com/ Name: IDSYNC
Value: "190z~22pq:187s~22pq"
.yahoo.com/ Name: APID
Value: UP458a3cb7-77a1-11ec-a1c4-0645e3248692
.yahoo.com/ Name: APIDTS
Value: 1642429508
.m6r.eu/ Name: cct
Value: 1642429508200
.m6r.eu/ Name: id
Value: 928afeaa0a87b1f41c41dd2bf06a7f59
.ih.adscale.de/ Name: tu
Value: 4#1393726916#48~928afeaa0a87b1f41c41dd2bf06a7f59~456230~0~0#101~BBID-01-03171435075825673-16501464~456230~0~0#38~CAESEEc3RAZXARufti-PtRS3A-I~456230~0~0#39~926f61e5-7c43-4e00-9cf8-caee62b89e54~456230~0~0#40~fa6e427c-edc3-41cd-93a2-a09e2008c82a~456230~0~0#42~6905369395768256520~456230~0~0#75~5585149758427474447~456230~0~0#63~YeV8Qoog6kSjYDIORdrQ6QAA&1187~456230~0~0
ads.stickyadstv.com/ Name: uid-bp-36033
Value: ebb50_7054181018551120054
ads.stickyadstv.com/ Name: MRM_UID
Value: ebb50_7054181018551120054
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEDnqx5mvrOWrHGH88QY2QAU
ads.stickyadstv.com/ Name: uid-bp-892
Value: 0b51a042-55eb-419b-9d1a-588097b5dbef
.adsrvr.org/ Name: TDCPM
Value: CAESGAoJYmlkc3dpdGNoEgsIwvrEo-bzrDoQBRgBIAEoAjILCMLyx9D886w6EAU4AVoJYmlkc3dpdGNoYAI.
.console.adtarget.com.tr/ Name: a307080
Value: I6zw7ldhv7hKYSxvThFB
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307442
Value: ACRZk8OK9/0kaB0L
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: 71fb6d9202e93bba2bb6858c0643076850685f1d749bfd40910e09b8d8f64f75
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-bfEcbrBE2oONLrpMebFGytGr6D0jD3iTeT5uaWbV~A
ads.stickyadstv.com/ Name: uid-bp-951
Value: 5585149758427474447
.admixer.net/ Name: am-uid
Value: ec40b023d4cd4acf8a80f62d3c115378
ads.stickyadstv.com/ Name: uid-bp-529
Value: 926f61e5-7c43-4e00-9cf8-caee62b89e54
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 24468a3e-ec88-5311-ad08-65eecced19aa
.betweendigital.com/ Name: ss
Value: 1
.w55c.net/ Name: matchfreewheel
Value: 5
.w55c.net/ Name: wfivefivec
Value: 7521w7ET1N9sWw5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: 7521w7ET1N9sWw5
.betweendigital.com/ Name: ut
Value: YeV8RAAMBiD9gh1vlK5_F9MqyFZtQ8n-_LCMIw==
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAHDSE7DyvkAAECYZLj0pQ
.eyeota.net/ Name: SERVERID
Value: 22730~DM
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307565
Value: f1242d1e926a4ceea224760e3c470708
.audrte.com/ Name: arcki2
Value: bg3NvHPG-vTTH692q3dKHPm9Q!20210804!1642429508987
.console.adtarget.com.tr/ Name: vmuid
Value: 0dea4c5f78ee9bb8
.console.adtarget.com.tr/ Name: a314221
Value: OaV80tSQTrNhYzoE4Kswaz9BI4jTrDrG3r2BnmOikBEXdzx5fZyfOnbMt8Bwe0i8dR5MwQQh0LFMJwlFvpOw6w
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsDRLS7NITDVKTDI3TDNNTbFMTk2xMDA3SzKxSEkxNzJlAILEpzVuf%2F%2F%2F%2F88P4kAAANoQD5o%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIfFrjBqSgAAAZ0wIJ"

16 Console Messages

Source Level URL
Text
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.themarysue.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=72' from origin 'https://www.themarysue.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=9000822360144460123
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D62451f14-e505-4f35-4b78-2b62bb367f61%26reqId%3Df9660152-583d-4d58-5f39-ccf3007267b8%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://tags.bluekai.com/site/87734?id=62451f14-e505-4f35-4b78-2b62bb367f61&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=62451f14-e505-4f35-4b78-2b62bb367f61&reqId=f9660152-583d-4d58-5f39-ccf3007267b8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.audrte.com
a.teads.tv
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.yahoo.com
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
am22.mediaite.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bids.proper.io
bn01.er.bemail.it
btlr.sharethrough.com
c.amazon-adsystem.com
cdn.admatic.com.tr
cdn.id5-sync.com
cdn.onesignal.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
csync.loopme.me
d.adroll.com
dis.criteo.com
disqus.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb.proper.io
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geekosystem.com
geo.privacymanager.io
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
inv-nets.admixer.net
jadserve.postrelease.com
js.adscale.de
js.cookieless-data.com
live.primis.tech
loadeu.exelator.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid.media.net
prg.smartadserver.com
propermedia-d.openx.net
ps.eyeota.net
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.ntv.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
spc.themarysue.com
spl.zeotap.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
superficialeyes.com
sync-tm.everesttech.net
sync.adotmob.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.intentiq.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.tidaltv.com
tag.1rx.io
tags.bluekai.com
tags.crwdcntrl.net
themarysue.com
themarysue.disqus.com
tlx.3lift.com
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
unpkg.com
ups.analytics.yahoo.com
usermatch.krxd.net
usync.proper.io
video.primis.tech
www.google-analytics.com
www.googletagmanager.com
www.themarysue.com
x.bidswitch.net
api.rlcdn.com
sync.adotmob.com
104.111.215.191
142.250.185.130
142.250.186.130
143.204.215.113
143.204.215.18
146.0.227.109
151.1.205.165
151.101.192.134
151.101.2.49
154.54.250.48
168.119.149.178
169.197.150.7
178.162.133.150
178.250.2.131
178.250.2.151
18.156.0.31
18.157.100.237
18.157.246.64
18.157.252.145
18.194.149.16
18.215.193.43
184.30.24.198
184.30.24.241
184.30.25.59
185.167.98.14
185.184.8.65
185.255.84.151
185.29.134.248
185.64.189.112
185.64.190.78
185.86.138.122
185.94.180.125
188.132.147.236
194.213.62.34
198.20.95.18
199.232.192.134
2.18.232.7
2.18.233.201
2.18.234.233
2001:678:cb4:bbbb::11
205.234.175.175
209.54.180.3
212.82.100.182
213.19.147.42
216.52.2.39
23.37.38.181
23.37.42.132
23.88.75.187
2600:1f18:6593:f608:75dc:ec20:a692:551
2600:9000:206f:d600:6:44e3:f8c0:93a1
2600:9000:206f:e000:f:4f64:8940:93a1
2600:9000:214f:be00:8:48e:53c0:93a1
2602:803:c003:200::51
2606:4700:10::ac43:14a1
2606:4700:10::ac43:1906
2606:4700:10::ac43:db6
2606:4700::6810:7aaf
2606:4700::6811:4e22
2606:4700::6812:e134
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:80:800::7001
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a03:2880:f02d:100:face:b00c:0:3
2a04:4e42::300
2a05:d018:24:b001:a15e:14c8:83cf:d3c5
2a05:d018:d29:3605:7fb0:fdcc:4343:870d
2a0c:5c81:5139::2
3.123.179.172
34.107.148.139
34.120.157.206
34.149.20.76
34.246.26.64
34.254.143.3
34.98.67.61
35.156.119.137
35.156.61.164
35.167.45.107
35.190.39.246
35.201.81.244
35.227.248.159
35.227.252.103
35.244.159.8
35.244.174.68
37.157.3.28
37.157.4.24
37.252.173.214
37.252.173.27
37.252.173.62
44.198.36.181
44.225.168.153
46.105.202.126
46.249.52.248
5.178.65.245
5.178.65.252
51.15.145.115
51.75.146.199
51.89.9.251
52.19.22.209
52.214.126.220
52.223.40.198
52.28.103.21
52.57.150.20
52.94.223.37
54.154.126.215
54.154.13.77
54.191.222.20
54.194.44.194
54.70.210.121
54.80.147.122
54.84.55.94
54.93.80.4
62.149.0.72
63.250.56.141
65.9.58.43
65.9.71.173
66.155.71.25
69.173.144.139
69.173.144.165
72.251.244.140
75.101.244.20
76.223.111.18
85.114.159.93
89.163.159.104
89.187.169.47
96.46.183.20
99.86.7.31
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10e2f32b584ba1e0811bdd21889949c60d5b994f32fee8e4379f441e039eaa20
11ef6e0c7513e3cafcea7ac7b4f30ba74bf9e3aeb80a017f67441fdc2d5e12dd
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18c178073716b435c57d3418ff15d5d8e359b6927cc1e90843e22e2472b5407e
1d25f21de7c2809c0eb89ec2a3e7451af3ebdd6e3cbc537718dce681ad6b9d95
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20c0f534a9c9407de869b67ecd1b629fc08d54349e1e2735e848e78d17bd5afe
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac
24038ee6fd0b52b9df3a8d4c2bd0b55ba69b7ae3b5a2589dd7ecadb9978ac43e
245e2163a828fd738129b3fd0be694d90372e3a102b9e604d09ca7d10df3bded
24b9dedd14370b96b36701131e76af8c2101b0f9ca445666912c98d2643b7977
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60
25611cbf38dbe8da43a7b8258cf7417bf6a4b2e9fdee73beeb789445b62f88f2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
281796d5fd28a4535ef870e4638f6f21ef342a7a226dd35a3a093db3d60511b2
2849108f9ac551e4d168d83274730110ea921be04ba5b85c86755025ce63af39
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30b582e9bfdbf0af2563f1220ace33de65ad5f1b73d0a0542ffd9c02788cf2be
30f6d6d018f2f86981999a034ca131fa1bab5452af23e49398cfbd2862a8e000
32e193d4ca123202b96bf63ee239e7eb9e4797ec289566a16ab9aa8f1caf962c
341a25d6e2d00caf436bb651cf931b01581e188ef132902aeda4574bde49f0a3
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
37059b1f1f0860ce272bc675cf1e5094f75a200dd3ea32f6a329e3f97c1e420a
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ffaf519d628423e1ea7147364a8d2af10c3b63f3ec5a9b598f989aeaafd74c
3887d316cbea6e18e98e26aa08c2025e3a0a58e862f73a0c954eef53360c318a
388bf3021074bb90303ce1c99498cb6d9fed075592a2cb12378a25b21c1df099
3ab1b8eee3f73970ddf274b5ffc0deab10f568138658e7ed9e89b90018f1d704
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f330b5540c14decacd98185a7bc6eb031b1f5667a64e872fc58f723f57a6f3b
3f3d0b282e582118d62ea81297aef449d49b2a6d15a51a272bffdcee0bdd66ac
3f86e2ccbc7b6fd6ef1ff947c1e06b22fbd9ceee97ed051ba91205efe014622e
3f9d64702654ac8bce049e494928bec39c789a1407ce879fe7a6df3adb8cfbfb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4323b9a7468fe9f7e1afab48fc491d97bb8d2060bf8a1d252987ef4087ed53d8
464417bab5ec6e9fe79f2afdeb5386666526c446758902e65036ea3e4cc4391b
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b80a07ec5e8cf43f4db4bdc64edb5080cbe368ed777d4b135ae58798d97c94
4a5a01b70722f3026b8d4b07c3339f14a6fee09ff43ccc3fb1485e4ed6d3d540
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f
4ab6b3470cfb52c420289aa1631788af5fdf56d04147e1dda0d584a5cabf54c6
4c6ca6e89f19a3a2e028f79bbed3c64248a500b6b6fbaa9cdf8872cf9c86c4bd
4c83228e68021d6e61774b17a3e8903fd1c9fcbfb18a291918c67ebde40d7bd2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
4fca4c6391f23a9fdb50d3058531c77370c59f23dea08b8c838fd9da6c4bdd89
51640e5f1515c17578d1af91c278b4bfad05d7b425f96e4abfdbe71d3a6479c6
5239ecc8df25c4f09a3e782c29b0e79e3a335617a4f4c40c05de250986d37abe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5547777620b84bfa99ee611d0e3a042c9f29292ce515e8857de5dee56bd7a875
58c8f9f8ac07ad5688411afc87c4dfbf14c0d82ece30f3fa776d7c000231b152
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5ab30339cab471615463e28a9d6ab1890611c1583ba79eec6fe45324c55bd3d9
5abba60a16d278195ad694ce1a6fb7622c2a2ade1bc76e021c970d20205ae828
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
635e0cc36774866d8c63bdfe28234c030577929403e90528e5ddd108af489992
6442efd349b0762ef0a54984c1780acb19c724a41223c7044d48f2aaee56c5bd
6699149d8536655fd190a86d5771602bfc6d109ac9dbeca72aa1619b06b26801
66d3f34cd7b69f2973307525f4ed0813a588d6b8cfd85d1515ed890041d23428
673ff2f2ffe9975d2042432684eda48fa15a0db2e8d6cb94495d4d3201340c25
679557074d44e5a142207f8e856e62148579ac771f2c9526aa1fce1787abdea2
689186408fd8ece557b754a36950896a6aff7b8345097af77ccaf7da69316771
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a30491a0d025df71558a85ab6b621b204e6e98178aa31c3c2a067248dd2f493
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbf4ae84305f1c5695bc9185133563c3fde7bbf603a378a559ad884dd821bef
6d4a3b22a354fb82584105bb451d3c8f3c55c436fe6c0b396e34108480783531
6d861557eb9ebf623f534bda4f9524c02b1533bb40b086f9c4873cc7e6265b7c
6da9709bb7e11952722d24e5ca0253885f4d34b7d54910d7c030ed69f5f6bf47
6e71766e93a1d643494044996f1fea9a71b7d7918972b90e06624064fb25e7e3
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
6ebf49204c74031c33e588c3691f8b29d8b1a37b6cda6d3e35996531bc1db232
70097e69b8c332a8fe6c1d64ab71ddc0e8944f86c2e496ad0bc1cca529135d36
701d37a5305015e62c0655b67f04bd1699e539c0d6b7e430e5342cb0560b11c6
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
771435dd7074e40438f788ed4ce49131e722c1c90b1292cfae2d288a21a4df6c
788f565a8b4e3e2a40083a23e7a46fc83d189c8893b70dd6ac07988923b271f1
7961a1433b796f1546f9e9c53ce2bfbaa7c91742773edad8d9fa5ddf71898f0a
797edf1e15087bd09fd57e19cfeaebd77f1ea99b9647744f7619076997be3b35
7a25dfe494f71b8b1470977ee67d2a48e8313c4c5eb85cc10490421780d3bb6c
7a44f090eee217f6e0fc87cfa728f98e292d50cdf1c137b13b919a66c380b319
7c0359e1423bf1b32dba6795b039e59446000b31a9458455a66a7b1e591e0663
7fd2e6733c3616ff78c73ba9d4bfefadf589d5d85fb84e1eff5240a2203ef0c9
810a7d4211e18bcc8d8dc0918ead45a299d2375dc5e15b053ab996672d966205
831eaf6f1c288f766382de0ff923046ec00f3e7346af39b1849c0630203215ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8b8eaa86e1c49b20cabbe9d46b65af645458e86bf6bccba829435289c6856f81
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d47a45f2f8909a17fd936e7ba3c71511aeb7b67d23bbfed442956e8fc62ea4d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df46046effa30ba22f79dbdd78ef028b6f4aa16b1544a74cd09d9780d8f2e8f
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
91b6f080e43a72c936561690e976bf196087f333a4a55bca0b956b843fbf8efb
939c798ab0e5e8bbfdd392a59c326debf2be4c17fe5fb7a393f2515b0d782f47
94264e80d02aee478cab597737b2e4defdb90659167ceb87e82543494b98d9f0
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98b854ea906ce79e583110e4025dd920cb43fff807033cc4e1bc9bc0bf39558c
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7
9c2603e1c4e75d210896f2e40f940e1cd05958e7f831d87624a7d592c614d01f
9c6524af09bc4c6098d1315bbfd30ad242f056f34202bc0b184f4d74182c3c87
9cf72f1fca9111f4a1b4130d5b95848ac556b822f489c51305f11e5f23a3d04f
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9e129afbfe295a8aba49e1e040b381da190441aefce0e289fd18dac2d3272eb8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4397059274dd4337a809167ccce9b11550280b9dc51a0409957cfc937828e87
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6603111f46633367414c8d665c248e0c043a7a4d490c7f11f27fdf0b2166a41
a915c87bce3b7eea9dfc9ba7fd5365f110678134cf109878952adf1e8ccd4f06
a927693b353317cfd18f94a5ff3f3bcdc6513ac06b3546b7bf73465cb39ba7aa
a97fe30ad5748e17e04a4bb382417602a53b4779363920e0b1469260dd32dedd
a9a9660bfecf4235369b01301285993aaca1700df285c2d13d73e6a803971232
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aefd359d216ba523b56434f4a022d63acc17a39b1e151a58d8822866fa711ed7
af579584a624e4edfbeb45e4ec3b46e57dcf9cabae44a51913640c1fef0626c9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26acf4d15a2e6fdc8f786af6528452ffb23e6050badc70464290d0ed56514e8
b36ae0331fcc9926fd84459a30b434e1ee944fd26d73719067b23b48de03c816
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
bc7ce947f19355d57b4fa76b4616e8b7eefb95313a6c1aed688ddf9d83aa0e01
bc922b19f9686942646092f52dec45d91d6df4a5648ca3c5a03e2d7c8a3d44f8
c000f8b67ac8b8b9e1f54b28bd980a8941087173eaf0cdee1fc4d411c25df7c5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29961849a7671f9ab16fc32cbe0b82a1574f8586791d2447102a7757439bf7a
c401d531fdcab348299740e6fdadd87d77c7aca6ffb45c675b96bfd9f1daa1aa
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c7c10796abde311eb6dfd733445be5d95188bf3d8ccb23eade09a3fa70ed1352
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
d1742d9360d9749cfdfb46de62c892caf0b2468720840a0370bdab52a5f13231
d18cd6d89fd419b35c4a73f333b7ddd931bebba2550ccabf34c9cc69a10a4010
d1eb1d8d03148dbe8f4bc6cbe6d598a26f07192f26d0b705e0e17d875dd074a3
d2a363422fda12758b1d6787775431eeee412de949b2156b3d1376e0ab69b4e4
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d3cbf444344c0a016ae65118bf7c53de50a57ae90ca72ba872b0737ce5a34115
d5bdfea83c1332f51bb70622bd72c493cff535b14db348aeafa647cb1d12b59b
d673d47d14f8871da620dea403a92edcfa0248dbe08c712a388840a43d1fe48f
d973c6e94d697867cee725159b5bd497687c9c06f57ffa4787f25014fb9c6b5d
d97708f9a1e72744f32e6486df05083f3b326c01b952168fa25039f9940b04ea
dc0da2120802eab382328506b597ba835ec8dff78ce09e82c44a10bf933aad23
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
df4f3632c137908c059c07c2f89bec5c6ceb2ff174924664909fd6baafe2a629
dfc4253621b3a2065fee057616fcd27d31578b2fc80a09d7878af38d971e4055
e350a348dcbe690252677662664688b7e73104e88b4968f782df34feb81064f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43093c06c8f9c7b919924e29e95936ea776f462adf4c1a7bb8b8714f3907d21
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ea66a2b8b388a536536faa19481eb2526654b2968e2aed985b4b9684e279e262
ea9c96c9285cf4e53561a30b7364754ae158a87fee5ceb101bfc0717002098a5
eb52004e62aafaa828e52cd085ca014f79f6dbbd1e0814c55a7006b1f3fe59b3
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed3ed3d7f1c67a9a645d228efed07043a15b62c587ea5318d6ed70eac56792b5
eda28b525740ae4ff6041f1b17c3ae1574cd5853c48e8f603a9dca329487096d
edbb8a65f9cb56a2b3c1ed0ea50c28a9c1c3823a9a6798b0aa65fb6b7e80e07d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b683fb7c3d684752db8b60b359afce8be42fec5d3e634e2e6de1ad5edd1c65
f10694f87d14598945aa46ef8044b570dc5bac82b8e641a50e37b118cd7f2bbe
f343b1ba486cdc0df67a71ba82df707cf0447479e1b0ad403255227105da9f9e
f4ccf2942489bb44fa7923b2cb00f6c5e41faad154c568903446f825507ad4c2
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927
f9527881e94959663d2fab50c6a349b951f9b4383cf2a554828055dc2c636126
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083
fcd3940376fa3329655d425fcbaf919e3d5065680b8c27c329b52cfea165e038
fd39c42a8ebfeb721aa964bf2ac344ae3240481310c3225f253ff7cd60eedcbc
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff4bffecd8ba370b28d70011a881045c61c66394f700ef47c43588f54797a9ca