urlscan.io logo urlscan.io
SecurityTrails logo

www.themarysue.com Open in urlscan Pro
2606:4700:10::ac43:14a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://geekosystem.com/
Effective URL: https://www.themarysue.com/
Submission: On February 09 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 10 countries across 97 domains to perform 423 HTTP transactions. The main IP is 2606:4700:10::ac43:14a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.themarysue.com. The Cisco Umbrella rank of the primary domain is 146519.
TLS certificate: Issued by R3 on January 15th 2022. Valid for: 3 months.
This is the only time www.themarysue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.20.95.18 32475 (SINGLEHOP...)
1 36 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 83.136.253.58 202053 (UPCLOUD)
38 63.250.56.119 41436 (CLOUDWEBM...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 35.190.39.246 15169 (GOOGLE)
1 35.201.96.133 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 34.120.157.206 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 151.101.192.134 54113 (FASTLY)
5 199.232.192.134 54113 (FASTLY)
3 104.92.105.214 16625 (AKAMAI-AS)
1 104.108.145.83 16625 (AKAMAI-AS)
8 18.66.109.174 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
8 104.102.28.254 20940 (AKAMAI-ASN1)
3 3 185.94.180.125 35220 (SPOTX-AMS)
5 34.98.64.218 15169 (GOOGLE)
2 2a0c:5c81:509... 55081 (24SHELLS)
2 4 3.122.58.191 16509 (AMAZON-02)
2 2 23.88.75.187 24940 (HETZNER-AS)
7 14 104.108.145.8 16625 (AKAMAI-AS)
3 3 76.223.111.18 16509 (AMAZON-02)
7 69.173.144.139 26667 (RUBICONPR...)
3 3 37.252.173.62 29990 (ASN-APPNEX)
9 63.250.60.65 204548 (CLOUDWEBM...)
1 2600:9000:218... 16509 (AMAZON-02)
1 104.92.70.118 16625 (AKAMAI-AS)
4 52.28.203.152 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 185.64.189.112 62713 (AS-PUBMATIC)
1 95.100.210.71 16625 (AKAMAI-AS)
2 3.125.184.48 16509 (AMAZON-02)
2 185.94.180.124 35220 (SPOTX-AMS)
15 34.226.144.114 14618 (AMAZON-AES)
1 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 172.217.16.130 15169 (GOOGLE)
2 35.164.52.163 16509 (AMAZON-02)
4 8 18.156.0.31 16509 (AMAZON-02)
1 51.89.20.86 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 44.225.168.153 16509 (AMAZON-02)
18 62.149.0.72 15497 (COLOCALL ...)
3 5 37.157.2.238 198622 (ADFORM)
4 4 185.184.8.65 204995 (RTB-HOUSE...)
2 10 5.178.65.245 50673 (SERVERIUS-AS)
6 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 35.158.183.66 16509 (AMAZON-02)
1 35.156.28.35 16509 (AMAZON-02)
1 35.174.217.176 14618 (AMAZON-AES)
2 5 37.252.172.36 29990 (ASN-APPNEX)
1 178.162.133.150 60781 (LEASEWEB-...)
1 72.251.249.14 29791 (VOXEL-DOT...)
1 34.107.148.139 15169 (GOOGLE)
3 18.198.28.225 16509 (AMAZON-02)
5 34.149.20.76 15169 (GOOGLE)
1 2602:803:c004... 26667 (RUBICONPR...)
1 213.19.147.42 26120 (RHYTHMONE)
1 185.255.84.151 200271 (IGUANE-)
1 23.0.33.234 16625 (AKAMAI-AS)
1 178.250.0.165 44788 (ASN-CRITE...)
1 23.209.68.8 16625 (AKAMAI-AS)
3 185.64.190.78 62713 (AS-PUBMATIC)
2 104.102.30.13 20940 (AKAMAI-ASN1)
1 18.64.103.63 16509 (AMAZON-02)
1 104.89.31.187 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
2 24 18.158.238.206 16509 (AMAZON-02)
2 3 66.155.71.149 13768 (COGECO-PEER1)
2 35.227.252.103 15169 (GOOGLE)
4 10 34.192.120.237 14618 (AMAZON-AES)
4 5.178.65.253 50673 (SERVERIUS-AS)
2 6 168.119.79.223 24940 (HETZNER-AS)
2 2 2.19.35.65 16625 (AKAMAI-AS)
4 23.37.42.132 16625 (AKAMAI-AS)
2 205.234.175.175 30081 (CACHENETW...)
2 51.89.9.252 16276 (OVH)
32 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.32.240.82 16509 (AMAZON-02)
11 17 142.250.186.130 15169 (GOOGLE)
7 9 35.227.248.159 15169 (GOOGLE)
2 4 37.157.6.241 198622 (ADFORM)
6 10 52.223.40.198 16509 (AMAZON-02)
2 2a04:4e42:600... 54113 (FASTLY)
2 2600:1f18:659... 14618 (AMAZON-AES)
4 4 2a05:d018:24:... 16509 (AMAZON-02)
4 5 54.155.222.85 16509 (AMAZON-02)
2 34.254.143.3 16509 (AMAZON-02)
2 2 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
4 4 35.201.81.244 15169 (GOOGLE)
2 89.163.159.106 24961 (MYLOC-AS ...)
4 10 52.209.129.133 16509 (AMAZON-02)
2 2 212.82.100.182 34010 (YAHOO-IRD)
2 2 18.158.20.100 16509 (AMAZON-02)
5 54.154.13.77 16509 (AMAZON-02)
8 9 151.101.194.49 54113 (FASTLY)
2 2 95.100.209.94 16625 (AKAMAI-AS)
2 2 52.45.242.235 14618 (AMAZON-AES)
2 4 52.95.125.22 16509 (AMAZON-02)
3 104.90.192.27 16625 (AKAMAI-AS)
2 2 34.242.175.248 16509 (AMAZON-02)
2 4 209.54.180.144 16509 (AMAZON-02)
2 38.91.45.7 398989 (DEEPINTENT)
1 1 185.183.112.148 60350 (VP)
1 72.251.232.229 29791 (VOXEL-DOT...)
2 3 104.92.91.221 16625 (AKAMAI-AS)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 52.45.237.203 14618 (AMAZON-AES)
2 18.66.248.90 16509 (AMAZON-02)
2 2 62.209.227.211 13036 (TMOBILE-)
2 212.129.3.112 12876 (Online SAS)
5 6 52.58.50.64 16509 (AMAZON-02)
2 178.250.2.151 44788 (ASN-CRITE...)
4 4 185.29.134.248 30419 (MEDIAMATH...)
1 35.244.174.68 15169 (GOOGLE)
3 3 69.173.144.138 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 185.33.221.215 29990 (ASN-APPNEX)
4 4 72.251.244.140 29791 (VOXEL-DOT...)
4 3.127.178.105 16509 (AMAZON-02)
1 69.169.86.38 29838 (AMC)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 51.75.146.160 16276 (OVH)
423 109
1    198.20.95.18 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sh02.mediaite.com
geekosystem.com
36    2606:4700:10::ac43:14a1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.themarysue.com
themarysue.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    83.136.253.58 (United Kingdom)

ASN202053 (UPCLOUD, FI)
PTR: 83-136-253-58.uk-lon1.upcloud.host
geniuslinkcdn.com
38    63.250.56.119 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
6    35.190.39.246 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 246.39.190.35.bc.googleusercontent.com
superficialeyes.com
1    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
terrifictooth.com
5    2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
abcheck.proper.io
eb.proper.io
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    34.120.157.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.themarysue.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.192.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
5    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
themarysue.disqus.com
3    104.92.105.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-105-214.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
1    104.108.145.83 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-83.deploy.static.akamaitechnologies.com
s.ntv.io
8    18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net
c.amazon-adsystem.com
5    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    104.102.28.254 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-254.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
5    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
primis-d.openx.net
propermedia-d.openx.net
2    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
4    3.122.58.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-58-191.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
14    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
3    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
9    63.250.60.65 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
1    2600:9000:2182:1400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    104.92.70.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-70-118.deploy.static.akamaitechnologies.com
www.aaxdetect.com
4    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    95.100.210.71 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-210-71.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    3.125.184.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-184-48.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
2    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
15    34.226.144.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-144-114.compute-1.amazonaws.com
jadserve.postrelease.com
1    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
2    35.164.52.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-52-163.us-west-2.compute.amazonaws.com
usync.proper.io
8    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    51.89.20.86 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p18.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    44.225.168.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-168-153.us-west-2.compute.amazonaws.com
bids.proper.io
18    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
5    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
10    5.178.65.245 (Amersfoort, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
6    2600:9000:223f:1000:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
1    2600:9000:225f:4a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    35.158.183.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-183-66.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
1    35.156.28.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    35.174.217.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-217-176.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
5    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    18.198.28.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-28-225.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    23.209.68.8 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-68-8.deploy.static.akamaitechnologies.com
a.teads.tv
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    104.102.30.13 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-30-13.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
1    18.64.103.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-63.txl50.r.cloudfront.net
ats.rlcdn.com
1    104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
24    18.158.238.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
ih.adscale.de
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
10    34.192.120.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-120-237.compute-1.amazonaws.com
a.audrte.com
4    5.178.65.253 (Amersfoort, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
6    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
32    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    13.32.240.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-240-82.ams50.r.cloudfront.net
geo.privacymanager.io
17    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
9    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
4    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
10    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    2600:1f18:6593:f600:d00c:d52c:5371:efa (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
4    2a05:d018:24:b001:3357:fdd3:4721:80d2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
5    54.155.222.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-222-85.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
2    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    89.163.159.106 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
10    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    18.158.20.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-20-100.eu-central-1.compute.amazonaws.com
aa.agkn.com
5    54.154.13.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
beacon.krxd.net
9    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    95.100.209.94 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-209-94.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    52.45.242.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-242-235.compute-1.amazonaws.com
usermatch.krxd.net
4    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    34.242.175.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-175-248.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
4    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    72.251.232.229 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
3    104.92.91.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-91-221.deploy.static.akamaitechnologies.com
px.owneriq.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    52.45.237.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-237-203.compute-1.amazonaws.com
um2.eqads.com
2    18.66.248.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-90.dus51.r.cloudfront.net
tags.crwdcntrl.net
2    62.209.227.211 (Vlasim, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
2    212.129.3.112 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu
js.cookieless-data.com
6    52.58.50.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-50-64.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a05:d018:d29:3602:bd34:6511:c5e2:890a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    185.33.221.215 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 883.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
4    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu
tracking.m6r.eu
4    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    69.169.86.38 (United States)

ASN29838 (AMC, US)
global.ib-ibi.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    51.75.146.160 (France)

ASN16276 (OVH, FR)
PTR: de03.roqad.pl
wt.rqtrk.eu
Apex Domain
Subdomains		 Transfer
47 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2734
video.primis.tech — Cisco Umbrella Rank: 6478
998 KB
40 themarysue.com
www.themarysue.com — Cisco Umbrella Rank: 146519
themarysue.com — Cisco Umbrella Rank: 143147
spc.themarysue.com — Cisco Umbrella Rank: 434476
420 KB
32 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1178
mwzeom.zeotap.com — Cisco Umbrella Rank: 1486
9 KB
30 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7241
ih.adscale.de — Cisco Umbrella Rank: 4945
32 KB
21 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
153 KB
20 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5930
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 6268
9 KB
17 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
eus.rubiconproject.com — Cisco Umbrella Rank: 512
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2038
token.rubiconproject.com — Cisco Umbrella Rank: 593
27 KB
16 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3099
u-ams02.e-planning.net — Cisco Umbrella Rank: 51355
s.e-planning.net — Cisco Umbrella Rank: 4802
i.e-planning.net — Cisco Umbrella Rank: 4860
7 KB
16 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2363
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
cms.analytics.yahoo.com — Cisco Umbrella Rank: 855
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ads.yahoo.com — Cisco Umbrella Rank: 835
4 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1361
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
125 KB
15 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 900
10 KB
15 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
htlb.casalemedia.com — Cisco Umbrella Rank: 427
ssum.casalemedia.com — Cisco Umbrella Rank: 1125
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
17 KB
14 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 420
image6.pubmatic.com — Cisco Umbrella Rank: 582
47 KB
12 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 629
tags.crwdcntrl.net — Cisco Umbrella Rank: 2036
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
29 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
4 KB
10 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2683
9 KB
10 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 350
ib.adnxs.com — Cisco Umbrella Rank: 210
adscale-emea.adnxs.com — Cisco Umbrella Rank: 16741
7 KB
9 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
2 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
4 KB
9 adform.net
cm.adform.net — Cisco Umbrella Rank: 1576
dmp.adform.net — Cisco Umbrella Rank: 2002
track.adform.net — Cisco Umbrella Rank: 3678
3 KB
8 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1058
pixel.advertising.com — Cisco Umbrella Rank: 307
2 KB
8 proper.io
global.proper.io — Cisco Umbrella Rank: 7964
abcheck.proper.io — Cisco Umbrella Rank: 24352
usync.proper.io — Cisco Umbrella Rank: 4627
bids.proper.io — Cisco Umbrella Rank: 8554
eb.proper.io — Cisco Umbrella Rank: 10756
125 KB
7 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 371
usermatch.krxd.net — Cisco Umbrella Rank: 981
2 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 636
primis-d.openx.net — Cisco Umbrella Rank: 13063
propermedia-d.openx.net — Cisco Umbrella Rank: 11235
rtb.openx.net — Cisco Umbrella Rank: 1330
1 KB
6 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1050
sync.mathtag.com — Cisco Umbrella Rank: 387
4 KB
6 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1515
1 KB
6 disqus.com
disqus.com — Cisco Umbrella Rank: 2621
themarysue.disqus.com — Cisco Umbrella Rank: 246858
7 KB
6 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 67142
210 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
4 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1312
1 KB
5 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 469
search.spotxchange.com — Cisco Umbrella Rank: 385
4 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 845
3 KB
4 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 11465
2 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23557
1 KB
4 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 977
2 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 585
1 KB
4 gstatic.com
fonts.gstatic.com
84 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 356
tlx.3lift.com — Cisco Umbrella Rank: 532
2 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 789
1 KB
3 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 425
754 B
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 2837
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
767 B
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 736
dis.criteo.com — Cisco Umbrella Rank: 619
1 KB
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1093
346 B
3 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 739
ats.rlcdn.com — Cisco Umbrella Rank: 1336
id.rlcdn.com — Cisco Umbrella Rank: 548
38 KB
3 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 4252
l3.aaxads.com — Cisco Umbrella Rank: 5137
122 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 2951
onesignal.com — Cisco Umbrella Rank: 1314
73 KB
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 4583
1 KB
2 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 17653
1 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 2780
563 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 807
60 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 160499
428 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
760 B
2 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19441
671 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393
1 KB
2 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 125516
1 KB
2 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 6812
648 B
2 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 9578
822 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 571
218 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 865
2 KB
2 moatads.com
z.moatads.com — Cisco Umbrella Rank: 330
s-jsonp.moatads.com — Cisco Umbrella Rank: 9941
55 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 493
cdn.id5-sync.com — Cisco Umbrella Rank: 1505
11 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1902
24 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 911
478 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
83 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 802
2 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
156 KB
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 9208
356 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 754
411 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1301
72 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1613
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 615
777 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1259
408 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1254
307 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1451
591 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1595
17 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1139
250 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3906
749 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1196
174 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1112
929 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
761 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1414
936 B
1 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 10471
344 B
1 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 5287
254 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
2 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
10 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 614
583 B
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 6732
323 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 502
483 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3166
114 KB
1 terrifictooth.com
terrifictooth.com — Cisco Umbrella Rank: 78580
6 KB
1 geniuslinkcdn.com
geniuslinkcdn.com — Cisco Umbrella Rank: 53714
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
36 KB
1 geekosystem.com
geekosystem.com
238 B
0 bidr.io Failed
match.prod.bidr.io Failed
423 97
Domain Requested by
38 live.primis.tech www.themarysue.com
live.primis.tech
35 www.themarysue.com 1 redirects www.themarysue.com
26 mwzeom.zeotap.com ads.us.e-planning.net
24 ih.adscale.de 2 redirects js.adscale.de
ih.adscale.de
18 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
ads.us.e-planning.net
17 cm.g.doubleclick.net 11 redirects spl.zeotap.com
ssum.casalemedia.com
ads.us.e-planning.net
bcp.crwdcntrl.net
15 jadserve.postrelease.com s.ntv.io
www.themarysue.com
10 match.adsrvr.org 6 redirects ssum.casalemedia.com
ads.us.e-planning.net
bcp.crwdcntrl.net
10 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
s.console.adtarget.com.tr
9 sync-tm.everesttech.net 8 redirects www.themarysue.com
9 pixel.tapad.com 7 redirects ads.us.e-planning.net
9 video.primis.tech www.themarysue.com
8 ups.analytics.yahoo.com 4 redirects www.themarysue.com
8 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
ads.us.e-planning.net
8 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
global.proper.io
7 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
um2.eqads.com
6 pixel.advertising.com 5 redirects www.themarysue.com
6 bcp.crwdcntrl.net 4 redirects tags.crwdcntrl.net
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
6 sync.richaudience.com 2 redirects ads.us.e-planning.net
spl.zeotap.com
6 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
6 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
6 pixel.rubiconproject.com www.themarysue.com
ads.us.e-planning.net
6 superficialeyes.com www.themarysue.com
superficialeyes.com
5 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
bcp.crwdcntrl.net
5 dpm.demdex.net 4 redirects bcp.crwdcntrl.net
5 ssc.33across.com global.proper.io
5 ib.adnxs.com 2 redirects global.proper.io
spl.zeotap.com
5 fonts.googleapis.com www.themarysue.com
live.primis.tech
superficialeyes.com
5 themarysue.disqus.com www.themarysue.com
themarysue.disqus.com
4 sync.crwdcntrl.net bcp.crwdcntrl.net
4 ps.eyeota.net s.console.adtarget.com.tr
4 tracking.m6r.eu 4 redirects
4 sync.mathtag.com 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.us.e-planning.net
4 idsync.frontend.weborama.fr 4 redirects
4 sync.tidaltv.com 4 redirects
4 dmp.adform.net 2 redirects spl.zeotap.com
4 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
4 s.e-planning.net ads.us.e-planning.net
4 ads.us.e-planning.net 2 redirects s.console.adtarget.com.tr
4 creativecdn.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
4 c2shb.pubgw.yahoo.com live.primis.tech
4 x.bidswitch.net 2 redirects www.themarysue.com
live.primis.tech
4 spc.themarysue.com themarysue.com
3 token.rubiconproject.com 3 redirects
3 track.adform.net 3 redirects
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 tags.bluekai.com spl.zeotap.com
bcp.crwdcntrl.net
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 btlr.sharethrough.com global.proper.io
3 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
3 hbopenbid.pubmatic.com live.primis.tech
global.proper.io
3 secure.adnxs.com 3 redirects
3 eb2.3lift.com 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 u.openx.net live.primis.tech
3 sync.search.spotxchange.com 3 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.themarysue.com
2 adscale-emea.adnxs.com 2 redirects
2 dis.criteo.com ih.adscale.de
2 js.cookieless-data.com s.e-planning.net
2 bbnaut.ibillboard.com 2 redirects
2 tags.crwdcntrl.net s.e-planning.net
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 match.deepintent.com ssum.casalemedia.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 usermatch.krxd.net 2 redirects
2 pixel.mathtag.com 2 redirects
2 aa.agkn.com 2 redirects
2 cms.analytics.yahoo.com 2 redirects
2 dmp.theadex.com spl.zeotap.com
2 dsp.adfarm1.adition.com 2 redirects
2 bn01.er.bemail.it 2 redirects
2 loadeu.exelator.com spl.zeotap.com
2 dmp.v.fwmrm.net spl.zeotap.com
2 trc.taboola.com spl.zeotap.com
2 onetag-sys.com ads.us.e-planning.net
2 i.e-planning.net ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 rtb.openx.net ads.us.e-planning.net
2 pixel.sitescout.com 2 redirects
2 cm.adform.net s.console.adtarget.com.tr
2 usync.proper.io www.themarysue.com
2 script.4dex.io global.proper.io
script.4dex.io
2 search.spotxchange.com live.primis.tech
2 ads.adaptv.advertising.com live.primis.tech
2 csync.loopme.me 2 redirects
2 s.console.adtarget.com.tr live.primis.tech
2 abcheck.proper.io www.themarysue.com
2 c.aaxads.com www.themarysue.com
2 connect.facebook.net www.themarysue.com
connect.facebook.net
2 unpkg.com 1 redirects www.themarysue.com
2 global.proper.io www.themarysue.com
global.proper.io
2 cdn.onesignal.com www.themarysue.com
cdn.onesignal.com
2 pagead2.googlesyndication.com www.themarysue.com
pagead2.googlesyndication.com
1 pixel-sync.sitescout.com bcp.crwdcntrl.net
1 wt.rqtrk.eu bcp.crwdcntrl.net
1 d.turn.com 1 redirects
1 global.ib-ibi.com bcp.crwdcntrl.net
1 ads.yahoo.com ads.us.e-planning.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 id.rlcdn.com ads.us.e-planning.net
1 pixel-eu.rubiconproject.com ads.us.e-planning.net
1 ad4m.at ssum.casalemedia.com
1 p.rfihub.com 1 redirects
1 eb.proper.io global.proper.io
1 cm.adgrx.com ssum.casalemedia.com
1 sync.adotmob.com 1 redirects
1 geo.privacymanager.io ats.rlcdn.com
1 s-jsonp.moatads.com www.themarysue.com
1 cdn.id5-sync.com www.themarysue.com
1 secure.cdn.fastclick.net www.themarysue.com
1 ats.rlcdn.com www.themarysue.com
1 z.moatads.com s.ntv.io
1 a.teads.tv global.proper.io
1 bidder.criteo.com global.proper.io
1 htlb.casalemedia.com global.proper.io
1 hb-api.omnitagjs.com global.proper.io
1 tag.1rx.io global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 propermedia-d.openx.net global.proper.io
1 prebid.media.net global.proper.io
1 ap.lijit.com global.proper.io
1 apex.go.sonobi.com global.proper.io
1 mantodea.mantisadnetwork.com global.proper.io
1 tlx.3lift.com global.proper.io
1 pre.ads.justpremium.com global.proper.io
1 primis-d.openx.net live.primis.tech
1 rules.quantcount.com secure.quantserve.com
1 bids.proper.io global.proper.io
1 api.rlcdn.com global.proper.io
1 id5-sync.com global.proper.io
1 l3.aaxads.com www.themarysue.com
1 secure.quantserve.com global.proper.io
1 ads.stickyadstv.com live.primis.tech
1 www.aaxdetect.com www.themarysue.com
1 onesignal.com cdn.onesignal.com
1 static.adsafeprotected.com www.themarysue.com
1 s.ntv.io www.themarysue.com
1 disqus.com 1 redirects
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 themarysue.com www.themarysue.com
1 terrifictooth.com www.themarysue.com
1 geniuslinkcdn.com www.themarysue.com
1 www.googletagmanager.com www.themarysue.com
1 geekosystem.com 1 redirects
0 match.prod.bidr.io Failed www.themarysue.com
423 151
Subject Issuer Validity Valid
*.themarysue.com
R3		 2022-01-15 -
2022-04-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
geniuslinkcdn.com
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
superficialeyes.com
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
terrifictooth.com
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-19 -
2022-02-17		 3 months crt.sh
spc.bestgamingsettings.com
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.aaxads.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-01-28 -
2022-04-28		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.aaxdetect.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
ads.us.e-planning.net
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
tracking.justpremium.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.eyeota.net
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-03-08		 a year crt.sh
*.rqtrk.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-18 -
2022-06-18		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.themarysue.com/
Frame ID: 7E5FADECBE62BBAC808A8FA486E53908
Requests: 153 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 0162F6936363C805AD3DA81AC4DE2A7F
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html
Frame ID: B6B6FEC5DC00C5D3BAA88A3550066B23
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: B4ED551E125F46B716B44C942D9A7866
Requests: 27 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 45BF4B1A77094DDC3874EFC9DEB051F1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 0B5D1FEC7FDB1B9F58B4FE1B4CF5BBC9
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
Frame ID: 4CE5EAFDDAB1204BF43D9FBB4FDE0CC5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 29F9D84D1305B27CB49880CF9DFF8FF1
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 43199F6A3C3BA16F2FF9C7F205E4FE60
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 0F35B1781507203DE6D7049D3A5A8854
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 8B8E4F3AAD0AA63578BD8F7162DDC619
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
Frame ID: 5E6E78DDE85E3490E2EF8C98E111A697
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 1693F2CE969AD63B07007C669498FC71
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 712AB01112EF9DB549537D03A72B36D9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 246A67068E838A8A038827C9E39FDAEC
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: 41922EFA1C308D57E6AB859E4006316E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: E854AC40284EB7A18B092A55CB763430
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: C0B3D3DD4D579F75111029E8C4F74D3F
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 4F75095C2D52B34490D8DAF77E14AFA3
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Frame ID: FC086BF5CBE78198BECEA3E5A0C3A63A
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
Frame ID: 5E6D4402074268DCB8AFEF602115AC1F
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 7879D250D3061AB3CE496E490728C53D
Requests: 12 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 832CDB6013CF114F3F979C4321796E9B
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
Frame ID: BB0A0DFCF6EE4F5C6D70BCE34ED95A72
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 61C595B288A30C7FABF8ED9D05268DCB
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 65EB36148D350F939F2704008E9EE3FF
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: 1D8B65A98F21FC041921CCCB801BCF4B
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Frame ID: AF2B63DE787B94C0ABAE3C8004F4CF21
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 0A8F7D49EF11ACEE1635D5A4BACA0E66
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 7BE8D29B3B2FCB46018032B488789E12
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 2E716352EAB2FB46BC0B887A05C49181
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 5111AEE356B973468EC4A303D1867EC4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 165880D3D1BB47471F50825F6116AD7A
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D85f3a7025419f332%26uid%3D
Frame ID: 792F247671959B989B26E5A44E3F56AA
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Frame ID: 984716DEAD6D2FD74D47E8871B0F0570
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 6B919EC3761915C27D60F9ED5342DF4D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 13397AE9F3589EBA44F5511052356FE0
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361&cmp=0
Frame ID: A4FF3323C7B00A9F2FECAB7483577E9D
Requests: 30 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 329DE0375B2EDAD945C2A01ACA32F794
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D85f3a7025419f332%26uid%3D
Frame ID: A9EEEADE9B90924E5C1DF2949DF857C3
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Frame ID: 9E4CEF7FD3BC50FDCADF45217277292C
Requests: 9 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 5DE06B3E4BC9B9262B154407330AAFEF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 2C11B561732E5854B21202429578C284
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361&cmp=0
Frame ID: 53A8E66BEF91D73E3B7B096818145549
Requests: 30 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 62588EB4A903FBA255328FDDA715812D
Requests: 2 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 823F4EBD518948EE0F084258ABB97648
Requests: 11 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: F6830E2D79AD55A8AAA70F1CA47B2C38
Requests: 11 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 95FD92D2C44EF2CBE463BFEB54584E34
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AFR7GlK6OB1Tqvcp
Frame ID: 11B49CB42EE82B90AD89FD04EE7CDE14
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 71214BB84C71462C4642C455AF75CCF9
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ADTJixrS4cbCTJOa
Frame ID: 870890B384D0D92E07256699AD1CA69F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 09184E44027DB6CBAA54D04DEB802CFD
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: A51467EB4F6BBA29B3F0A59242EC3902
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 677E484C0EB5D101D1710AE3A13A3053
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=709426139/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: C1096775379DA63AEAF984425654A3E2
Requests: 7 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=487712696/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: EB3871B3AA36C1F7B539F871DF71578B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Mary Sue - The Nexus of Pop Culture and the Uncharted UniverseTwitterTwittermascot-5The Mary SueArrow Left #1 IconArrow right #1 IconArrow Left #1 IconArrow right #1 Iconuser-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

  1. http://geekosystem.com/ HTTP 301
    http://www.themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

423
Requests

78 %
HTTPS

19 %
IPv6

97
Domains

151
Subdomains

109
IPs

10
Countries

3111 kB
Transfer

9520 kB
Size

114
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://geekosystem.com/ HTTP 301
    http://www.themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Request Chain 45
  • https://disqus.com/forums/themarysue/count.js HTTP 302
  • https://themarysue.disqus.com/count.js
Request Chain 83
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=fd6f88a3-89d8-11ec-8157-152b84bd0406 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
Request Chain 89
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=93&advUuid=9ac1495e-72e8-4d85-906f-967fc5d7ce58
Request Chain 90
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=99&advUuid=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
Request Chain 91
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1911616555921520578307&advId=121&advUuid=1911616555921520578307
Request Chain 93
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D62040caf885b9%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=105&advUuid=6749432177276425798
Request Chain 128
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1911616555921520578307&advId=121&advUuid=1911616555921520578307
Request Chain 129
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
Request Chain 134
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=93&advUuid=d9fb7bbb-92b3-4299-bd96-e9a45614b672
Request Chain 135
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=99&advUuid=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
Request Chain 137
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=105&advUuid=6749432177276425798
Request Chain 145
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db7548ff1-6b22-4804-b194-2a05f283df59%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_privacy=1---&callback=window.proper_7c4f3349_bb0d5f60_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db7548ff1-6b22-4804-b194-2a05f283df59%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_privacy=1---&callback=window.proper_7c4f3349_bb0d5f60_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b7548ff1-6b22-4804-b194-2a05f283df59&uid=7ada77cf-cf9d-4397-9a5f-93661a1f5393
Request Chain 146
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4b70cbf9_ba6c9966_2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4b70cbf9_ba6c9966_2&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-x01b20RE2uGHwBIhkoef64rBLykjrR7e~A
Request Chain 159
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
Request Chain 160
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 196
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
Request Chain 202
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 233
  • https://ih.adscale.de/uu?cbfn=receive&t=1644432560 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1644432560&nut&uu=70dd8218844b4212aa706e1fc8eb1d11
Request Chain 234
  • https://ih.adscale.de/uu?cbfn=receive&t=1644432560 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1644432560&nut&uu=fcbe5976a24745ee91125becd47adf2a
Request Chain 236
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D85f3a7025419f332 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=85f3a7025419f332
Request Chain 240
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D85f3a7025419f332 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 241
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D85f3a7025419f332%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=85f3a7025419f332&uid=6749432177276425798
Request Chain 242
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D85f3a7025419f332 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=85f3a7025419f332
Request Chain 246
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D85f3a7025419f332 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 247
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D85f3a7025419f332%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=85f3a7025419f332&uid=6749432177276425798
Request Chain 248
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 255
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 267
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=127b2503-f77f-43f4-a236-eae753b3c51f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Request Chain 269
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Request Chain 273
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=98947a0b-f8af-4a03-8198-e4bf8cd32702&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 274
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=c3fff460-e208-4fd4-4090-2cc2c1442a93&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=c3fff460-e208-4fd4-4090-2cc2c1442a93&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=25981564487815184503631218584937140615&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Request Chain 276
  • https://bn01.er.bemail.it/zeotap.php?_bid=c3fff460-e208-4fd4-4090-2cc2c1442a93&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022020919-74678-0.104140001644432560-8bc8f2c0e674713592ab789f3bfa7f15&zdid=533&env=mWeb
Request Chain 277
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7062784069978159254&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Request Chain 278
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=c3fff460-e208-4fd4-4090-2cc2c1442a93 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=c3fff460-e208-4fd4-4090-2cc2c1442a93
Request Chain 279
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=c3fff460-e208-4fd4-4090-2cc2c1442a93&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=c3fff460-e208-4fd4-4090-2cc2c1442a93&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361&bounce=1&random=3509095525 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=9j/XpYoqjsyn3pT5d3nCDu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Request Chain 281
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=c3fff460-e208-4fd4-4090-2cc2c1442a93?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=c3fff460-e208-4fd4-4090-2cc2c1442a93?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=d938d2728e7294d60449986214cf8ac9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Request Chain 282
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-OV4wAMVE2orTEg_3YkkNlUhNRviiea1b1w--~A&zpartnerid=570&env=mWeb
Request Chain 283
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=%2BdA7J5CoeBogXwuORBFBepucE9YMP1HF%2BS41iYitP1U%3D
Request Chain 286
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361&_test=YgQMsQAE_hABTwBB HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YgQMsQAE_hABTwBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361&_test=YgQMsQAE_hABTwBB
Request Chain 287
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f36f6204-0cb1-4a00-ab73-f0a54c443e2c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Request Chain 288
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Request Chain 289
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c3fff460-e208-4fd4-4090-2cc2c1442a93&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c3fff460-e208-4fd4-4090-2cc2c1442a93&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361&dcc=t
Request Chain 291
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Request Chain 297
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=127b2503-f77f-43f4-a236-eae753b3c51f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Request Chain 299
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Request Chain 303
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=98947a0b-f8af-4a03-8198-e4bf8cd32702&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 304
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=991872fa-8d59-44e2-7e93-0fa96c5883a6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=991872fa-8d59-44e2-7e93-0fa96c5883a6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=48080667597909697622365193066645172727&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Request Chain 306
  • https://bn01.er.bemail.it/zeotap.php?_bid=991872fa-8d59-44e2-7e93-0fa96c5883a6&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022020919-27824-0.104128001644432560-405399cf1e277dce8e7d83aae6f9f81b&zdid=533&env=mWeb
Request Chain 307
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7062784069981436048&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Request Chain 308
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=991872fa-8d59-44e2-7e93-0fa96c5883a6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=991872fa-8d59-44e2-7e93-0fa96c5883a6
Request Chain 309
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=991872fa-8d59-44e2-7e93-0fa96c5883a6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=991872fa-8d59-44e2-7e93-0fa96c5883a6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361&bounce=1&random=1882890125 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=9j/XpYoqjsyn3pT5d3nCDu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Request Chain 311
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=991872fa-8d59-44e2-7e93-0fa96c5883a6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=991872fa-8d59-44e2-7e93-0fa96c5883a6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=d938d2728e7294d60449986214cf8ac9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Request Chain 312
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-OV4wAMVE2orTEg_3YkkNlUhNRviiea1b1w--~A&zpartnerid=570&env=mWeb
Request Chain 313
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=NZzY1EoA078gXwuORBFBeoe984qH4wtU%2BS41iYitP1U%3D
Request Chain 316
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361&_test=YgQMsQAE7ewYtgAy HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YgQMsQAE7ewYtgAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361&_test=YgQMsQAE7ewYtgAy
Request Chain 317
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Request Chain 318
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Request Chain 319
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=991872fa-8d59-44e2-7e93-0fa96c5883a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=991872fa-8d59-44e2-7e93-0fa96c5883a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361&dcc=t
Request Chain 321
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Request Chain 324
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgQMr1gvlLyb4v.Z5bAfRgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YgQMr1gvlLyb4v.Z5bAfRgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELBwBKJTeO9pZDe1JG_9x2I&google_cver=1&gdpr=1&google_hm=2
Request Chain 326
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&dcc=t
Request Chain 329
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 331
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6977189611836453733&uid=Q6977189611836453733&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 336
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&dcc=t
Request Chain 338
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgQMr1gvlLyb4v.Z5bAfRgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YgQMr1gvlLyb4v.Z5bAfRgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELBwBKJTeO9pZDe1JG_9x2I&google_cver=1&gdpr=1&google_hm=2
Request Chain 340
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336719669006985
Request Chain 345
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 359
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=70dd8218844b4212aa706e1fc8eb1d11&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=101&tpuid=BBID-01-03191465613965046-16521336
Request Chain 363
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=70dd8218844b4212aa706e1fc8eb1d11&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=101&tpuid=BBID-01-03191465614766965-16521336
Request Chain 364
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=bc1fdc7f13fd106fe2546ed0eedacc7d418468b6dd8ec00f50a481d25b2ac607&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
Request Chain 366
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBmZTY3YTdkNS04OWQ4LTExZWMtYTE2NC0wMjA3OGU0YTYzYWM%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
Request Chain 367
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&_origin=1&gdpr=1&gdpr_consent=
Request Chain 368
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YgQMsQAE-eqM7ABH HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YgQMsQAE-eqM7ABH&_origin=0&gdpr=1&gdpr_consent=&_test=YgQMsQAE-eqM7ABH
Request Chain 369
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a84fe54f807135d5301ae88c5ba294ca&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc027_7062784069973358526 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTg0ZmU1NGY4MDcxMzVkNTMwMWFlODhjNWJhMjk0Y2E=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEEKUZVm0zRp72sCKOZMT6Dg&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a84fe54f807135d5301ae88c5ba294ca?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-KI4WYGZE2oM3jtoubL7syELi92UCY.ubPn9.9vKf~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6749432177276425798 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6002394307703791370 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YgQMsQAE-eqM7ABH HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=3HiTLSHY1NhS1Q5 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Request Chain 370
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c01dbe30edf3f6f1fcedd3a01ecd0fc50d0bcd970ce2db51e4b7a9314a90d1dc&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=c01dbe30edf3f6f1fcedd3a01ecd0fc50d0bcd970ce2db51e4b7a9314a90d1dc&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=42&gdpr=0&tpuid=6002394307703791370
Request Chain 371
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=bc1fdc7f13fd106fe2546ed0eedacc7d418468b6dd8ec00f50a481d25b2ac607&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
Request Chain 372
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c01dbe30edf3f6f1fcedd3a01ecd0fc50d0bcd970ce2db51e4b7a9314a90d1dc&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=42&gdpr=0&tpuid=6002394307703791370
Request Chain 376
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=96b27312203b3fe1cfacff9a9758b3734b864388c90575b05b4ff718dd03ede0&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent=
Request Chain 377
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=96b27312203b3fe1cfacff9a9758b3734b864388c90575b05b4ff718dd03ede0&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent=
Request Chain 381
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBmZTY3YTdkNS04OWQ4LTExZWMtYTE2NC0wMjA3OGU0YTYzYWM%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
Request Chain 383
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&_origin=1&gdpr=1&gdpr_consent=
Request Chain 385
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgQMsQAE-eqM7ABH&us_privacy=1---
Request Chain 386
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nNNDepmT8P-yOce8HJU62Mn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2843818887849280980
Request Chain 388
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pGV09TSk4tMVItSVFXVw==&us_privacy=1---
Request Chain 389
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZFWOSJN-1R-IQWW&sigv=1&esig=2~4a6d13faed1884444cdab89a29ee1fe557a3417e&us_privacy=1---
Request Chain 390
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&expires=28
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmC5vnsItMzrSjznnyE77k&google_cver=1
Request Chain 392
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&gdpr=0&tpuid=CAESEHNx1xd7H1mISKiOxm371bc&google_cver=1
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&gdpr=0&tpuid=CAESEHNx1xd7H1mISKiOxm371bc&google_cver=1
Request Chain 394
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=75&tpuid=6749432177276425798&gdpr=0
Request Chain 395
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=75&tpuid=6749432177276425798&gdpr=0
Request Chain 396
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=0d33ba8f6dae4eec8b271d0b00ac44f54ceee14b218b18ee2cf39f261b080880&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=0d33ba8f6dae4eec8b271d0b00ac44f54ceee14b218b18ee2cf39f261b080880&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/js?tpid=48&tpuid=e97e99f531b32d550d0aec48acb9abc0
Request Chain 397
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=0d33ba8f6dae4eec8b271d0b00ac44f54ceee14b218b18ee2cf39f261b080880&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=0d33ba8f6dae4eec8b271d0b00ac44f54ceee14b218b18ee2cf39f261b080880&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/js?tpid=48&tpuid=10804cb480b52a182b9e8d168ace4ae1
Request Chain 402
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6002394307703791370 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=f7eGY7owhWvQVeLeNGNU4DQBQ&gdpr=0&gdpr_consent=
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f7eGY7owhWvQVeLeNGNU4DQBQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f7eGY7owhWvQVeLeNGNU4DQBQ&gdpr=0&gdpr_consent=&google_gid=CAESEFoHxGb-xQCaQIvZFPV4wVU&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f7eiqoH0AWdQ1KEcP5LeElp9w&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f7eiqoH0AWdQ1KEcP5LeElp9w&gdpr=0&gdpr_consent=&google_gid=CAESEFoHxGb-xQCaQIvZFPV4wVU&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 409
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6002394307703791370 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=f7eiqoH0AWdQ1KEcP5LeElp9w&gdpr=0&gdpr_consent=
Request Chain 413
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=d938d2728e7294d60449986214cf8ac9&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d2d6c7bd-0fb9-44c3-8f93-9f365eaecbe0
Request Chain 414
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d
Request Chain 416
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/d938d2728e7294d60449986214cf8ac9/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8291825515391026312
Request Chain 419
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YgQMsQAE-eqM7ABH

423 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.themarysue.com/
Redirect Chain
  • http://geekosystem.com/
  • http://www.themarysue.com/
  • https://www.themarysue.com/
110 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83732e8687ef4c56953be4994d897ad3cd92fa51c427c3d5e2547cc3287fa3a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-type
text/html; charset=UTF-8
cf-ray
6daf46e16d8c9128-FRA
link
<https://www.themarysue.com/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding, Accept-Encoding
cf-cache-status
BYPASS
cf-apo-via
origin,no-cache
cf-edge-cache
cache,platform=wordpress
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Wed, 09 Feb 2022 18:49:18 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 09 Feb 2022 19:49:18 GMT
Location
https://www.themarysue.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6daf46e0dbbc92b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
am-asap-500.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500.woff2?2107011725
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 21:25:53 GMT
server
cloudflare
age
5046
etag
"60de32e1-2e68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e7af509128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11880
am-asap-500i.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500i.woff2?2107011725
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 21:25:53 GMT
server
cloudflare
age
5046
etag
"60de32e1-31dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e7af579128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12764
crit-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/crit-main.min.css?2201311944
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b746f4b7f61be6e97de8be6b7aea2ea378b3f9d462a296123dd944e5b794c62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Feb 2022 00:44:10 GMT
server
cloudflare
age
7010
etag
W/"61f8825a-b212"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
6daf46e7af549128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
def-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		290 B
293 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/def-main.min.css?2110151600
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Oct 2021 20:00:12 GMT
server
cloudflare
age
309
etag
W/"6169ddcc-122"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
6daf46e7af5b9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
min.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/min.js?2111190411
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Nov 2021 09:11:50 GMT
server
cloudflare
age
309
etag
W/"61976a56-32db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=13019
cf-ray
6daf46e7af609128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
flying-focus.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/flying-focus.js?2108231028
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Aug 2021 14:28:13 GMT
server
cloudflare
age
6892
etag
W/"6123b07d-ecb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=3787
cf-ray
6daf46e809655c02-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bacb3c0e40dd4c86c4919d06574d8cf77f320a498d35b667e65e86b148b51d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53572
x-xss-protection
0
server
cafe
etag
14091548968134557095
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 18:49:19 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9daa70f04bcab7bfa85850050b2a1adcf9be552b4492510fa271be85ff041479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36108
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 18:09:22 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Feb 2022 18:49:19 GMT
ads-prebid-banner-proper-outbrain.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		25 B
158 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/ads-prebid-banner-proper-outbrain.js?2111190533
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Nov 2021 10:33:12 GMT
server
cloudflare
age
5687
etag
W/"61977d68-1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=27
cf-ray
6daf46e7af669128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
style-index.css
www.themarysue.com/wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/style-index.css?ver=1641882089
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 06:21:29 GMT
server
cloudflare
age
6109
etag
W/"61dd21e9-1665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=5733
cf-ray
6daf46e7af6c9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
pmpromc.css
www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/ 		182 B
240 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.8.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 11:12:11 GMT
server
cloudflare
age
7114
etag
W/"603f6f0b-dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=220
cf-ray
6daf46e7af6f9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.min.js
www.themarysue.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Aug 2021 09:57:57 GMT
server
cloudflare
age
6109
etag
W/"6107c1a5-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6daf46e7af739128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
www.themarysue.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Dec 2020 12:49:55 GMT
server
cloudflare
age
6109
etag
W/"5fec7773-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6daf46e7af769128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
snippet.min.js
geniuslinkcdn.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geniuslinkcdn.com/snippet.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
83.136.253.58 , United Kingdom, ASN202053 (UPCLOUD, FI),
Reverse DNS
83-136-253-58.uk-lon1.upcloud.host
Software
nginx /
Resource Hash
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
ratelimit-reset
1644432619
last-modified
Mon, 24 May 2021 12:29:48 GMT
ratelimit-limit
15
content-length
5652
ratelimit-resettime
Wed, 09 Feb 2022 18:50:19 GMT
server
nginx
ratelimit-observed
0
etag
"60ab9c3c-1614"
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
ratelimit-remaining
15
expires
Thu, 10 Feb 2022 18:49:19 GMT
guyliner-01-gq-25jul18_b-768x432.jpg
www.themarysue.com/wp-content/uploads/2022/02/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/guyliner-01-gq-25jul18_b-768x432.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be9cf8fed41b71d3408d293dcca46eae7858d27328b190e2607a87d2a66fdef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
112
cf-polished
origSize=49396, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48153
last-modified
Wed, 09 Feb 2022 14:06:49 GMT
server
cloudflare
etag
"6203ca79-c0f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e809685c02-FRA
cf-bgj
imgq:100,h2pri
Chidi-Chili-Featured-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/02/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/Chidi-Chili-Featured-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a420db9f3026cba64a4e5b7bae2972de615bc9b5dd71d78469e952adbeaf96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
3802
cf-polished
origSize=17132, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16510
last-modified
Tue, 08 Feb 2022 13:50:14 GMT
server
cloudflare
etag
"62027516-42ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e809695c02-FRA
cf-bgj
imgq:100,h2pri
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
2837dc24270bc43e4d013b223b1d5d59df7369d82e0208ef30691af7be3aba3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
promo-gossip.jpg
www.themarysue.com/wp-content/themes/m2019-tms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/images/promo-gossip.jpg?v=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
112
cf-polished
origFmt=jpeg, origSize=3659
content-disposition
inline; filename="promo-gossip.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3474
last-modified
Mon, 14 Oct 2019 15:08:43 GMT
server
cloudflare
etag
"5da48f7b-e4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e8096d5c02-FRA
cf-bgj
imgq:100,h2pri
email-decode.min.js
www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Feb 2022 10:43:21 GMT
server
cloudflare
etag
W/"62024949-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6daf46e7f9375c02-FRA
vary
Accept-Encoding
expires
Fri, 11 Feb 2022 18:49:19 GMT
mpp-frontend.js
www.themarysue.com/wp-content/plugins/metronet-profile-picture/js/ 		290 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2019 13:15:40 GMT
server
cloudflare
age
6160
etag
W/"5d07927c-14b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=331
cf-ray
6daf46e809555c02-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
comment_count.js
www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/ 		708 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Mar 2019 08:40:52 GMT
server
cloudflare
age
6892
etag
W/"5c91fc94-379"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=889
cf-ray
6daf46e8095b5c02-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
theme-my-login.min.js
www.themarysue.com/wp-content/plugins/theme-my-login/assets/scripts/ 		2 KB
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbaa50905cbfd614dc889e6155550145a3ed92a0085f7cbfcdd5df69145dfdf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Jul 2020 12:20:42 GMT
server
cloudflare
age
6891
etag
W/"5eff229a-6cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6daf46e8095f5c02-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-embed.min.js
www.themarysue.com/wp-includes/js/ 		1 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 11:13:32 GMT
server
cloudflare
age
6892
etag
W/"603f6f5c-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6daf46e809605c02-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
427
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6daf46e8cd6d912a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 12 Feb 2022 18:49:19 GMT
v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
superficialeyes.com/ 		518 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ddc608553c368676512e6770ba713fcb63bc2524ce3285c6abb4a71082853b43
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"0000d320a88de3d36f1f62d9066be186373653cc1e5074e90339428b6aca56d1"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-test-04vg
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 09 Feb 2022 18:49:19 GMT
x-buildnumber
466245667
timing-allow-origin
*
v2scndJ-AMeJMokTSkHu5IoG9csmT7Lfvk0EM8dzFKSEFzT2YhAC8u7_JGnlqI6GhAkPEdXTCeVTWn--yRA
terrifictooth.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://terrifictooth.com/v2scndJ-AMeJMokTSkHu5IoG9csmT7Lfvk0EM8dzFKSEFzT2YhAC8u7_JGnlqI6GhAkPEdXTCeVTWn--yRA
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
3da031ff072bc0fde56a065bc8971c0dfce5d9176b611422a3f44b43b4b41958
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"8c6c65bfccf061b503c1eefa4b5cde632675998c67b442356ca512159946d189"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-test-04vg
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 09 Feb 2022 18:49:19 GMT
x-buildnumber
466245667
timing-allow-origin
*
themarysue.min.js
global.proper.io/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/themarysue.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53dfab331426cfb18c2817a8d8c6c0acf8d173d74d143df95bf18f5611ddee54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Feb 2022 19:49:24 GMT
server
cloudflare
age
168989
etag
W/"620177c4-6f6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6daf46e8d8669249-FRA
expires
Wed, 09 Feb 2022 18:54:19 GMT
plow.lite.js
themarysue.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.com/plow.lite.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Jan 2022 02:24:24 GMT
server
cloudflare
age
5202
etag
W/"61df8d58-97a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=38821
cf-ray
6daf46e818de9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
web-vitals.iife.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1335284
fly-request-id
01FT83NE1FV146MGHMT40QQ32Z
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6daf46e8fb888fd6-FRA

Redirect headers

date
Wed, 09 Feb 2022 18:49:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FVFWVBNRH38RS4PWFT10N1PQ
server
cloudflare
age
253
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6daf46e8cb088fd6-FRA
access-control-allow-origin
*
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
134f84597142857661d345298a6f740a5c345169009b7a2e3adf8036767e7ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
wmQvZk/BeLfzb5KGZ8JKBA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 09 Feb 2022 19:06:17 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1683
x-fb-rlafr
0
x-fb-debug
wEe8xKnvrZBgGJur8zzJ1dWBeI4EywBJB8dND/JvjtvMQvlzzinHWmlEeRCeVkW/T/vLs6AZC/5tfNDuqGNCdQ==
x-fb-trip-id
2050670934
x-fb-content-md5
88c50fb9a995c4ab2c82b711d253ffd2
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 09 Feb 2022 18:49:19 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c2a1627317720471dcdc2316d6063bfe"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.themarysue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
x-cloud-trace-context
fec694e833e0298e6d05b83328c9a9d2
date
Wed, 09 Feb 2022 18:49:19 GMT
content-type
text/html
server
Google Frontend
content-length
0
via
1.1 google
alt-svc
clear
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: themarysue.com
URL: https://themarysue.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
438fbe90f3485d81e0cfb7d9670f9719
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
all.js
connect.facebook.net/en_US/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=8cee1a467b5af0740e507abbef8a6dca
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
81aa34fcac9ffacb34a7ed839729b591cdea2fefb373ee2c2ec66d2fe6888961
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2V5aLn5FCkBbnWMbQfXWzw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 09 Feb 2023 16:58:51 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82115
x-fb-rlafr
0
x-fb-debug
fTdbJ31U1GHsmM/lXxTGbiZjNnBx2GV+IN4War2x55lo5HWZr4YpSHynrV6yacfjk8k04rAw5CUKLqz6jEsBug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
3b9f2f9b2daccb50f95c4cfbf1072b11
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Feb 2022 18:49:19 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"fd4d6e4846ffd73b20ef40d670d3e0e4"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
liveView.php
live.primis.tech/live/ Frame 0162 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
dd226f3829c76c878c38c078df74f948ce6579c5cb4ccc6e1ec234b76b62b061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:18 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f9f9d4034c499654f02633aded8d85aea66529c881516dff70f4517adfa3bcfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 		286 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9356934496955375&plah=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
302603cbea23a21ffba092d2e6ab3a8d33262bf1849955efaf56eea8d9191455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105570
x-xss-protection
0
server
cafe
etag
9609070081002353531
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 18:49:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/ Frame B6B6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Tue, 08 Feb 2022 22:00:37 GMT
expires
Tue, 22 Feb 2022 22:00:37 GMT
cache-control
public, max-age=1209600
etag
18247940800414524076
content-type
text/html; charset=UTF-8
age
74922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2667
date
Wed, 09 Feb 2022 18:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 09 Feb 2022 20:04:52 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 0162 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 0162 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 0162 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 0162 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
prebidVid.5.18.0_9.min.js
live.primis.tech/content/prebid/ Frame 0162 		491 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
53ccee744c5db641ca9e37f041a302720b862edf02e7fdee87ba9cb66921a287

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 14:54:42 GMT
server
nginx
etag
W/"6203d5b2-7ad5b"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
liveVideo.php
live.primis.tech/live/ Frame 0162 		552 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
2f01d0e33fa9c077c4f1f837e7cb193d6ef3a902b0e45d6ee0cc625d099023b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ Frame B4ED 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
cb2f136536100cecd793ad2208200acb19744fdb4fdb4694644271ad79345aab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
count.js
themarysue.disqus.com/
Redirect Chain
  • https://disqus.com/forums/themarysue/count.js
  • https://themarysue.disqus.com/count.js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
154
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 31 Jan 2022 20:16:06 GMT
Server
nginx
ETag
"61f84386-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW55-C3
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
8MWdPIRZc053_UJIrYIx3M8zMMiaBpPzBaUjUXI6hOLTPiw2li4omA==

Redirect headers

Date
Wed, 09 Feb 2022 18:49:19 GMT
Server
Varnish
Strict-Transport-Security
max-age=300; includeSubdomains
Location
https://themarysue.disqus.com/count.js
Cache-Control
public, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
count.js
themarysue.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
154
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 31 Jan 2022 20:16:06 GMT
Server
nginx
ETag
"61f84386-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW55-C3
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
8MWdPIRZc053_UJIrYIx3M8zMMiaBpPzBaUjUXI6hOLTPiw2li4omA==
aax.js
c.aaxads.com/ 		544 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAXBD4DM4&hst=www.themarysue.com&ver=1.2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
db0811bb161c53b5359aa4434fc4ca6a9c2806d77bb2840013a8814a6f4f7cc1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 09 Feb 2022 18:49:19 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Wed, 09 Feb 2022 19:19:19 GMT
load.js
s.ntv.io/serve/ 		391 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/wp-content/themes/m2019-tms/js/min.js?2111190411
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.83 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
71196740943f35199c4efd811d4387be6cb89dee4881e13dc94b1ac20ad3a255

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:19 GMT
Content-Encoding
gzip
x-amz-request-id
HPS1RQ26J7J4BNEG
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
VHps9KYXzitKurUHq/ylxQn+snaZrw2RcjbPm6Hm8vx6dzELWohExVdT0dxw8AS8bdi2f7+L+mQ=
Last-Modified
Tue, 01 Feb 2022 15:41:38 GMT
Server
AmazonS3
ETag
"3b6f261a150944b2b85bc5ad1f2bca72"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
427
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6daf46e9f86b926e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 12 Feb 2022 18:49:19 GMT
tms-youtube-background-nomascot-432x243.jpg
www.themarysue.com/wp-content/uploads/2018/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2018/05/tms-youtube-background-nomascot-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c8f9f8ac07ad5688411afc87c4dfbf14c0d82ece30f3fa776d7c000231b152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
2303
cf-polished
origSize=12125, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10343
last-modified
Thu, 10 May 2018 19:42:53 GMT
server
cloudflare
etag
"5af4a0bd-2f5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de495c02-FRA
cf-bgj
imgq:100,h2pri
elizabeth-holmes-girl-boss-crisis-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/10/elizabeth-holmes-girl-boss-crisis-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e9f053c60b651628e0c7d097aca33d351e12a2a39b7d393ff0214cf927d1ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
2303
cf-polished
origSize=15958, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15490
last-modified
Fri, 01 Oct 2021 15:24:32 GMT
server
cloudflare
etag
"61572830-3e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de535c02-FRA
cf-bgj
imgq:100,h2pri
The_Batman_Robert_Pattinson-432x243.jpeg
www.themarysue.com/wp-content/uploads/2021/08/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/08/The_Batman_Robert_Pattinson-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1180570af40ea4e8174e7af8027d627989e1c3ba769b0eac46b6c27ced94cec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
2220
cf-polished
origSize=16221, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10479
last-modified
Wed, 25 Aug 2021 15:48:48 GMT
server
cloudflare
etag
"61266660-3f5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de5a5c02-FRA
cf-bgj
imgq:100,h2pri
gilded-age-peggy-scott-blackness-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/02/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/gilded-age-peggy-scott-blackness-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b9162643dec1ad9fd40391d498a03d7f0276f74666188f483087a1547eaec2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
2303
cf-polished
origSize=15842, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15593
last-modified
Tue, 08 Feb 2022 18:14:54 GMT
server
cloudflare
etag
"6202b31e-3de2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de645c02-FRA
cf-bgj
imgq:100,h2pri
Anime-Award-Winners-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/02/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/Anime-Award-Winners-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdf095b8654cdd35aca8cd904f12d31887fc8b3fd57db8b94152da731d359f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
440
cf-polished
origSize=37189, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34361
last-modified
Wed, 09 Feb 2022 17:06:32 GMT
server
cloudflare
etag
"6203f498-9145"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de655c02-FRA
cf-bgj
imgq:100,h2pri
who-were-the-robber-barons-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/02/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/who-were-the-robber-barons-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5715929471189592a4584792deec7c0b804976c71366f1cf03ab8d0eb782a00a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
2216
cf-polished
origSize=15690, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15491
last-modified
Wed, 09 Feb 2022 16:14:21 GMT
server
cloudflare
etag
"6203e85d-3d4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de675c02-FRA
cf-bgj
imgq:100,h2pri
grogu-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/06/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/06/grogu-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bebc0ae1c09872eb1ee9c76e7e2273c089e70e290dbe06a2dee1a58d1b396e14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
6717
cf-polished
origSize=17265, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16896
last-modified
Thu, 17 Jun 2021 21:26:22 GMT
server
cloudflare
etag
"60cbbdfe-4371"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de6b5c02-FRA
cf-bgj
imgq:100,h2pri
The-Book-of-Boba-Fett-Season-2-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/02/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/The-Book-of-Boba-Fett-Season-2-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f593e49d021dfe9c0375a39265498dda7577848fbb80329b5996348547f13e64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
2216
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12533
last-modified
Fri, 04 Feb 2022 16:46:52 GMT
server
cloudflare
etag
"61fd587c-30f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de6d5c02-FRA
cf-bgj
imgq:100,h2pri
The_Book_Of_Boba_Fett_Episode_4_Temuera_Morrison-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/01/The_Book_Of_Boba_Fett_Episode_4_Temuera_Morrison-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40b499aa0b45aef438756a2f74f2d6a0fdf22b01d423b19f52111fa4fbc9f79b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
2216
cf-polished
origSize=26928, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17960
last-modified
Wed, 19 Jan 2022 15:40:19 GMT
server
cloudflare
etag
"61e830e3-6930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de6f5c02-FRA
cf-bgj
imgq:100,h2pri
new-girl-bar-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/new-girl-bar-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3251f19e0ef7efc125509d8c9aac52e3abdebfcf6f6ea6c2114907259e96edef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
6717
cf-polished
origSize=17865, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17495
last-modified
Tue, 08 Feb 2022 21:13:03 GMT
server
cloudflare
etag
"6202dcdf-45c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de755c02-FRA
cf-bgj
imgq:100,h2pri
spotify-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/spotify-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0350c457103cc91b27e3244e09782469c485d8e76b4f5d591ba94a1cd2c35089

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
2216
cf-polished
origSize=9487, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5261
last-modified
Tue, 08 Feb 2022 17:43:12 GMT
server
cloudflare
etag
"6202abb0-250f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de775c02-FRA
cf-bgj
imgq:100,h2pri
pretty-smile-demeester-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/02/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/pretty-smile-demeester-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8615a71c1f36362def617ba2fb1e9aac84cd9e712523552063cc39375e4e2f1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
2216
cf-polished
origSize=16917, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12711
last-modified
Fri, 04 Feb 2022 21:42:56 GMT
server
cloudflare
etag
"61fd9de0-4215"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de7c5c02-FRA
cf-bgj
imgq:100,h2pri
emilia-clarke-solo-qira-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/07/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/07/emilia-clarke-solo-qira-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbea5260d51ef6ebffe18f8abe006ad537908cb1d02bdc26d3cf7e97672e6a59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
3560
cf-polished
origSize=32899, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28337
last-modified
Thu, 22 Jul 2021 19:32:53 GMT
server
cloudflare
etag
"60f9c7e5-8083"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de805c02-FRA
cf-bgj
imgq:100,h2pri
breath-of-the-wild-2-nintendo-direct-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/breath-of-the-wild-2-nintendo-direct-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:14a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58598d04c3bdf8eb43a5dcb66a932dc4191fae75384ca76c405dbaf826e9f594

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
cf-cache-status
HIT
age
3993
cf-polished
origSize=20358, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19828
last-modified
Tue, 08 Feb 2022 17:35:08 GMT
server
cloudflare
etag
"6202a9cc-4f86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6daf46e9de855c02-FRA
cf-bgj
imgq:100,h2pri
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=127145894&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1538786886&gjid=1906052698&cid=721961995.1644432560&tid=UA-21433528-1&_gid=2141670875.1644432560&_r=1&gtm=2ou270&z=1456432281
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=127145894&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=721961995.1644432560&tid=UA-21433528-1&_gid=2141670875.1644432560&gtm=2ou270&z=2109579612
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 04:06:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52980
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame B4ED 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame B4ED 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame B4ED 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame B4ED 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
prebidVid.5.18.0_9.min.js
live.primis.tech/content/prebid/ Frame B4ED 		491 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
53ccee744c5db641ca9e37f041a302720b862edf02e7fdee87ba9cb66921a287

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 14:54:42 GMT
server
nginx
etag
W/"6203d5b2-7ad5b"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 09 Feb 2023 18:49:19 GMT
liveVideo.php
live.primis.tech/live/ Frame B4ED 		551 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=109305&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1644432559&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
0754f2e081b1a1355ac5858d85bdbcab8eee6656507a66e7e76202cc7db74c51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
count-data.js
themarysue.disqus.com/ 		903 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=569296%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569296&1=569347%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569347&1=569750%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569750&1=569777%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569777&1=569875%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569875&1=569900%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569900&1=569903%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569903&1=569928%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569928&1=569965%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569965&1=569974%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569974
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ea314f9d44a5be06ae36d7a73d51d515ff4d233421cdef14d1a0d6edf0c5ad8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:19 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
475
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
903
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		905 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=569984%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569984&1=569987%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569987&1=569992%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D569992&1=570000%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570000&1=570003%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570003&1=570085%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570085&1=570092%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570092&1=570178%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570178&1=570192%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570192&1=570193%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570193
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
027983e9670bd35f6833ee1f9f56a891bb293a80a65e5d0ae4701fc774537d67
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:19 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
475
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
905
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		624 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=570247%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570247&1=570249%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570249&1=570252%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570252&1=570255%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570255&1=570280%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570280&1=570303%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D570303
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca84439bb3cda98449c1170c97e2871cb5d520d0c31c3a4f85c47fa2bc6b11b0
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:19 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
475
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
624
X-XSS-Protection
1; mode=block
latest.js
global.proper.io/payloads/ 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/themarysue.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0c4f5c3d6acef428e5aa92fada14b3238a6f318b6a6fc9b0c5a4c1397611ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 20:36:58 GMT
server
cloudflare
age
1328820
etag
W/"61e8766a-6f913"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6daf46eaae859249-FRA
expires
Wed, 09 Feb 2022 18:54:19 GMT
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=1&rn=3.201832747364651
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
78TW2439HZ708H5D
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6daf46eabeab9249-FRA
content-length
842
x-amz-id-2
uHeAP+moSMR2sq3PjdhKijsSPb99x4QizrC9oNIPuzeggShH250wHsYAG3JXAsTz6/xRrlOAV0s=
expires
Wed, 09 Feb 2022 22:49:20 GMT
px.gif
abcheck.proper.io/ 		842 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=2&rn=3.201832747364651
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
78TZPQ8ZZT9ASDZA
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6daf46eabea99249-FRA
content-length
842
x-amz-id-2
zKDozS+L1qS92K1o7ekjqml0BkfK5NO9s84sUZVeJ1ZLqbNvbrxBdf+Dti3PkFozmC2d2MAfSIw=
expires
Wed, 09 Feb 2022 22:49:20 GMT
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
etag
W/"620367f6-465a"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0162 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
466
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1866Y67X19DHG56RWGY4
date
Wed, 09 Feb 2022 18:41:34 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
8jsWaKH60zpY_3B4jfl3rPZL6yQLmy8WkN2lqg2M8HG91uQxb6rDpQ==
css
fonts.googleapis.com/ Frame 45BF 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 17:56:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Feb 2022 18:49:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Feb 2022 18:49:19 GMT
css
fonts.googleapis.com/ 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 17:34:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Feb 2022 18:49:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Feb 2022 18:49:19 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0B5D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60042
expires
Thu, 10 Feb 2022 11:30:01 GMT
date
Wed, 09 Feb 2022 18:49:19 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 4CE5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

server
nginx
date
Wed, 09 Feb 2022 18:49:19 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 09 Feb 2022 18:49:19 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
X-fe
40
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 29F9 		43 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Wed, 09 Feb 2022 18:49:19 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame 4319 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e787eccbaa2fc69b0d6cd90c88d999775564004e6432c14ea8112c8250e7f034

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:19 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
908
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 0162 		60 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZTMjMTt2ZTMkMTQ0OTI1MDY0Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MTtmJaZcZF9wo250ZW50X2Ryp2M9VE1TK1RuoGgmK3RiK0F0nGVhYSgGnWkgK0Zyp3RcqzFfK0F3YXJxZWUeRVZFK0VOU0kFUvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeVGFfn3MeqG8eQXRbZW5uK0ZcoG0eRzVmqGy2YWjeQXqupzRyZSgFVxUeRU5TTEVSJaZcZF9wo250ZW50X2R1pzF0nW9hPTE0NSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeZUNQTVRbpaNboGQeJTJGKmIeJTJGKmAhMDA1Jat9MmAjJax9MwUjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMlMxQmMDM5NUYmMwMjN0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NUE1NTRFNTE1NDU2NTI2RwYmNxU0RTZGNwI0NmUkNwp0Qmp5NDE3OTQ5NDMmODY3NEQ0MmM0Nmp0RDQ0NTUmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTthMC40NmU4LwtjK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYlMDQjY2FzODt1YwxzY2J1p3Rypw0kNwQ0NDMlNTU5ODUjJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
d1720e14b7ad40537f7d7f1338954b0ca4b62b7d9432a69f711c9ebc3cbfd4fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6930
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0NDQmMwU1OSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow1BQyQyMwAyMxYyMwByQ1BNVGulp2ufZCUlMCUlRvUlMDIyMwAyMxYyMwAjLwAjNSZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmIlRDMjMmx1RwMlMmA3RDqCNmMmMTM2MmtmODM5MmAmNmM2N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RTUlNxY1QTU3MmE2ODYmNxU2QmqBNwQ1NmU1NmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMkMmY3RDqCNTxmMwMmMmQ3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp1QTU1NEU1MTU0NTY1MwZGNwM2RTRFNxY2MwQ3NTE2NmRDNmx0MTp5NDx0MmM4Nwp0RDQmMmQ3NmRENDQ1NTNEN0Q3QwRDMmEmMwMlMmpmOTqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmEzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTthMC40NmU4LwtjJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwA0MGNuZwt4NWI5JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NDQ0MmI1NTx4MmtzqWyxPVNyn2yhZG9TUGkurWVlNwIjNDBwYWY5OWY5ZSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 0162 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.58.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-58-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 0162
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=93&advUuid=9ac1495e-72e8-4d85-906f-967fc5d7ce58
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=93&advUuid=9ac1495e-72e8-4d85-906f-967fc5d7ce58
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=93&advUuid=9ac1495e-72e8-4d85-906f-967fc5d7ce58
date
Wed, 09 Feb 2022 18:49:19 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 0162
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=99&advUuid=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=99&advUuid=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=99&advUuid=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Wed, 09 Feb 2022 18:49:20 GMT
liveCS.php
live.primis.tech/live/ Frame 0162
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1911616555921...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1911616555921520578307&advId=121&advUuid=1911616555921520578307
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1911616555921520578307&advId=121&advUuid=1911616555921520578307
date
Wed, 09 Feb 2022 18:49:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.php
pixel.rubiconproject.com/exchange/ Frame 0162 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 0162
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D62040caf885b9%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=105&advUuid=6749432177276425798
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=105&advUuid=6749432177276425798
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:20 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
16202072-c95e-4568-b1df-586fc583f062
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf885b9&pixel=&advId=105&advUuid=6749432177276425798
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid6192e30186e31144925064.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192e30186e31144925064.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
81422271146b5886d672abad6c7454dd07e813cf83e582db7576289a0bb7960d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
via
1.1 d75767e25d58a643b0b793855f4459c8.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 22:56:57 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"c01de394ee96f2f13c86d80e7a083850"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 23 Feb 2022 18:49:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
16371
x-amz-cf-id
kBk-CeC3gKb6FYpwhvtvfwXiNJo8vlo8Y3GIuoEDs4KGKbdoKYpxHA==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame 0162 		118 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZTMjMTt2ZTMkMTQ0OTI1MDY0Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MTtmJaZcZF9wo250ZW50X2Ryp2M9VE1TK1RuoGgmK3RiK0F0nGVhYSgGnWkgK0Zyp3RcqzFfK0F3YXJxZWUeRVZFK0VOU0kFUvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeVGFfn3MeqG8eQXRbZW5uK0ZcoG0eRzVmqGy2YWjeQXqupzRyZSgFVxUeRU5TTEVSJaZcZF9wo250ZW50X2R1pzF0nW9hPTE0NSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeZUNQTVRbpaNboGQeJTJGKmIeJTJGKmAhMDA1Jat9NwtjJax9MmtmJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMlMxQmMDM5NUYmMwMjN0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NUE1NTRFNTE1NDU2NTI2RwYmNxU0RTZGNwI0NmUkNwp0Qmp5NDE3OTQ5NDMmODY3NEQ0MmM0Nmp0RDQ0NTUmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTthMC40NmU4LwtjK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYlMDQjY2FzODt1YwxzY2J1p3Rypw0kNwQ0NDMlNTU5ODY0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
be69496fe4311ce11f780f385d013372aea78aeb5a5a57e14f3307a8185aa6f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10358
liveView.php
live.primis.tech/live/ Frame 0162 		118 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZTMjMTt2ZTMkMTQ0OTI1MDY0Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MTtmJaZcZF9wo250ZW50X2Ryp2M9VE1TK1RuoGgmK3RiK0F0nGVhYSgGnWkgK0Zyp3RcqzFfK0F3YXJxZWUeRVZFK0VOU0kFUvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeVGFfn3MeqG8eQXRbZW5uK0ZcoG0eRzVmqGy2YWjeQXqupzRyZSgFVxUeRU5TTEVSJaZcZF9wo250ZW50X2R1pzF0nW9hPTE0NSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeZUNQTVRbpaNboGQeJTJGKmIeJTJGKmAhMDA1Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMlMxQmMDM5NUYmMwMjN0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NUE1NTRFNTE1NDU2NTI2RwYmNxU0RTZGNwI0NmUkNwp0Qmp5NDE3OTQ5NDMmODY3NEQ0MmM0Nmp0RDQ0NTUmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTthMC40NmU4LwtjK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYlMDQjY2FzODt1YwxzY2J1p3Rypw0kNwQ0NDMlNTU5ODY1JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1a03b23bd3aaafc5631f40afe0a908f0b51d342c4c5583e0d1e107d2979c318f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10355
liveView.php
live.primis.tech/live/ Frame 0162 		60 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZTMjMTt2ZTMkMTQ0OTI1MDY0Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MTtmJaZcZF9wo250ZW50X2Ryp2M9VE1TK1RuoGgmK3RiK0F0nGVhYSgGnWkgK0Zyp3RcqzFfK0F3YXJxZWUeRVZFK0VOU0kFUvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeVGFfn3MeqG8eQXRbZW5uK0ZcoG0eRzVmqGy2YWjeQXqupzRyZSgFVxUeRU5TTEVSJaZcZF9wo250ZW50X2R1pzF0nW9hPTE0NSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeZUNQTVRbpaNboGQeJTJGKmIeJTJGKmAhMDA1Jat9NwtjJax9MmtmJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMlMxQmMDM5NUYmMwMjN0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NUE1NTRFNTE1NDU2NTI2RwYmNxU0RTZGNwI0NmUkNwp0Qmp5NDE3OTQ5NDMmODY3NEQ0MmM0Nmp0RDQ0NTUmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTthMC40NmU4LwtjK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYlMDQjY2FzODt1YwxzY2J1p3Rypw0kNwQ0NDMlNTU5ODY3JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D44553D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf885b9&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.005&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e83ade8841826e5cf9e954304d57003ea082aec65050eadbe92e2cb7a57175d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
7489
acv.json
superficialeyes.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/acv.json
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Fri, 04 Feb 2022 18:27:32 GMT
x-datacenter
gce-europe-west1
date
Wed, 09 Feb 2022 18:49:19 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-test-04vg
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
466245667
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
accept-ranges
bytes
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 c51e3be89c14e3f859ea898f7e36ecec.cloudfront.net (CloudFront)
age
16166085
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
IDDwKM4kVAPmOcNWjP0dF_YYq3nWAM7QdAq31q1-ocyq0juBbDIjOQ==
web
onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38840bc3330b98934d326969a95d581fc42bbac2f6c020160bf4d366e9ca9885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
531
cf-polished
origSize=3421
status
200 OK
x-envoy-upstream-service-time
62
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a68d6e78-70d4-42c0-815d-2c9f5f897c5d
x-runtime
0.061047
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"88f355ad481a42f3505d76d2e710aa24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6daf46ebadc3912a-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 09 Feb 2022 19:49:19 GMT
pxusr.gif
c.aaxads.com/ 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=733336
accept-ranges
bytes
content-length
43
expires
Fri, 18 Feb 2022 06:31:35 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.70.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-70-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:20 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=493143
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 15 Feb 2022 11:48:23 GMT
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: themarysue.com
URL: https://themarysue.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
09f8d3b27018f952af028d5109156550
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.themarysue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
x-cloud-trace-context
c71e28c5f2320b427d23cfc2fd7ed2c2
date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html
server
Google Frontend
content-length
0
via
1.1 google
alt-svc
clear
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.themarysue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.themarysue.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
85771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 18:59:49 GMT
translator
hbopenbid.pubmatic.com/ Frame 0162 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 09 Feb 2022 18:49:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0162 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
x-openrtb-version
2.5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 09 Feb 2022 18:49:20 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 0162 		67 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1644432559990&pKey=308791262&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.themarysue.com%2F&playerSize=680x383&schain=1.0%2C1!primis.tech%2C29569%2C1%2Cc5ba1f64-d457-4e93-9122-a5b3520ba3c7%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.210.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-210-71.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:20 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1644432560015054-395
Expires
Wed, 09 Feb 2022 18:49:20 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 0162 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.184.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-184-48.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame 0162 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 09 Feb 2022 18:49:20 GMT
X-SpotX-Timing-Transform
0.000418
X-SpotX-Timing-SpotMarket
0.007936
X-SpotX-Timing-Page-Mux
0.000258
X-SpotX-Timing-Page-Require
0.000460
X-fe
090
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000031
X-SpotX-Timing-Page
0.031232
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003168
Last-Modified
Wed, 09 Feb 2022 18:49:20 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007936
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.themarysue.com
X-SpotX-Timing-Page-Misc
0.018949
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwQ0NDMlNTU5JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTYkMDAjNDpzrD02ODAzrT0mODMzoXN0YT0kNwt4OTA3NvZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow1BQyQyMwAyMxYyMwByQ1BNVGulp2ufZCUlMCUlRvUlMDIyMwAyMxYyMwAjLwAjNSZcp0FjpD0jJaVmZXJJpEFxZHI9MwE3LwEkNC4lMTUhMTMkJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx4LwAhNDp1OC44MCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwIjNDBwYWY4ODVvOSZlqz49JHgWUF9SVx5sTUFDUx99JzF0qGVgpHRNqWk0nXBfnWVlPTIjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NDQ0MmI1NTx5NmxzqWyxPVNyn2yhZG9TUGkurWVlNwIjNDBwYWY5OWY5ZSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6192e30186e31144925064_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192e30186e31144925064_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
30b582e9bfdbf0af2563f1220ace33de65ad5f1b73d0a0542ffd9c02788cf2be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 f291c7a8655cbe888970e5f435898d0a.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 22:56:58 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"4b1ee2f4006359616ae4eb451186ee4a"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 23 Feb 2022 18:49:20 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2800
x-amz-cf-id
EXInn_DnczF_bDb7_z6nbi1juMzgKp45qZVn5wfmZPgEpw0hsPLFGg==
x-proxy-cache
HIT
vid61939e69518c8530789797_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61939e69518c8530789797_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a48fe78fda97e6ca8bde40cec9328b4453c9224fe4b2f223547690b5b670db07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 12:09:13 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"e71fdf8b41e5d4dee40550fa81aa545f"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 23 Feb 2022 18:49:20 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1130
x-amz-cf-id
Ad_JWKMalX1PfU61nHqAzdhdbHEuEIZKVdynpx-Z8fXXWCjBoWwS4w==
x-proxy-cache
HIT
vid619381b105cad902858197_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid619381b105cad902858197_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
3d9dde8583bd9a08b29bc9bb5ae15a4bdf33c7a16dc6b7c3f0ad92a5d4a9e411

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 10:06:00 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"17e3c38964fb5d096538e71e39cda5d0"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 23 Feb 2022 18:49:20 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2475
x-amz-cf-id
Uc4Yq_L3QN5wLyeZtoYt9M_8Nk_gHzvBKfKN1EOgIYy8glsQcBZVow==
x-proxy-cache
HIT
vid61dff9f93f067921853488_thumb.jpg
video.primis.tech/uploads/cn10/video/users/converted/29569/video_6192662ccd5fb839743211/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn10/video/users/converted/29569/video_6192662ccd5fb839743211/vid61dff9f93f067921853488_thumb.jpg?cbuster=1642071290
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
25b63d5f8e1604ba190a867e4f12eeffcab1499bc42fa7fef1ed89fff7f3991d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 d34a6ddcccee7396488ec5eb47b67a4a.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jan 2022 10:57:25 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"d83fc545f71d2807ec4dda5c51e2ea4e"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 23 Feb 2022 18:49:20 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4009
x-amz-cf-id
bupksrgeaquvytOuy7g88JB-S-iSy3VzD2sl-OqzHoTrmw4RCBJPqw==
x-proxy-cache
HIT
vid61938c8b4e072207280652_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		877 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61938c8b4e072207280652_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
6829e036a70ec0db65da1037d5308787bcd3a8d4b4f891949c8189ca62435c85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 10:53:23 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"4eef3c7380642564c60729bf1580f7c4"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 23 Feb 2022 18:49:20 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
877
x-amz-cf-id
RXHbO90ZXNKzDAAmiYP7HJG0rZiP2ZeoZoY_cvndKt6pQTAxiyhs6Q==
x-proxy-cache
HIT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 45BF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
85771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 18:59:49 GMT
t
jadserve.postrelease.com/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.themarysue.com%2F&ntv_mvi&us_privacy=1---
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
99e73ad0a32cb8e853229c884083a3e5c0379c2de7fd45504fb70c41209ae5b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
3414
expires
Mon, 1 Jan 1990 12:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0162 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
62367
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 15:05:15 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
Hu9_zLVio_TFwGaKtKbTpJ2emAbLB8WiQ1EXfd-9i5RuDLv1vhA98w==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 16 Feb 2022 18:49:20 GMT
localstore.js
script.4dex.io/ 		483 B
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1106782
content-type
application/javascript
x-amz-request-id
txf45eb0ec59964c72a71f4-0061f15fee
x-amz-id-2
txf45eb0ec59964c72a71f4-0061f15fee
last-modified
Wed, 26 Jan 2022 14:43:29 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Z4nC4UhAAFfnHPxmm6xA%2FfG2SidiJSV9X5I%2BNOOKPmHJpujFR7zR9SnPkDYjGiV%2F1DlSdlZra35Q9weYy8pHFgxWjev1yYYFl%2BIZpEdaP%2BiaVT0Ox20WxAJLlbVzTZi26648CaNQHB5iJYY"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1643208209303360
cache-control
public, max-age=1800
cf-ray
6daf46ed1fc391de-FRA
expires
Wed, 09 Feb 2022 19:19:20 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame B4ED 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
467
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1866Y67X19DHG56RWGY4
date
Wed, 09 Feb 2022 18:41:34 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Zli6FqPHOxyZucUfmKdjhs0ldYXn2xlCGWRMKadjRA1GwdAqEmb4DQ==
css
fonts.googleapis.com/ Frame 0F35 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 18:34:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Feb 2022 18:49:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Feb 2022 18:49:20 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 18:06:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Feb 2022 18:49:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Feb 2022 18:49:20 GMT
sync
x.bidswitch.net/ Frame B4ED 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.58.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-58-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8B8E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60041
expires
Thu, 10 Feb 2022 11:30:01 GMT
date
Wed, 09 Feb 2022 18:49:20 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame B4ED
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1911616555921...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1911616555921520578307&advId=121&advUuid=1911616555921520578307
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1911616555921520578307&advId=121&advUuid=1911616555921520578307
date
Wed, 09 Feb 2022 18:49:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
liveCS.php
live.primis.tech/live/ Frame 5E6E
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

server
nginx
date
Wed, 09 Feb 2022 18:49:19 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 09 Feb 2022 18:49:20 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=94&advUuid=fd6f883c-89d8-11ec-8157-152b84bd0406
X-fe
29
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 1693 		43 B
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame 712A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
c198ea194079eb6d5c2dcb28ce68e481cbeccc04dc5408d07be0ea6047bacc25

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:19 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
904
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame B4ED 		60 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZDQkMDVvMmNyMDp2OTUjNmM3Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MDxlJaZcZF9wo250ZW50X2Ryp2M9VE1TK1JyY2FjplgSSVZFUxRBTEUeJTqDKmEhMlfyMwJCo2R5K0RiqWJfZSUlMvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeUzVwYXBmK1JJVxVSREFMRSfyN0MeMS4mKlUlMxJiZHxeRG91YzkyJTIlJaZcZF9wo250ZW50X2R1pzF0nW9hPTUmNlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeZUNQTVRbpaNboGQeJTJGKmIeJTJGKmAhMDElJat9MmAjJax9MwUjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMlMxQmMDM5NUYmMwMjN0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NUE1NTRFNTE1NDU2NTI2RwYmNxU0RTZGNwI0NmUkNwp0Qmp5NDE3OTQ5NDMmODY3NEQ0MmM0Nmp0RDU0NDxmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTthMC40NmU4LwtjK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYlMDQjY2FzOTyvMGQzY2J1p3Rypw0kNwQ0NDMlNTYjMwEmJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f9ef63a1c5f7a4ed3ecf04cb34452aefabae3943c9f0834d4b162b89f9a2e6a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
7567
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0NDQmMwU1OSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA5MmA1JaN0YT0jJat9NDE2Jax9MwM0JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow1BQyQyMwAyMxYyMwByQ1BNVGulp2ufZCUlMCUlRvUlMDIyMwAyMxYyMwAjLwAkMvZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmIlRDMjMmx1RwMlMmA3RDqCNmMmMTM2MmtmODM5MmAmNmM2N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RTUlNxY1QTU3MmE2ODYmNxU2QmqBNwQ1NmU1NmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMkMmY3RDqCNTxmMwMmMmQ3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp1QTU1NEU1MTU0NTY1MwZGNwM2RTRFNxY2MwQ3NTE2NmRDNmx0MTp5NDx0MmM4Nwp0RDQmMmQ3NmRENTQ0OTNEN0Q3QwRDMmEmMwMlMmpmOTqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw0lMTphMTE0LwIkNS4kMmEzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTthMC40NmU4LwtjJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwA0MGNuZwx5YwBxJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NDQ0MmI1NwAlMDYzqWyxPVNyn2yhZG9TUGkurWVlNwIjNDBwYWZwMmI0ZSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveCS.php
live.primis.tech/live/ Frame B4ED
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=93&advUuid=d9fb7bbb-92b3-4299-bd96-e9a45614b672
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=93&advUuid=d9fb7bbb-92b3-4299-bd96-e9a45614b672
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=93&advUuid=d9fb7bbb-92b3-4299-bd96-e9a45614b672
date
Wed, 09 Feb 2022 18:49:20 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame B4ED
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=99&advUuid=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=99&advUuid=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=99&advUuid=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Wed, 09 Feb 2022 18:49:20 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame B4ED 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame B4ED
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf99b0d%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=105&advUuid=6749432177276425798
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=105&advUuid=6749432177276425798
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:20 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
80183d1d-206c-422f-a919-837d05a4979e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=62040caf99b0d&pixel=&advId=105&advUuid=6749432177276425798
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid6192d4105b33e076950737.jpg
video.primis.tech/uploads/cn2/video/users/converted/29569/video_6192662ccd5fb839743211/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192d4105b33e076950737.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
06ef372e2961e878df63a345e7521c54851659325847f6697b3e8e947ebd7837

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 22:05:02 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"3fee0e81a66b3b47c0924dce58abbbf6"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 23 Feb 2022 18:49:20 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
10199
x-amz-cf-id
2cAJQkUuQW2fZAP52JBG6hm8jpMZA2kxYW0N3P-rRRE_8OcMhJXhZw==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame B4ED 		93 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZDQkMDVvMmNyMDp2OTUjNmM3Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MDxlJaZcZF9wo250ZW50X2Ryp2M9VE1TK1JyY2FjplgSSVZFUxRBTEUeJTqDKmEhMlfyMwJCo2R5K0RiqWJfZSUlMvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeUzVwYXBmK1JJVxVSREFMRSfyN0MeMS4mKlUlMxJiZHxeRG91YzkyJTIlJaZcZF9wo250ZW50X2R1pzF0nW9hPTUmNlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeZUNQTVRbpaNboGQeJTJGKmIeJTJGKmAhMDElJat9NwtjJax9MmtmJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMlMxQmMDM5NUYmMwMjN0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NUE1NTRFNTE1NDU2NTI2RwYmNxU0RTZGNwI0NmUkNwp0Qmp5NDE3OTQ5NDMmODY3NEQ0MmM0Nmp0RDU0NDxmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTthMC40NmU4LwtjK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYlMDQjY2FzOTyvMGQzY2J1p3Rypw0kNwQ0NDMlNTYjMwImJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
bad1404a13472a9c712f8669d8c32653747a6c9d7034c5718dbfa7d61eef97fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
8614
liveView.php
live.primis.tech/live/ Frame B4ED 		93 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZDQkMDVvMmNyMDp2OTUjNmM3Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MDxlJaZcZF9wo250ZW50X2Ryp2M9VE1TK1JyY2FjplgSSVZFUxRBTEUeJTqDKmEhMlfyMwJCo2R5K0RiqWJfZSUlMvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeUzVwYXBmK1JJVxVSREFMRSfyN0MeMS4mKlUlMxJiZHxeRG91YzkyJTIlJaZcZF9wo250ZW50X2R1pzF0nW9hPTUmNlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeZUNQTVRbpaNboGQeJTJGKmIeJTJGKmAhMDElJat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMlMxQmMDM5NUYmMwMjN0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NUE1NTRFNTE1NDU2NTI2RwYmNxU0RTZGNwI0NmUkNwp0Qmp5NDE3OTQ5NDMmODY3NEQ0MmM0Nmp0RDU0NDxmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTthMC40NmU4LwtjK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYlMDQjY2FzOTyvMGQzY2J1p3Rypw0kNwQ0NDMlNTYjMwImJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f7884a71467d172da66b6beb6cb3ce1abeb5435157c881766f86cc1e35484c12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
8608
liveView.php
live.primis.tech/live/ Frame B4ED 		60 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MTxlZDQkMDVvMmNyMDp2OTUjNmM3Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MDxlJaZcZF9wo250ZW50X2Ryp2M9VE1TK1JyY2FjplgSSVZFUxRBTEUeJTqDKmEhMlfyMwJCo2R5K0RiqWJfZSUlMvZ2nWRsY29hqGVhqF90nXRfZT1UTVMeUzVwYXBmK1JJVxVSREFMRSfyN0MeMS4mKlUlMxJiZHxeRG91YzkyJTIlJaZcZF9wo250ZW50X2R1pzF0nW9hPTUmNlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeZUNQTVRbpaNboGQeJTJGKmIeJTJGKmAhMDElJat9NwtjJax9MmtmJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMlMxQmMDM5NUYmMwMjN0Q3QwpmMmEmNwM4MmtmOTMjMmpmNwqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMTM2N0Q3QwU5MmImMmM0N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NUE1NTRFNTE1NDU2NTI2RwYmNxU0RTZGNwI0NmUkNwp0Qmp5NDE3OTQ5NDMmODY3NEQ0MmM0Nmp0RDU0NDxmRDqEN0I0QmMkMmImMwM3Mmx3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIkNl4kMTQhMwE1LwEmMSZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTthMC40NmU4LwtjK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYlMDQjY2FzOTyvMGQzY2J1p3Rypw0kNwQ0NDMlNTYjMwI0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30395F32307D7B7331363838393037367D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583431367D7B593233347D7B66317D7B7251554A55494338675A554E515456526F636E4E6F624751674C794179494338674D4334774D54493D7D7B4C31323237397DFEFE&userIpAddr=217.114.215.131&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=62040caf99b0d&debugInfo=16889076_ABT+%2F+eCPMThrshld+%2F+2+%2F+0.012&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16889076&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbklhyuiwx&secondaryContent=&x=416&y=234&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=12279&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.119 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c456b04617da13cccb8509c8c74dcd79be3809978ea655d93a304718c4e532ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:19 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
7650
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAXBD4DM4&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=themarysue.com&vhuyqdph=ssp-serving-5df6ffdcc8-zdfsq&vyu=020809_321_020910_287_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001644432559931036481820162924&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=2&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=1---&xifd=0&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&gvwduw=18&ghqg=332&uhtxuo=https%3A%2F%2Fwww.themarysue.com%2F&nzui=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 09 Feb 2022 18:49:20 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
6a1a2583c33044054e8c3c92d790712c2a3ccb1b90dbef25e62e0a4f00350b5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27171
x-xss-protection
0
server
sffe
etag
"1126 / 763 of 1000 / last-modified: 1644427593"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Feb 2022 18:49:20 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
467
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1866Y67X19DHG56RWGY4
date
Wed, 09 Feb 2022 18:41:34 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
HmbxYJEdxTan213agozNk2nCNwUDbFRSviLDD9-8RZ3CuDBuvDFlew==
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db7548ff1-6b22-4804-b194-2a05f283df59%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_pri...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db7548ff1-6b22-4804-b194-2a05f283df59%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b7548ff1-6b22-4804-b194-2a05f283df59&uid=7ada77cf-cf9d-4397-9a5f-93661a1f5393
183 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b7548ff1-6b22-4804-b194-2a05f283df59&uid=7ada77cf-cf9d-4397-9a5f-93661a1f5393
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
61e015278e360c2f6543f8d1eaaa595f5e3f13a27fd991cfe6aad5608463b747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b7548ff1-6b22-4804-b194-2a05f283df59&uid=7ada77cf-cf9d-4397-9a5f-93661a1f5393
Date
Wed, 09 Feb 2022 18:49:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4b70cbf9_ba6c9966_2
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4b70cbf9_ba6c9966_2&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-x01b20RE2uGHwBIhkoef64rBLykjrR7e~A
151 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-x01b20RE2uGHwBIhkoef64rBLykjrR7e~A
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ec32c0ca4826f63185cdad8150473e62e69b622c46980008253446bf2e552460

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.18.0
content-length
151
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-x01b20RE2uGHwBIhkoef64rBLykjrR7e~A
date
Wed, 09 Feb 2022 18:49:20 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
445.json
id5-sync.com/g/v2/ 		212 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p18.id5-sync.com
Software
/
Resource Hash
dc954e26da6e124b93bc85b27dbe52dcb740d7ff856dfae89eba91195f1214c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Wed, 09 Feb 2022 18:49:20 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.168.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-168-153.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 09 Feb 2022 18:49:21 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
vid6192d4105b33e076950737_thumb.jpg
video.primis.tech/uploads/cn2/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/29569/video_6192662ccd5fb839743211/vid6192d4105b33e076950737_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
635e0cc36774866d8c63bdfe28234c030577929403e90528e5ddd108af489992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 3c047ebc3701310e13315f993328793c.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 22:05:04 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"5c3078be05c261d5ad6842c7338f7f5c"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 23 Feb 2022 18:49:20 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1917
x-amz-cf-id
5ikvDvRAgv_kh0ffBzQzN3CxIREpnVnthsNQwwKDRS6zIsvH5nYjKQ==
x-proxy-cache
HIT
vid61930de145d95378243009_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29569/video_6192662ccd5fb839743211/vid61930de145d95378243009_thumb.jpg?cbuster=1642010951
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
34c9e24691708ae6ada274602d3da1881113417f36184dc79333b9a515b32904

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 d70252a9a5db94138543e9a401c1f69a.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 02:11:27 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"e3fc68de17daaba1d0bb674588024671"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 23 Feb 2022 18:49:20 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2355
x-amz-cf-id
_5RA2GaJ5pB4vp5Qfg2AzSksOXzESJRuYcbD1Mt5_A9LoFW862V_wg==
x-proxy-cache
HIT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0F35 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
85771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 18:59:49 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 246A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60041
expires
Thu, 10 Feb 2022 11:30:01 GMT
date
Wed, 09 Feb 2022 18:49:20 GMT
vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame 4192 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
cookie
cm.adform.net/ Frame E854 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
image/gif
content-length
43
csync
sync.console.adtarget.com.tr/ Frame C0B3 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
csync
sync.console.adtarget.com.tr/ Frame 4F75 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
csync
sync.console.adtarget.com.tr/ Frame FC08 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
csync
sync.console.adtarget.com.tr/ Frame 5E6D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:22 GMT
Content-Length
0
Etag
0ebf7f0b87003d41

Redirect headers

date
Wed, 09 Feb 2022 18:49:20 GMT Wed, 09 Feb 2022 18:49:20 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 7879
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b1e8ba096ba44a27d53819ae9f82f5c73cf71fea5ff38d034bdf5839e7c09fc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Wed, 09 Feb 2022 18:49:20 GMT
x-sid
AMS-607
content-encoding
gzip

Redirect headers

server
openresty
date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-607
pbsync.html
js.adscale.de/ Frame 832C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Tue, 08 Feb 2022 03:53:52 GMT
x-amz-version-id
mQVPjkKD6HXSB3D_Bcg_21DnSE2NOeK.
server
AmazonS3
content-encoding
br
date
Wed, 09 Feb 2022 17:53:54 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
K2bFv21bxAQOSGjoyijS-YhMjJy0SMPbLO_Gwx6GV8yCe5Qybu3Cgw==
age
3327
csync
sync.console.adtarget.com.tr/ Frame 4319 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
VertaMedia 1.0
Etag
0ebf7f0b87003d41
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 4319 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
VertaMedia 1.0
Etag
0ebf7f0b87003d41
Content-Length
43
Content-Type
image/gif
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:4a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:07:59 GMT
content-encoding
gzip
age
2482
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 22:03:49 GMT
server
AmazonS3
etag
W/"ebff52074a206856b4f1993710373d93"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 648e777af976c4cfcd01765a8e77fd5e.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
4itKxFG8DWsqfg6exuJnngireEQahmusRpgMRFbtNaycME0fpMj18A==
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame B4ED 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 09 Feb 2022 18:49:20 GMT
X-SpotX-Timing-Transform
0.000401
X-SpotX-Timing-SpotMarket
0.007436
X-SpotX-Timing-Page-Mux
0.000323
X-SpotX-Timing-Page-Require
0.000401
X-fe
121
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.015107
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.002955
Last-Modified
Wed, 09 Feb 2022 18:49:20 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007436
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.themarysue.com
X-SpotX-Timing-Page-Misc
0.003555
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame B4ED 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
x-openrtb-version
2.5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 09 Feb 2022 18:49:20 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
avjp
primis-d.openx.net/v/1.0/ Frame B4ED 		106 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2bc14a31-1a4e-4d94-99d7-bbb43a7ee333&nocache=1644432560384&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C29569%2C1%2C283ba2c2-f490-4efd-a5b3-136ec250ec52%2C%2C&skip=1&auid=540289187&vwd=680&vht=383&aucs=adUnit_2&aumfs=2400
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame B4ED 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.184.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-184-48.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ Frame B4ED 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 09 Feb 2022 18:49:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
xhr
pre.ads.justpremium.com/v/2.0/t/ 		44 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1644432560391
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.183.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-183-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7961a1433b796f1546f9e9c53ce2bfbaa7c91742773edad8d9fa5ddf71898f0a

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 09 Feb 2022 18:49:20 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.5.0&referrer=https%3A%2F%2Fwww.themarysue.com%2F&tmax=550&gdpr=true&us_privacy=1---
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1644432560392&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F&measurable=true&property=61aea1e3e80a27001e1bcc49&bids[0][bidId]=themarysue_728x90-1&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[1][bidId]=themarysue_160x600-1&bids[1][sizes][0][width]=160&bids[1][sizes][0][height]=600&bids[2][bidId]=themarysue_160x600-2&bids[2][sizes][0][width]=160&bids[2][sizes][0][height]=600&bids[3][bidId]=themarysue_300x250-1&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[4][bidId]=themarysue_300x250-2&bids[4][sizes][0][width]=300&bids[4][sizes][0][height]=250&bids[5][bidId]=themarysue_300x250-3&bids[5][sizes][0][width]=300&bids[5][sizes][0][height]=250&bids[6][bidId]=themarysue_300x600-1&bids[6][sizes][0][width]=300&bids[6][sizes][0][height]=600&bids[7][bidId]=themarysue_300x600-2&bids[7][sizes][0][width]=300&bids[7][sizes][0][height]=600&foo
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.217.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-217-176.compute-1.amazonaws.com
Software
/ Express
Resource Hash
db341ee384dc1f22ab13aa78c6c9b5470ce109e950327406f1ae65015031c75e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
x-powered-by
Express
etag
W/"38-AZO+14QpjHLVXHyIEVUw4PJt0Hs"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		593 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3a1be0eaeb582395645936ab59a67adbc488b54c9ebe216bae00fdbc12ee2a28
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a7ec6dff-85e4-4629-a7f0-1544bf839b55
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		282 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228a311db38ba15aa6aa75%22%3A%228a311db38ba15aa6aa75%7C728x90%7C0.1%22%2C%22209775575b35341aca88%22%3A%22209775575b35341aca88%7C160x600%7C0.1%22%2C%223b3718792ba43287996a%22%3A%223b3718792ba43287996a%7C160x600%7C0.1%22%2C%22c2cb660426b08c6c338d%22%3A%22c2cb660426b08c6c338d%7C300x250%7C0.1%22%2C%22c79143fd09a5a4fe39d1%22%3A%22c79143fd09a5a4fe39d1%7C300x250%7C0.1%22%2C%22c19a3bac825004343486%22%3A%22c19a3bac825004343486%7C300x250%7C0.1%22%2C%22de684bf25025721a84ef%22%3A%22de684bf25025721a84ef%7C300x600%7C0.1%22%2C%22d82478e93591573e21db%22%3A%22d82478e93591573e21db%7C300x600%7C0.1%22%7D&ref=https%3A%2F%2Fwww.themarysue.com%2F&s=05cd4c4a-8f1a-4792-ae9d-e86f61984aba&pv=d15d151a-71e1-4bd3-861d-197b2cf8ca3f&vp=desktop&lib_name=prebid&lib_v=6.5.0&us=1&ius=1&userid=%7B%22sharedid%22%3A%22b7548ff1-6b22-4804-b194-2a05f283df59%22%2C%22pubcid%22%3A%22b7548ff1-6b22-4804-b194-2a05f283df59%22%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D&gdpr=true&us_privacy=1---
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3faae9a155907fb5fbb8df7e272334e962395621064dbdc1d5e5cce4d13fe28
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:20 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
209
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		115 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.5.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
293c4dc0bc427f936cbfafa8f6e004998f032a2a407285a296fba02d23573846

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 09 Feb 2022 18:49:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
110
prebid
prebid.media.net/rtb/ 		1 KB
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
eb64da40aab740e4d9b913ff1a35823dad54df6290825ea9d1fc649e699903fb

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.28.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-28-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 09 Feb 2022 18:49:20 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.28.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-28-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 09 Feb 2022 18:49:20 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.28.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-28-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 09 Feb 2022 18:49:20 GMT
access-control-allow-credentials
true
vary
Origin
arj
propermedia-d.openx.net/w/1.0/ 		73 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=300x600%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%7C300x250%7C728x90%2C970x90&auid=551036772%2C551036773%2C551036774%2C551036775%2C551036776&aumfs=100%2C100%2C100%2C100%2C100&dddid=8308b270-9465-4a9b-9e19-38470de9825b%2Cc5e5d96f-4ed8-471a-a9bb-bf8eada2f144%2C24bddcb7-c63c-472b-85e8-73b85f9f3189%2C51be8189-f502-450d-9822-5ebf6a11becc%2C7bef1fdd-c050-44b3-811c-575fcecb35b4&divIds=openx-78702d5d-04cd-4411-a014-12f5f92c2482%2Copenx-624d0ee7-5bf7-4f2b-b9cf-91dcebaa3f7b%2Copenx-098065e5-7089-4850-ab39-3dc335f10130%2Copenx-625de333-1ce5-463e-80c4-23459d950e98%2Copenx-7d7a0413-835c-43f8-941b-cc20ff2a7b3e&be=1&bc=hb_pb_3.0.1&nocache=1644432560396&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&gdpr=1&x_gdpr_f=1&us_privacy=1---&_pubcid=b7548ff1-6b22-4804-b194-2a05f283df59
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
eb9332c933f942b959ff5d66ed18ee6e756aaef3f515dce70b5b61d3b20b92da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		87 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e5235bae34849e2d6783d71b130eeb24f09be3325bce12ab95f2b549cf6f1e6e

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
17f5d59f711df1df1d7ee06dc111c7b8c2633469313890fe41a8110a79df0cd0

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
96fc6c9332f2c8af676f74890cae663376d65e10f2fe850891842dff3252fcf0

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1528682ca72ebacc65a9b45556576c6598b70a3c135bfb6c866596422d507c6a

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b7f99bb37a679f17c558288c7d178724cb48888f48632bc4a63958e28a04dcdb

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		715 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=399458&zone_id=2234776&size_id=2%3B15%3B15%3B15%3B10&alt_size_ids=55%3B9%2C10%3B9%3B%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=fc51e71c-c982-4511-950a-7afcc72ebc5e%3Baba2d210-0ed4-4568-bc8e-0f6a542ea3df%3B695c3473-503d-4701-9ef3-a040dd6a4060%3B18707c08-02ae-4244-b67b-9a0f23522a8b%3Bfcbfd420-2c4f-4bfb-8110-0a9f848d2317&p_screen_res=1600x1200&tg_fl.eid=2234776-5%3B2234776-2%3B2234776-3%3B2234776-4%3B2234776-1&rf=https%3A%2F%2Fwww.themarysue.com%2F&x_source.pchain=proper.io%3A48cb0d23-4635-11ec-91ed-06ef03bc0096&ppuid=b7548ff1-6b22-4804-b194-2a05f283df59&eid_sharedid.org=b7548ff1-6b22-4804-b194-2a05f283df59%5E1%5E&eid_pubcid.org=b7548ff1-6b22-4804-b194-2a05f283df59%5E1&gdpr=1&us_privacy=1---&rp_schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&slots=5&rand=0.7816013855201809
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d892de48681f6ca98b25929b3d0940d36cbe92b18cc93b387e326c27616b0cd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:20 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
715
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 09 Feb 2022 18:49:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/243908/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/243908/0/mvo?z=1r&hbv=6.5,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		396 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.themarysue.com%2F
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
2b81c10bead8bab8d324700b999cd9549c410678f2f43cf36dc3aacf818a8f32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
139
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
396
expires
0
cygnus
htlb.casalemedia.com/ 		58 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=756014&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223f08e55e-3802-45d3-8b65-3fe819ed81bb%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-u2QuM%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-u2QuM%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22160x600-1-xpFuC%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-xpFuC%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22160x600-2-ZvdP4%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-ZvdP4%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x250-1-P24KK%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-P24KK%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-nybU7%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-nybU7%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-c3I2I%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-c3I2I%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-DI0Ni%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-DI0Ni%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x600-2-X06Y7%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-X06Y7%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ac50d301a31d0dd7a016f13f80ea50db930734c9461f694339c35c15d2ba7a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.131], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
58
x-ak-client-geo
12
expires
Wed, 09 Feb 2022 18:49:20 GMT
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.5.0&cb=19413628457&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
bid-request
a.teads.tv/hb/ 		16 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-68-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 09 Feb 2022 18:49:20 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B4ED 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
62367
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 15:05:15 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
rljpVaKPsVUKTmB8ObaWJlMns1uN3V77qLjek2Jagu4EVfnbQ-kulg==
v2xce8B24XG1aRzaRGS9vY-pjRAuAuIKBUFmuiouPKTW9yxvjNIaqTkMFDfRLHTL-rSpK1che
superficialeyes.com/ 		209 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2xce8B24XG1aRzaRGS9vY-pjRAuAuIKBUFmuiouPKTW9yxvjNIaqTkMFDfRLHTL-rSpK1che
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
8b1016fd5db496e1b5d3f0245a59bd602839b7568091d598c3248bb42faabef8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Wed, 09 Feb 2022 18:49:20 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-test-04vg
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
466245667
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Wed, 09 Feb 2022 18:49:19 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0B5D 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75194297&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D62040caf885b9%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-length
0
csync
sync.console.adtarget.com.tr/ Frame BB0A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:22 GMT
Content-Length
0
Etag
0ebf7f0b87003d41

Redirect headers

date
Wed, 09 Feb 2022 18:49:20 GMT Wed, 09 Feb 2022 18:49:20 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=uXzbKyZDHk4DUMLCQjrL&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
pbsync.html
js.adscale.de/ Frame 61C5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Tue, 08 Feb 2022 03:53:52 GMT
x-amz-version-id
mQVPjkKD6HXSB3D_Bcg_21DnSE2NOeK.
server
AmazonS3
content-encoding
br
date
Wed, 09 Feb 2022 17:53:54 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
jSgATGgJlmjMptErLj33v_kQlWYNvkza9kV5-ItyfPy793vYvp9AXQ==
age
3327
csync
sync.console.adtarget.com.tr/ Frame 65EB 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
csync
sync.console.adtarget.com.tr/ Frame 712A 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
VertaMedia 1.0
Etag
0ebf7f0b87003d41
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 1D8B 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
csync
sync.console.adtarget.com.tr/ Frame AF2B 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
/
ads.us.e-planning.net/uspd/1/ Frame 0A8F
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e02d0fb111b84ee38d1a251c114af1e747f107d543083043d3bbf9893ad23a77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Wed, 09 Feb 2022 18:49:20 GMT
x-sid
AMS-607
content-encoding
gzip

Redirect headers

server
openresty
date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-607
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7BE8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60041
expires
Thu, 10 Feb 2022 11:30:01 GMT
date
Wed, 09 Feb 2022 18:49:20 GMT
vary
Accept-Encoding
cookie
cm.adform.net/ Frame 2E71 		43 B
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
image/gif
content-length
43
csync
sync.console.adtarget.com.tr/ Frame 5111 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:22 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
csync
sync.console.adtarget.com.tr/ Frame 712A 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
VertaMedia 1.0
Etag
0ebf7f0b87003d41
Content-Length
43
Content-Type
image/gif
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1223782
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx19a087580b6149508b41c-0061f16003
x-amz-id-2
tx19a087580b6149508b41c-0061f16003
last-modified
Wed, 26 Jan 2022 14:43:28 GMT
server
cloudflare
etag
W/"88567a823cfd2840dd0a3198b929d466"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkqFcjdUJUPpJyHaJZ39nj96r%2FqOkBLY3da2r%2BN9P9XsWKTeWthxDv1aBp4FosZNHjGipetvqxtY19RHaAbV9qEvXcl3%2FJ87qEbx0qcSiOJUNZU03DNJ90t0oCihzJtCC1Nnx33uRnoRUgUE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1643208208262354
cf-ray
6daf46ef09f690a8-FRA
access-control-allow-headers
Authorization
pubads_impl_2022020301.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122037
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 09:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Feb 2023 18:34:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		266 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c2d86047c1afcf78f644fe2156f5f8021f8667ecfb3b12dbf4609e728c79a6d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145
x-xss-protection
0
expires
Wed, 09 Feb 2022 18:49:20 GMT
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=11507
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-30-13.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
EE155A297EBF0349
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=29149
accept-ranges
bytes
content-length
55696
x-amz-id-2
JUy8FAd6JS8bMa6zI7hFq6LIjXeETNkBcnguzeAbEtvtU0bqMVbBbifZOKsk37Uiztsvd09/4sY=
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3491183&ntv_pl=1024382
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=a0eea689-2718-4f0b-8c03-30894b2b1018&ntv_fl=CF4se3gYGjAPzQcMJoAeWQqsPt2l_q8KQYbuXRZcjU_IhgnV0RT6SW9Zktn2QO7gybrvhUJYTi4iV6u5v5VNn7toaDJfvlQHMEH0N-YsJ_nmwCx6Xv-L1CiwmsvM3ldzSzvv2d2j2nMvKc-vpc5CDLyIvdWU0W1N0qHgZds5TmfHfJC2OYoPK6uqRw7JBbq7nd5S1AzJoxgC9TL66b5xOA==&ntv_ht=sAwEYgA&ntv_at=303,302&ntv_a=AAAAAAAAAAfqEPA&ord=1644432560449&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=1baef8db-70e4-457c-87a1-a7bc67e7e8e2&ntv_fl=CF4se3gYGjAPzQcMJoAeWQ4Ag_rEUY9escSf7g_EwDSabFRSXUxEQZfvcM07deQ8kCIhI9AVXk1ef6FZ7TdLYTiC8eCyq8SlLLgSIZYOwASqY4god8Fw6_DEi2YogrbIPqm3BT1gukoylSTCsNbvlJ2nUWaXwDKtBF6nfVoVRyoiBtsOzsygNFp9S5QTjS3u2SVKEEFwuZxz4odxaGqM5g==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAhlwQA&ord=1644432560451&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=0162f52b-d100-4141-8502-e5759c9e96fd&ntv_fl=CF4se3gYGjAPzQcMJoAeWd85f48hdcyhDBqA4yy99BAZ7vsWqVgkdLaIyb_EiCkZADQlA9MzvmhaTJbIU9_M3cs8ll0Gj5rSbll4ZIuG8xkrXmazAEaCLEaHgsYzs0AckcwclTFJGxOsg-Hg6ebI4OrhgcUMGu_6xJWjnzjbztIMc9YNvPP4OzPZ-03YsxCUPT07nMDPvIv8TmuqXwoFBA==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAxvkQA&ord=1644432560452&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=26c58914-f852-413d-8cbd-8fe3c39e39e2&ntv_fl=CF4se3gYGjAPzQcMJoAeWad9BbOBKDv0xbROXKHnW30uWUjJhnd3q4jBKCoHnbE4oPkq09BjdymcnTtWMbV86S0rAYFZZu8k9gM8KZx0SUO4y-SqpxsrwNl3fyD3aZiOUD12O_YR1zBsiQv0CjncQ8qagePQPX83JpiHiI0VvGMYg0kwy0bM0tLnmDIFR4yWMlkQ78uHNbQPjV12lqTldg==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAx_kQA&ord=1644432560452&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=2825cdbe-0658-499c-beda-71612d5f63c2&ntv_fl=CF4se3gYGjAPzQcMJoAeWev-HfnNSWDD1Y73RyypuVZhNGvSiYpXE5Li9Q_klcDv1vH7zSv3F8uvAbKNK_q8mAt4AYGRL3t4xLq8aqHXB6jotCz4cVoYbmKsFPqtWaXf24eU1aBuX8gK7s4ANnVSihxLJ42NcbTUSwitaIa3TT_0Fvfu0hJpf0lY0xbN_K_T_KDZU5kp4no4xUzFCi6uBg==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAh1wQA&ord=1644432560452&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=e8df0ad6-660a-4141-b226-5e99e60e1fc1&ntv_fl=CF4se3gYGjAPzQcMJoAeWdxnlwHUTI2-tyqwg-vGwE1aZtl8FIWnx_cPmUyoJdjMuuvDCKPjwIEIK3yAXePl6uinzaRFWuWaJ0r850bPKhb5LOcFpm113KrrU6wxdY2r58A0pwrZ-4PbepM-k2T7vv-e62yIDOudc-h36iSMvBdDUaYXdfNYBz6j72SfbnlzdE705DUDQScZpuw1m7Q3zQ==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAyPkQA&ord=1644432560452&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=3b46acd2-f544-4bc0-be6a-0cf5688fb988&ntv_fl=CF4se3gYGjAPzQcMJoAeWcV_25sXK3RIEdmu5BV7I25B_TYl3ply8E0OeYIxITQXzNpSZFo1N_UYpXLLo3GgiPfN92CNIrocODdLVTH85p5N2uRCMPn65EuFiO6KNCozuirvR3OV1x4XZp4tp5J-yydh1LKn_HSWYZnRlTCs6I4_FV9A3mfWkfOn9WEzshOSm-jypC38vuEeXCO_zcs3MQ==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAyfkQA&ord=1644432560453&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=4ff97614-5cef-4f8a-bf52-ee3255ab2e7a&ntv_fl=CF4se3gYGjAPzQcMJoAeWfIYZs2lgp8c1XBwScmMlav6ql04FUWxFEtPlLUMVFRcXeJaXA5Kh6mvyD6QumL83gRtHPcaR5AmakDzQ1fGbFOb9ZKqfVaQySpq-R0_9AGgBCP0Cqsbm_o9cTn9Em9J040qEGNmbgN9Mrgb8SQc_UnBZXVEgeixc114Xzl22c7ap61C3AsnfGQ1kQ4_MuEWwA==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAeXcQA&ord=1644432560453&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=e55e35fa-ab3c-42aa-8e0b-8ebcec1d22d6&ntv_fl=CF4se3gYGjAPzQcMJoAeWT8Uf4COhGFhQJXqFSGPJgJvC9f5qBIA1bfts1Fjy5QmDGENErT9Kd483VKPhuiq2nSaYfqrGHRUC4IH84bk8bSYDrxPp1b-cLA0sKC54rddSz3XgAxwlkLzPvFa0K_IqUuGVGJlrgu1CyPXQtq8lBXFQuk_FYXXhdwmcheQskEuFNXy9XMtYfztl4XoGI4_Ow==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAencQA&ord=1644432560453&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=fcdd8ecf-1928-448f-b91e-4e3d927b91d7&ntv_fl=CF4se3gYGjAPzQcMJoAeWQOmprLsHgIeqn35TTWxZGLaOfGc81IjGkTKiXe26VKaSkyYupXm_3C5aF-NbJrYI-4HyqeRuxipCCvxAFU4Cr0nf9iBtnZ8_MxFAWKsCZD7fwNsyAxxuoREwWYp6bdOtA1r-wM_9XaH0i72rbfJAZyboJvV6CoOi74KGE6qr0lLaazDJDd6ZGJH1wPcb1NoeA==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAyvkQA&ord=1644432560453&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=a06209d3-4a15-4dfe-b67c-1ba9afe1208a&ntv_fl=CF4se3gYGjAPzQcMJoAeWSIA6C_GZiyvPqB7KBp42aWYReMRQ84a4aZCJSHRuahmF9DvfryX1zd71kUt5O3O8Yhj6KCJWj6vaPP9dcAjWtYTMrqurao75Rw45C85ZyAOtefHhMa-vZLxHZl9VxjHvsYz0ZitnqvYo2GTZ9X04SsggKVCgbg_DerliqZoaAs7PepSlxiAk4NwLI_4bwHteA==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAPPwQA&ord=1644432560454&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=9fd756af-42e4-4029-9c0c-a2b258da6cae&ntv_fl=CF4se3gYGjAPzQcMJoAeWej5eXZ_sJQFyBOSWHNXWkJVfXMg4zXANWLmpszpRpLFJZ0KOA55G3_QLTfYYa0fGtfdUviuk-PflL5mgbArA-PPiENqCeTydFPsO5QgftHxDca9GTx3-OCyF_5eKXQ075eWo8UYp-hXATBB9M-VNz4KoEwhdoNwoK-AKqVLzf1lvNm5SS1Vfz9D15jfqSPmRw==&ntv_ht=sAwEYgA&ntv_at=303&ntv_a=AAAAAAAAAAvfkQA&ord=1644432560454&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1024382&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-114.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
62367
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 15:05:15 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
rI6CXFxQ54uiSLY69INc343gXj7YdjelUFFkKELLVxrCtm6luIiCyg==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.themarysue.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
11c74e4fa3ec8e97b00ef9cae99b67f4455fef9f4abc1c767d47afa21ac323cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:26:48 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
server
Server
age
4952
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
content-length
1357
x-amz-cf-id
sfi7Z8fFhl0O2lTPHuCD_cOtTDzVizyeABOibJxRloLaUc9_vrkyAw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.themarysue.com%2F&pid=Zkq6QcJu5Tpd6&cb=0&ws=1600x1200&v=7.72.0&t=550&slots=%5B%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A25%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
7AEHDB05G6EWAJ4T10Z9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
FWjC_gSN2jn0c6U5aqKfJ8NRYub3-Svjs_Uz8lWxVYHk82aScjLgSw==
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.themarysue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.themarysue.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-63.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
58677
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 02:31:24 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 b66d2d4cfb46d641d455e6640c25f566.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
TXL50-P3
content-type
application/x-javascript
x-amz-cf-id
ARiKc5zC8_3HAqYXYgdC0a0i_BUTUPwOSyblOH7pcwlXIPRe5GhhVg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Wed, 09 Feb 2022 19:04:20 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Wed, 09 Feb 2022 18:17:19 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10638
x-request-id
681476280
v2yalJMgIZAcArX3Vz5itE8clBQjLfVq2zejaRveet7w2G3lYby5FexKHKuCebaOK3X-CAV5E
superficialeyes.com/ 		385 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2yalJMgIZAcArX3Vz5itE8clBQjLfVq2zejaRveet7w2G3lYby5FexKHKuCebaOK3X-CAV5E
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d58a7f584aeb33d60d2ced3e9f3408f973f11b91ae87f1bf2221a09236885375
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Wed, 09 Feb 2022 18:49:20 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-test-04vg
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
x-buildnumber
466245667
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
385
uu
ih.adscale.de/ Frame 61C5
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1644432560
  • https://ih.adscale.de/uu?cbfn=receive&t=1644432560&nut&uu=70dd8218844b4212aa706e1fc8eb1d11
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1644432560&nut&uu=70dd8218844b4212aa706e1fc8eb1d11
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
eccea9abb9062bd89d864b8514e77d3f08e1decfbdf1cb16f7d635658c03cd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1644432560&nut&uu=70dd8218844b4212aa706e1fc8eb1d11
date
Wed, 09 Feb 2022 18:49:20 GMT
content-length
0
uu
ih.adscale.de/ Frame 832C
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1644432560
  • https://ih.adscale.de/uu?cbfn=receive&t=1644432560&nut&uu=fcbe5976a24745ee91125becd47adf2a
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1644432560&nut&uu=fcbe5976a24745ee91125becd47adf2a
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
eccea9abb9062bd89d864b8514e77d3f08e1decfbdf1cb16f7d635658c03cd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1644432560&nut&uu=fcbe5976a24745ee91125becd47adf2a
date
Wed, 09 Feb 2022 18:49:20 GMT
content-length
0
11507
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		318 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/11507?t=202219189
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-30-13.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c04f805e270119baf7fd56a4bb438a0d12d48e76ace5d1bd779c1bb41038a483

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
XmJxs2pqEN_L13eUV7IS80TT4cRbQj2S
last-modified
Wed, 09 Feb 2022 18:16:29 GMT
server
AmazonS3
x-amz-request-id
PJ21TS0VJE4AZ617
etag
"a64ee5fabdc1ed933796efc2e9085561"
content-type
application/octet-stream
date
Wed, 09 Feb 2022 18:49:20 GMT
accept-ranges
bytes
content-length
318
x-amz-id-2
RTBgQPIZ2oCaPfNmuLmm3Rta9BJftCLeIBct1ixzC4UnvBTOllrEkndGGELL7g9CEtnndT4+F1o=
um
u-ams02.e-planning.net/ Frame 7879
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D85f3a7025419f332
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=85f3a7025419f332
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=85f3a7025419f332
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=85f3a7025419f332
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 7879 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D85f3a7025419f332%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ej0mphf6ah57d0ll3jt6gt2ionakfld3
ptag
a.audrte.com/ Frame 7879 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.120.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-120-237.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
781e67ecb2f9e56a60b2e356544fddea7f6b4bcb9b63fa3d19675112b0081826

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 7879 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 08 Feb 2027 18:49:20 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 7879
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D85f3a7025419f332
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 7879
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D85f3a7025419f332%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=85f3a7025419f332&uid=6749432177276425798
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=85f3a7025419f332&uid=6749432177276425798
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:20 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
857e2645-8483-482f-b6d3-f4bffef62142
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=85f3a7025419f332&uid=6749432177276425798
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams02.e-planning.net/ Frame 0A8F
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D85f3a7025419f332
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=85f3a7025419f332
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=85f3a7025419f332
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=85f3a7025419f332
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 0A8F 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D85f3a7025419f332%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
1gpkaqk8ed96v8uhhj8o9kvdjbkv7k9i
ptag
a.audrte.com/ Frame 0A8F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.120.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-120-237.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
781e67ecb2f9e56a60b2e356544fddea7f6b4bcb9b63fa3d19675112b0081826

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 0A8F 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 08 Feb 2027 18:49:20 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 0A8F
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D85f3a7025419f332
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Wed, 09 Feb 2022 18:49:20 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 0A8F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D85f3a7025419f332%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=85f3a7025419f332&uid=6749432177276425798
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=85f3a7025419f332&uid=6749432177276425798
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:20 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2f120c12-e08f-4af6-8408-0aa94a7dca77
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=85f3a7025419f332&uid=6749432177276425798
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 1658
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Feb 2022 18:49:21 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Wed, 09 Feb 2022 18:49:20 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 792F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D85f3a7025419f332%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60041
expires
Thu, 10 Feb 2022 11:30:01 GMT
date
Wed, 09 Feb 2022 18:49:20 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 9847 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a2b0f264b246e9152f7e4359f2a6a6836f316fc97e14adab47e81343aa5f9779

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|241|230|176|13|41|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 09 Feb 2022 18:49:21 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Length
1762
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 6B91 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
0
x-cf-tsc
1641922229
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fD.fra2:co:1585621119:cacheN.fra2-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame 1339 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame A4FF 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e954ddab5f0d3bf94b1bf5a1d73fb3f5711c64eb79a53a9d31d3bece479aba21

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6daf46f1fb7b9256-FRA
content-encoding
br
/
geo.privacymanager.io/ 		28 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.240.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-240-82.ams50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 05:02:49 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront), 1.1 0b3cd120321973f1462a42e82c43c1cc.cloudfront.net (CloudFront)
age
49591
x-amzn-requestid
fd6fe135-523c-46e2-b76a-2bbebad9b553
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62034af9-0502e2ea61aa58b75a1a79d6;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1, AMS50-C1
x-amz-apigw-id
NQim-EcljoEF3dg=
content-length
28
x-amz-cf-id
_1vXv6BjlQH8ytCzyQwn-kOQ96gs-18XBWDE7V_MqsburjDT6hVOjA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
usync.html
eus.rubiconproject.com/ Frame 329D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Feb 2022 18:49:21 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Wed, 09 Feb 2022 18:49:20 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A9EE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D85f3a7025419f332%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60041
expires
Thu, 10 Feb 2022 11:30:01 GMT
date
Wed, 09 Feb 2022 18:49:20 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 9E4C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c91fbc2625f077388874afef81f05f9a2f8c19e2deb95243dbf255ad651f7067

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|45|230|40|57|5|176
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 09 Feb 2022 18:49:21 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Length
1540
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 5DE0 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
0
x-cf-tsc
1641922229
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fD.fra2:co:1585621119:cacheN.fra2-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame 2C11 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 53A8 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ebadcb8f4f706d2c4db7744b22465ba72064a4ca975b8f96faf2cd147d5f8bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6daf46f1fb7e9256-FRA
content-encoding
br
ConsentManager
superficialeyes.com/v2spplPrqhxo3_J0NiExEgX9o2qe_rsdbhvK5oMbJPnlZxiIXAkCV5QaHJd_FqqSDxFTXWTY/ 		246 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2spplPrqhxo3_J0NiExEgX9o2qe_rsdbhvK5oMbJPnlZxiIXAkCV5QaHJd_FqqSDxFTXWTY/ConsentManager
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
85aeaa189347798ee272b355822338df162e3dd4ae2e4e1e57a8cb71a6de7fda
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"97929cf47e8da93dddd81eef79e43822b731cde35b8d085a9522e220a5727984"
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-test-04vg
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
466245667
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Wed, 09 Feb 2022 18:49:20 GMT
css2
fonts.googleapis.com/ 		7 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2spplPrqhxo3_J0NiExEgX9o2qe_rsdbhvK5oMbJPnlZxiIXAkCV5QaHJd_FqqSDxFTXWTY/ConsentManager
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 17:55:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Feb 2022 18:49:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Feb 2022 18:49:21 GMT
userconnect.js
js.adscale.de/ Frame 832C 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
RDbkbbEkeL_jx2aQCUJWWto0O341I1en
content-encoding
br
last-modified
Tue, 08 Feb 2022 03:53:52 GMT
server
AmazonS3
age
3740
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 09 Feb 2022 17:47:02 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
aE6JIdrLYBe57AN0WiwkhYlkTrC-fpcrmdGbewVxueuUCmfjhzcjsA==
csync
sync.console.adtarget.com.tr/ Frame 832C 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=70dd8218844b4212aa706e1fc8eb1d11
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
VertaMedia 1.0
Etag
830301d2e920d380
Content-Length
0
getuid
ib.adnxs.com/ Frame 53A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 53A8 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=127b2503-f77f-43f4-a236-eae753b3c51f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=127b2503-f77f-43f4-a236-eae753b3c51f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f429269256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=127b2503-f77f-43f4-a236-eae753b3c51f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 53A8 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd...
  • https://mwzeom.zeotap.com/mw?cid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f49a529256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 53A8 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1644432561.235156,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4061-HHN
u
dmp.v.fwmrm.net/ad/ Frame 53A8 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:d00c:d52c:5371:efa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 53A8 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3fff460-e208-4fd4-4090-2cc2c1442a93%26reqId%3Dd215839d-5637-4d15-4153-5e6d0e06d6d5%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=98947a0b-f8af-4a03-8198-e4bf8cd32702&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=98947a0b-f8af-4a03-8198-e4bf8cd32702&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f4dad89256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=98947a0b-f8af-4a03-8198-e4bf8cd32702&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=c3fff460-e208-4fd4-4090-2cc2c1442a93&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=c3fff460-e208-4fd4-4090-2cc2c1442a93&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=25981564487815184503631218584937140615&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=25981564487815184503631218584937140615&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f4baa19256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v027-0a49fd80e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
peOW31XDT6I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=25981564487815184503631218584937140615&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 53A8 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=c3fff460-e208-4fd4-4090-2cc2c1442a93&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022020919-74678-0.104140001644432560-8bc8f2c0e674713592ab789f3bfa7f15&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022020919-74678-0.104140001644432560-8bc8f2c0e674713592ab789f3bfa7f15&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f429369256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022020919-74678-0.104140001644432560-8bc8f2c0e674713592ab789f3bfa7f15&zdid=533&env=mWeb
Date
Wed, 09 Feb 2022 18:49:20 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7062784069978159254&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7062784069978159254&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f429299256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7062784069978159254&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 53A8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=c3fff460-e208-4fd4-4090-2cc2c1442a93
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=c3fff460-e208-4fd4-4090-2cc2c1442a93
95 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=c3fff460-e208-4fd4-4090-2cc2c1442a93
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=c3fff460-e208-4fd4-4090-2cc2c1442a93
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=c3fff460-e208-4fd4-4090-2cc2c1442a93&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=c3fff460-e208-4fd4-4090-2cc2c1442a93&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=9j/XpYoqjsyn3pT5d3nCDu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=9j/XpYoqjsyn3pT5d3nCDu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f49a5b9256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
last-modified
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=9j/XpYoqjsyn3pT5d3nCDu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 53A8 		36 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=c3fff460-e208-4fd4-4090-2cc2c1442a93&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.106 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=c3fff460-e208-4fd4-4090-2cc2c1442a93?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=c3fff460-e208-4fd4-4090-2cc2c1442a93?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=d938d2728e7294d60449986214cf8ac9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-56...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=d938d2728e7294d60449986214cf8ac9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f55c509256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=d938d2728e7294d60449986214cf8ac9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
cache-control
no-cache
x-server
10.45.17.238
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-OV4wAMVE2orTEg_3YkkNlUhNRviiea1b1w--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-OV4wAMVE2orTEg_3YkkNlUhNRviiea1b1w--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f53bc99256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 09 Feb 2022 18:49:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-OV4wAMVE2orTEg_3YkkNlUhNRviiea1b1w--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=%2BdA7J5CoeBogXwuORBFBepucE9YMP1HF%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=%2BdA7J5CoeBogXwuORBFBepucE9YMP1HF%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f52bc59256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=%2BdA7J5CoeBogXwuORBFBepucE9YMP1HF%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usermatch.gif
beacon.krxd.net/ Frame 53A8 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.13.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1644432561
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 53A8 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=c3fff460-e208-4fd4-4090-2cc2c1442a93&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YgQMsQAE_hABTwBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6...
95 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YgQMsQAE_hABTwBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361&_test=YgQMsQAE_hABTwBB
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f61e3d9256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644432562.598344,VS0,VE0
x-served-by
cache-hhn4075-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YgQMsQAE_hABTwBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361&_test=YgQMsQAE_hABTwBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=f36f6204-0cb1-4a00-ab73-f0a54c443e2c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f36f6204-0cb1-4a00-ab73-f0a54c443e2c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f55c249256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
MT3 4133 baa842e master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=f36f6204-0cb1-4a00-ab73-f0a54c443e2c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 09 Feb 2022 18:49:20 GMT
usermatch.gif
beacon.krxd.net/ Frame 53A8
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
54.154.13.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1644432561
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
date
Wed, 09 Feb 2022 18:49:21 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a004-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 53A8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c3fff460-e208-4fd4-4090-2cc2c1442a93&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-409...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c3fff460-e208-4fd4-4090-2cc2c1442a93&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-409...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c3fff460-e208-4fd4-4090-2cc2c1442a93&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1VGYQVBG08MQ565F2ZZV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
237BRV0NCXSSXBRYM3PK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c3fff460-e208-4fd4-4090-2cc2c1442a93&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 53A8 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=c3fff460-e208-4fd4-4090-2cc2c1442a93&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-192-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 53A8
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc3f...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f64ea99256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
date
Wed, 09 Feb 2022 18:49:21 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 53A8 		557 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d73288e015b94b30bf69ded2f374a038a2c84286d6188167286d2a64e2e003ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray
6daf46f37f449256-FRA
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Wed, 09 Feb 2022 18:49:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
csync
sync.console.adtarget.com.tr/ Frame 61C5 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=70dd8218844b4212aa706e1fc8eb1d11
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
VertaMedia 1.0
Etag
830301d2e920d380
Content-Length
0
userconnect.js
js.adscale.de/ Frame 61C5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
RDbkbbEkeL_jx2aQCUJWWto0O341I1en
content-encoding
br
last-modified
Tue, 08 Feb 2022 03:53:52 GMT
server
AmazonS3
age
3740
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 09 Feb 2022 17:47:02 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
cxwjwp3yWlCeWSfULaTSjxhIjuawJHJCP8unGjQB1UHYFwBK8vFUnw==
getuid
ib.adnxs.com/ Frame A4FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame A4FF 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=127b2503-f77f-43f4-a236-eae753b3c51f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=127b2503-f77f-43f4-a236-eae753b3c51f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f429229256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=127b2503-f77f-43f4-a236-eae753b3c51f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame A4FF 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0...
  • https://mwzeom.zeotap.com/mw?cid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f49a459256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame A4FF 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1644432561.235343,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4061-HHN
u
dmp.v.fwmrm.net/ad/ Frame A4FF 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:d00c:d52c:5371:efa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A4FF 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991872fa-8d59-44e2-7e93-0fa96c5883a6%26reqId%3D0649f58e-b06b-49c3-7495-a3a09c5cf115%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=98947a0b-f8af-4a03-8198-e4bf8cd32702&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=98947a0b-f8af-4a03-8198-e4bf8cd32702&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f4dad39256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=98947a0b-f8af-4a03-8198-e4bf8cd32702&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=991872fa-8d59-44e2-7e93-0fa96c5883a6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=991872fa-8d59-44e2-7e93-0fa96c5883a6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=48080667597909697622365193066645172727&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=48080667597909697622365193066645172727&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f4dad09256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v027-00fd61927.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
H7P25zmoTf8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=48080667597909697622365193066645172727&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame A4FF 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=991872fa-8d59-44e2-7e93-0fa96c5883a6&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022020919-27824-0.104128001644432560-405399cf1e277dce8e7d83aae6f9f81b&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022020919-27824-0.104128001644432560-405399cf1e277dce8e7d83aae6f9f81b&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f4393e9256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022020919-27824-0.104128001644432560-405399cf1e277dce8e7d83aae6f9f81b&zdid=533&env=mWeb
Date
Wed, 09 Feb 2022 18:49:20 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7062784069981436048&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7062784069981436048&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f479f89256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7062784069981436048&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame A4FF
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=991872fa-8d59-44e2-7e93-0fa96c5883a6
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=991872fa-8d59-44e2-7e93-0fa96c5883a6
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=991872fa-8d59-44e2-7e93-0fa96c5883a6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=991872fa-8d59-44e2-7e93-0fa96c5883a6
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=991872fa-8d59-44e2-7e93-0fa96c5883a6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=991872fa-8d59-44e2-7e93-0fa96c5883a6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=9j/XpYoqjsyn3pT5d3nCDu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=9j/XpYoqjsyn3pT5d3nCDu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f49a5e9256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
last-modified
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=9j/XpYoqjsyn3pT5d3nCDu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame A4FF 		36 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=991872fa-8d59-44e2-7e93-0fa96c5883a6&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.106 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=991872fa-8d59-44e2-7e93-0fa96c5883a6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=991872fa-8d59-44e2-7e93-0fa96c5883a6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=d938d2728e7294d60449986214cf8ac9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b0...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=d938d2728e7294d60449986214cf8ac9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f58cc39256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=d938d2728e7294d60449986214cf8ac9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
cache-control
no-cache
x-server
10.45.17.95
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-OV4wAMVE2orTEg_3YkkNlUhNRviiea1b1w--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-OV4wAMVE2orTEg_3YkkNlUhNRviiea1b1w--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f52bc89256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 09 Feb 2022 18:49:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-OV4wAMVE2orTEg_3YkkNlUhNRviiea1b1w--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=NZzY1EoA078gXwuORBFBeoe984qH4wtU%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=NZzY1EoA078gXwuORBFBeoe984qH4wtU%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f52bc79256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=NZzY1EoA078gXwuORBFBeoe984qH4wtU%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usermatch.gif
beacon.krxd.net/ Frame A4FF 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.13.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=73 t=1644432561
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame A4FF 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=991872fa-8d59-44e2-7e93-0fa96c5883a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YgQMsQAE7ewYtgAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YgQMsQAE7ewYtgAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361&_test=YgQMsQAE7ewYtgAy
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f60e029256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644432562.584045,VS0,VE0
x-served-by
cache-hhn4075-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YgQMsQAE7ewYtgAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361&_test=YgQMsQAE7ewYtgAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f56c879256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
MT3 4133 baa842e master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 09 Feb 2022 18:49:20 GMT
usermatch.gif
beacon.krxd.net/ Frame A4FF
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5c...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
54.154.13.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1644432561
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
date
Wed, 09 Feb 2022 18:49:21 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a007-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame A4FF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=991872fa-8d59-44e2-7e93-0fa96c5883a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e9...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=991872fa-8d59-44e2-7e93-0fa96c5883a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e9...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=991872fa-8d59-44e2-7e93-0fa96c5883a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W7Y29AD6B6AWYVT663BK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2M0ZXEJC79JR1VV723GV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=991872fa-8d59-44e2-7e93-0fa96c5883a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame A4FF 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=991872fa-8d59-44e2-7e93-0fa96c5883a6&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-192-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame A4FF
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D991...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6daf46f64ead9256-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
date
Wed, 09 Feb 2022 18:49:21 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame A4FF 		557 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea6b4fbb65cd19131bde00aeca3a58beb9c1faf8a8ca2d89e36009555b595c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray
6daf46f37f5a9256-FRA
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Wed, 09 Feb 2022 18:49:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 03:57:28 GMT
x-content-type-options
nosniff
age
139913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37780
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 17:59:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 03:57:28 GMT
crum
dsum-sec.casalemedia.com/ Frame 9847
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgQMr1gvlLyb4v.Z5bAfRgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YgQMr1gvlLyb4v.Z5bAfRgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELBwBKJTeO9pZDe1JG_9x2I&google_cver=1&gdpr=1&google_hm=2
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELBwBKJTeO9pZDe1JG_9x2I&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Feb 2022 18:49:21 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELBwBKJTeO9pZDe1JG_9x2I&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9847 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 9847
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VW1CJFZ9ZS9QFYCS565J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JVQZNSNGG11W1R3KTZDE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9847 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 9847 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-length
0
server
a
crum
dsum-sec.casalemedia.com/ Frame 9847
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Feb 2022 18:49:21 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Wed, 09 Feb 2022 18:49:21 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
bridge
cm.adgrx.com/ Frame 9847 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.232.229 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
sjc-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
noop
px.owneriq.net/ Frame 9847
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6977189611836453733&uid=Q6977189611836453733&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
HTTP/1.1
Server
104.92.91.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-91-221.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 9847 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=85f3a7025419f332&uid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
openresty
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 1658 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9116785fe6dda0b83d844a87f363f97808c24a6fd977088cab207c347be49dcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56036
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Thu, 10 Feb 2022 10:23:17 GMT
usync.js
eus.rubiconproject.com/ Frame 329D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9116785fe6dda0b83d844a87f363f97808c24a6fd977088cab207c347be49dcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56036
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Thu, 10 Feb 2022 10:23:17 GMT
s2s
eb.proper.io/ 		373 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58bd911e74ccb27197748bdca29575ff90bee756047f6371cb86dce2e22bf2d7

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:278
cf-ray
6daf46f3ab389249-FRA
expires
-1
dcm
s.amazon-adsystem.com/ Frame 9E4C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CV3HWFV9TRG69T1F8CCX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CRAR7ZG43MNW9NRS2TTA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9E4C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 9E4C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgQMr1gvlLyb4v.Z5bAfRgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YgQMr1gvlLyb4v.Z5bAfRgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELBwBKJTeO9pZDe1JG_9x2I&google_cver=1&gdpr=1&google_hm=2
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELBwBKJTeO9pZDe1JG_9x2I&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Feb 2022 18:49:21 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELBwBKJTeO9pZDe1JG_9x2I&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9E4C 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgQMr1gvlLyb4v-Z5bAfRgAABIoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9E4C
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336719669006985
43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336719669006985
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Feb 2022 18:49:21 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336719669006985
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ix
ad4m.at/ad/sim/ Frame 9E4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
113
match.deepintent.com/usersync/ Frame 9E4C 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:20 GMT
content-length
0
server
a
um
u-ams02.e-planning.net/ Frame 9E4C 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=85f3a7025419f332&uid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
openresty
content-type
image/gif
userconnect
ih.adscale.de/ Frame 832C 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1644432561221&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
content-length
149
content-type
application/javascript
cs&eq_cc=1
um2.eqads.com/um/ Frame 6258
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D85f3a7025419f332%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.237.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-237-203.compute-1.amazonaws.com
Software
/
Resource Hash
2b79b2be823f85a176fed8bcfa6fd848248ce5044221afc3cfd627b7fef16543

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Wed, 09 Feb 2022 18:49:21 GMT
pragma
no-cache

Redirect headers

date
Wed, 09 Feb 2022 18:49:21 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
userconnect
ih.adscale.de/ Frame 61C5 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1644432561228&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
content-length
149
content-type
application/javascript
cmp
spl.zeotap.com/ Frame A4FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6daf46f3d82e9256-FRA
map
ih.adscale.de/ Frame 823F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b6942a98c80d8127dd9338f14bcae526bbb5b595d60439b47c6f48dd21582097

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
cmp
spl.zeotap.com/ Frame 53A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6daf46f3d8319256-FRA
map
ih.adscale.de/ Frame F683 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
63ebdc62dbd0fada3451ea97594ab7be5f71632c6afaac9162f33e22c4978d53

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
v2xce8B24XG1aRzaRGS9vY-pjRAuAuIKBUFmuiouPKTW9yxvjNIaqTkMFDfRLHTL-rSpK1che
superficialeyes.com/ 		254 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2xce8B24XG1aRzaRGS9vY-pjRAuAuIKBUFmuiouPKTW9yxvjNIaqTkMFDfRLHTL-rSpK1che
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
f0080c6287851528b2e79e81355deed01b6cd00f3642b44abf2a6c82e524bd34
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Wed, 09 Feb 2022 18:49:21 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-test-04vg
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
466245667
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
254
expires
Wed, 09 Feb 2022 18:49:20 GMT
match.js
js.adscale.de/ Frame 823F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
cvBg4cQXVqiPA6nFf_.gUz5Jr9PVQrc8
content-encoding
br
last-modified
Tue, 08 Feb 2022 03:53:52 GMT
server
AmazonS3
age
3327
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 09 Feb 2022 17:53:55 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
BXks4i9ui52gDmXebUPikS7xGuWUkccC-44wd0l41cqbec0ey30eCQ==
cc.js
tags.crwdcntrl.net/c/15238/ Frame 7879 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:10:32 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
16730
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
UKfHu4CNtA-563phYfvNJPTCONzXOOinQFxF0Xg1kK-akBusWToyFw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 95FD 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Wed, 09 Feb 2022 18:49:21 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Mon, 08 Feb 2027 18:49:21 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 11B4 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AFR7GlK6OB1Tqvcp
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:22 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
cc.js
tags.crwdcntrl.net/c/15238/ Frame 0A8F 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:10:32 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
16730
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
RPTifvhJo3Pa4NPCoQf2TF26I-xUgBRS-SnwvYMVSg_21i4ZpqsiSQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 7121 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Wed, 09 Feb 2022 18:49:21 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Mon, 08 Feb 2027 18:49:21 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 8708 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ADTJixrS4cbCTJOa
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Wed, 09 Feb 2022 18:49:22 GMT
Content-Length
0
Etag
0ebf7f0b87003d41
img
ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/ Frame 823F
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=70dd8218844b4212aa706e1fc8eb1d11&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=101&tpuid=BBID-01-03191465613965046-16521336
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=101&tpuid=BBID-01-03191465613965046-16521336
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=101&tpuid=BBID-01-03191465613965046-16521336
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
GS.d
js.cookieless-data.com/ Frame 95FD 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1644432561334
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
GS.d
js.cookieless-data.com/ Frame 7121 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1644432561349
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
match.js
js.adscale.de/ Frame F683 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
cvBg4cQXVqiPA6nFf_.gUz5Jr9PVQrc8
content-encoding
br
last-modified
Tue, 08 Feb 2022 03:53:52 GMT
server
AmazonS3
age
3327
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 09 Feb 2022 17:53:55 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
BreX_ky81fXStslmZ-3-u8gSwRUDE80wYfNZb84-u8NakrZ10IikaA==
img
ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/ Frame F683
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=70dd8218844b4212aa706e1fc8eb1d11&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=101&tpuid=BBID-01-03191465614766965-16521336
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=101&tpuid=BBID-01-03191465614766965-16521336
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=101&tpuid=BBID-01-03191465614766965-16521336
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 823F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=bc1fdc7f13fd106fe2546ed0e...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
49 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Wed, 09 Feb 2022 18:49:21 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0918 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60040
expires
Thu, 10 Feb 2022 11:30:01 GMT
date
Wed, 09 Feb 2022 18:49:21 GMT
vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/57304/ Frame 0162
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBmZTY3YTdkNS04OWQ4LTExZWMtYTE2NC0wMjA3OGU0YTYzYWM%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
date
Wed, 09 Feb 2022 18:49:21 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 0162
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&_origin=1&gdpr=1&gdpr_consent=
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
pixel.advertising.com/ups/55986/ Frame 0162
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YgQMsQAE-eqM7ABH&_origin=0&gdpr=1&gdpr_consent=&_test=YgQMsQAE-eqM7ABH
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55986/sync?uid=YgQMsQAE-eqM7ABH&_origin=0&gdpr=1&gdpr_consent=&_test=YgQMsQAE-eqM7ABH
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
52.58.50.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-50-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644432562.606349,VS0,VE0
x-served-by
cache-hhn4075-HHN
x-cache
HIT
location
https://pixel.advertising.com/ups/55986/sync?uid=YgQMsQAE-eqM7ABH&_origin=0&gdpr=1&gdpr_consent=&_test=YgQMsQAE-eqM7ABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
stv
match.prod.bidr.io/cookie-sync/ Frame 0162
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a84fe54f807135d5301ae88c5ba294ca&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc027_7062784069973358526
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTg0ZmU1NGY4MDcxMzVkNTMwMWFlODhjNWJhMjk0Y2E=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEEKUZVm0zRp72sCKOZMT6Dg&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a84fe54f807135d5301ae88c5ba294ca?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-KI4WYGZE2oM3jtoubL7syELi92UCY.ubPn9.9vKf~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6749432177276425798
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6002394307703791370
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YgQMsQAE-eqM7ABH
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=3HiTLSHY1NhS1Q5
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
0
0
img
ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/ Frame 823F
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c01dbe30edf3f6f1fcedd3a01ecd0fc50d0bcd970ce2db51e4b7a9314a90d1dc&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=c01dbe30edf3f6f1fcedd3a01ecd0fc50d0bcd970ce2db51e4b7a9314a90d1dc&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a49...
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=42&gdpr=0&tpuid=6002394307703791370
49 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=42&gdpr=0&tpuid=6002394307703791370
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx
location
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=42&gdpr=0&tpuid=6002394307703791370
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame F683
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=bc1fdc7f13fd106fe2546ed0e...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
49 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgQMr1gvlLyb4v.Z5bAfRgAA%261162
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Wed, 09 Feb 2022 18:49:21 GMT
img
ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/ Frame F683
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c01dbe30edf3f6f1fcedd3a01ecd0fc50d0bcd970ce2db51e4b7a9314a90d1dc&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c...
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=42&gdpr=0&tpuid=6002394307703791370
49 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=42&gdpr=0&tpuid=6002394307703791370
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
nginx
location
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=42&gdpr=0&tpuid=6002394307703791370
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame 823F 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=77fad28eaaab7e2e702dd139bd722d883ed465ae4b15fad041d94b2cc18a0fc7&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:20 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
582592
content-type
image/gif
expires
Wed, 09 Feb 2022 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6258 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=c141e2dd-2e0a-41d7-91de-ef94760b4c55&expiration=1652122161
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Feb 2022 18:49:21 GMT
usersync.aspx
dis.criteo.com/dis/ Frame F683 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=77fad28eaaab7e2e702dd139bd722d883ed465ae4b15fad041d94b2cc18a0fc7&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fimg&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
528278
content-type
image/gif
expires
Wed, 09 Feb 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 823F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=96b27312203b3fe1cfacff9a...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent=
49 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
MT3 4133 baa842e master cdg-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 09 Feb 2022 18:49:20 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame F683
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=96b27312203b3fe1cfacff9a...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent=
49 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
MT3 4133 baa842e master cdg-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 09 Feb 2022 18:49:20 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1658 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&us_privacy=1---&khaos=KZFWOSJN-1R-IQWW
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
pd
u.openx.net/w/1.0/ Frame A514 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Wed, 09 Feb 2022 18:49:21 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 677E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60040
expires
Thu, 10 Feb 2022 11:30:01 GMT
date
Wed, 09 Feb 2022 18:49:21 GMT
vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/57304/ Frame B4ED
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBmZTY3YTdkNS04OWQ4LTExZWMtYTE2NC0wMjA3OGU0YTYzYWM%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIFYeXbNdhlVvndxSUinjeA&google_cver=1&apid=UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
date
Wed, 09 Feb 2022 18:49:21 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame B4ED 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1644432562.784441,VS0,VE90
x-served-by
cache-hhn4075-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55953/ Frame B4ED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7719060d-a5d2-4d3e-b0a1-d7d6829c8c90&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
709414.gif
id.rlcdn.com/ Frame 1658 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 1658
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgQMsQAE-eqM7ABH&us_privacy=1---
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgQMsQAE-eqM7ABH&us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644432562.850960,VS0,VE0
x-served-by
cache-hhn4075-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgQMsQAE-eqM7ABH&us_privacy=1---
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 1658
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nNNDepmT8P-yOce8HJU62Mn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2843818887849280980
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2843818887849280980
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Wed, 09 Feb 2022 18:49:22 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2843818887849280980
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame 1658 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1658
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pGV09TSk4tMVItSVFXVw==&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pGV09TSk4tMVItSVFXVw==&us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pGV09TSk4tMVItSVFXVw==&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 1658
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZFWOSJN-1R-IQWW&sigv=1&esig=2~4a6d13faed1884444cdab89a29ee1fe557a3417e&us_privacy=1---
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZFWOSJN-1R-IQWW&sigv=1&esig=2~4a6d13faed1884444cdab89a29ee1fe557a3417e&us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZFWOSJN-1R-IQWW&sigv=1&esig=2~4a6d13faed1884444cdab89a29ee1fe557a3417e&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1658
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&expires=28
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

Date
Wed, 09 Feb 2022 18:49:21 GMT
Server
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 09 Feb 2022 18:49:20 GMT
tap.php
pixel.rubiconproject.com/ Frame 1658
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmC5vnsItMzrSjznnyE77k&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmC5vnsItMzrSjznnyE77k&google_cver=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmC5vnsItMzrSjznnyE77k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/ Frame 823F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e...
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&gdpr=0&tpuid=CAESEHNx1xd7H1mISKiOxm371bc...
49 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&gdpr=0&tpuid=CAESEHNx1xd7H1mISKiOxm371bc&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&gdpr=0&tpuid=CAESEHNx1xd7H1mISKiOxm371bc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/ Frame F683
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20...
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&gdpr=0&tpuid=CAESEHNx1xd7H1mISKiOxm371bc...
49 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&gdpr=0&tpuid=CAESEHNx1xd7H1mISKiOxm371bc&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:21 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?uid=6bb890fe5df0737effbeb592df210125ef9fbf660cccc7f57fd0fdf9fa32ed86&tpid=38&gdpr=0&tpuid=CAESEHNx1xd7H1mISKiOxm371bc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/ Frame 823F
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40a497897c6974c6ed36%2F1644432561272%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=75&tpuid=6749432177276425798&gdpr=0
49 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=75&tpuid=6749432177276425798&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 883.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1779a3df-f088-4adb-9785-7e13c211b568
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/img?tpid=75&tpuid=6749432177276425798&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/ Frame F683
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34ab28e5b4c736c5fb2fc%2F1644432561353%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=75&tpuid=6749432177276425798&gdpr=0
49 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=75&tpuid=6749432177276425798&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:22 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:21 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 883.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0494b64c-d28f-47c1-b63e-6c80fc6a1c00
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/img?tpid=75&tpuid=6749432177276425798&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
js
ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/ Frame 823F
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=0d33ba8f6dae4eec8b271d0b00ac44f54ceee14b218b18ee2cf39f261b080880&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=0d33ba8f6dae4eec8b271d0b00ac44f54ceee14b218b18ee2cf39f261b080880&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F67e26e2b824f40...
  • https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/js?tpid=48&tpuid=e97e99f531b32d550d0aec48acb9abc0
44 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/js?tpid=48&tpuid=e97e99f531b32d550d0aec48acb9abc0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f390804c9bdd244863b1c98b2d8400b0fbf7cfc95c0967306fd1dd0d82d8c0cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:22 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/67e26e2b824f40a497897c6974c6ed36/1644432561272/0/js?tpid=48&tpuid=e97e99f531b32d550d0aec48acb9abc0
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
js
ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/ Frame F683
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=0d33ba8f6dae4eec8b271d0b00ac44f54ceee14b218b18ee2cf39f261b080880&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34a...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=0d33ba8f6dae4eec8b271d0b00ac44f54ceee14b218b18ee2cf39f261b080880&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe20a7eaa38f34a...
  • https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/js?tpid=48&tpuid=10804cb480b52a182b9e8d168ace4ae1
44 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/js?tpid=48&tpuid=10804cb480b52a182b9e8d168ace4ae1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
65621a20369b1ca5589327125146c84c3bf1fae38b500dc77b81cf23e018fe42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:22 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/e20a7eaa38f34ab28e5b4c736c5fb2fc/1644432561353/0/js?tpid=48&tpuid=10804cb480b52a182b9e8d168ace4ae1
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
sium
ih.adscale.de/ Frame 823F 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 09 Feb 2022 18:49:22 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
sium
ih.adscale.de/ Frame F683 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 09 Feb 2022 18:49:22 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
ptrack
a.audrte.com/ Frame 7879 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.114.215.131&p=M1353665098&artime=2022-02-09T18:49:22.383Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.120.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-120-237.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3db8515069b4b9007e2a0ccb4fdcb44005f9ee0226af864d6aad23b802f3be31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:24 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
ptrack
a.audrte.com/ Frame 0A8F 		368 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.114.215.131&p=M1353665098&artime=2022-02-09T18:49:22.384Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.120.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-120-237.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
840721a3d2a3abdab15351bf54fe19e1f8b1f343dbeddd273e017c09cb13d0ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
match
ps.eyeota.net/ Frame 0A8F
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6002394307703791370
  • https://ps.eyeota.net/match?bid=kh51m51&uid=f7eGY7owhWvQVeLeNGNU4DQBQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=f7eGY7owhWvQVeLeNGNU4DQBQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=f7eGY7owhWvQVeLeNGNU4DQBQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 0A8F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=f7eGY7owhWvQVeLeNGNU4DQBQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 0A8F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f7eGY7owhWvQVeLeNGNU4DQBQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f7eGY7owhWvQVeLeNGNU4DQBQ&gdpr=0&gdpr_consent=&google_gid=CAESEFoHxGb-xQCaQIvZFPV4wVU&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Server
34.192.120.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-120-237.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 09 Feb 2022 18:49:22 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=709426139/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame C109 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=709426139/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e1f0d43d8c349110000d08ec3c15692eca8dc6fea1930a2bc03675f40b15d241

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 09 Feb 2022 18:49:24 GMT
content-type
text/html;charset=utf-8
content-length
1237
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.31.76
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=487712696/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame EB38 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=487712696/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d63011ced6d79c38287d0ea3a81886b4b8f479bac5aae214de5b0dc8ccb25384

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 09 Feb 2022 18:49:24 GMT
content-type
text/html;charset=utf-8
content-length
1193
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.25.17
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
pixel
ps.eyeota.net/ Frame 7879 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=f7eiqoH0AWdQ1KEcP5LeElp9w&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:24 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 7879
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f7eiqoH0AWdQ1KEcP5LeElp9w&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f7eiqoH0AWdQ1KEcP5LeElp9w&gdpr=0&gdpr_consent=&google_gid=CAESEFoHxGb-xQCaQIvZFPV4wVU&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
34.192.120.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-120-237.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:24 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 09 Feb 2022 18:49:24 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame 7879
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6002394307703791370
  • https://ps.eyeota.net/match?bid=kh51m51&uid=f7eiqoH0AWdQ1KEcP5LeElp9w&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=f7eiqoH0AWdQ1KEcP5LeElp9w&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:24 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Wed, 09 Feb 2022 18:49:24 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=f7eiqoH0AWdQ1KEcP5LeElp9w&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
5907
tags.bluekai.com/site/ Frame C109 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=96b28f7bfeaa72bd80b9b88ce2a80fb1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=709426139/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-192-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 18:49:24 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
ibs:dpid=121998&dpuuid=d938d2728e7294d60449986214cf8ac9&gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=1
dpm.demdex.net/ Frame C109 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d938d2728e7294d60449986214cf8ac9&gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=709426139/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.222.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-222-85.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame C109 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDkzOGQyNzI4ZTcyOTRkNjA0NDk5ODYyMTRjZjhhYzk
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=709426139/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=d2d6c7bd-0fb9-44c3-8f93-9f365eaecbe0
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame C109
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=d938d2728e7294d60449986214cf8ac9&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d2d6c7bd-0fb9-44c3-8f93-9f365eaecbe0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d2d6c7bd-0fb9-44c3-8f93-9f365eaecbe0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=709426139/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.66
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d2d6c7bd-0fb9-44c3-8f93-9f365eaecbe0
date
Wed, 09 Feb 2022 18:49:24 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
qmap
sync.crwdcntrl.net/ Frame C109
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=709426139/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.6.116
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Wed, 09 Feb 2022 18:49:24 GMT
Server
MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=5f7d6204-0cb1-4200-b03a-5c0f6506ce6d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 09 Feb 2022 18:49:23 GMT
image.sbxx
global.ib-ibi.com/ Frame C109 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=d938d2728e7294d60449986214cf8ac9
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=709426139/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_256_CBC
Server
69.169.86.38 , United States, ASN29838 (AMC, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
tpid=8291825515391026312
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame EB38
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/d938d2728e7294d60449986214cf8ac9/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8291825515391026312
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8291825515391026312
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=487712696/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.220
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8291825515391026312
pragma
no-cache
date
Wed, 09 Feb 2022 18:49:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
wt.rqtrk.eu/ Frame EB38 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=488797789&gdpr=1&gdpr_consent=&gdpr_pd=0&uid=d938d2728e7294d60449986214cf8ac9
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=487712696/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.160 , France, ASN16276 (OVH, FR),
Reverse DNS
de03.roqad.pl
Software
openresty /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 18:49:24 GMT
Server
openresty
P3P
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Feb 2022 18:49:23 GMT
usermatch.gif
beacon.krxd.net/ Frame EB38 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=d938d2728e7294d60449986214cf8ac9
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=487712696/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.13.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:49:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1644432564
x-served-by
beacon-n011-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
tpid=YgQMsQAE-eqM7ABH
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame EB38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YgQMsQAE-eqM7ABH
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YgQMsQAE-eqM7ABH
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=487712696/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.17.65
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644432564.392179,VS0,VE0
x-served-by
cache-hhn4075-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YgQMsQAE-eqM7ABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame EB38 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=487712696/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame EB38 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=487712696/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 18:49:23 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| structuredClone object| phpProps object| Cookies function| admiral object| googletag function| __tcfapi function| __uspapi object| special_ops object| propertag function| gtag object| dataLayer object| GlobalSnowplowNamespace function| snowplow boolean| haveWeGotAds undefined| $ function| jQuery function| powerpress_pinw function| documentInitOneSignal function| OneSignal object| FB object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent829 object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_data string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint object| webVitals function| constructsekindoParent179 function| nativoLoadFooter string| disqus_shortname object| countVars object| themeMyLogin object| wp number| lazyEmbedsYMargin number| lazyEmbedsTimeout object| aax function| convertToGeoRiotLinks function| extractItunesLinkFromAffiliateUrl function| getLinkType object| Georiot object| Genius object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState object| DISQUSWIDGETS undefined| disqus_domain function| 4dm1r11545242527 object| properSpecialOps boolean| payload_loaded boolean| sekindoFlowingPlayerOn number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device object| ADAGIO string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId object| freewheelssp_cache string| proper_ad_page_uuid object| apstag object| link1 object| link2 function| proper_7c4f3349_bb0d5f60_1 function| proper_4b70cbf9_ba6c9966_2 number| proper_rps string| proper_ad_session_uuid function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| placementId string| x boolean| apstagLOADED object| sas object| apntag object| _ADAGIO undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent object| ID5 object| ats object| response object| PublisherCommonId object| admrlWpJsonP

114 Cookies

Domain/Path Name / Value
www.themarysue.com/ Name: pmpro_visit
Value: 1
www.themarysue.com/ Name: _sp_ses.8cf7
Value: *
www.themarysue.com/ Name: _sp_id.8cf7
Value: d68da7d8-e78e-4af0-aee7-68eda2ea5eb4.1644432559.1.1644432559.1644432559.d15fc6da-7465-41f1-bc87-64f68778a33d
.themarysue.com/ Name: _ga
Value: GA1.2.721961995.1644432560
.themarysue.com/ Name: _gid
Value: GA1.2.2141670875.1644432560
.themarysue.com/ Name: _gat_gtag_UA_21433528_1
Value: 1
www.themarysue.com/ Name: usprivacy
Value: 1---
.themarysue.com/ Name: _sp_cookie
Value: 8d7c0471-a84c-45b0-a2c1-9f27e1ccf7a2
.3lift.com/ Name: tluid
Value: 1911616555921520578307
.adnxs.com/ Name: uuid2
Value: 6749432177276425798
.spotxchange.com/ Name: audience
Value: fd6f883c-89d8-11ec-8157-152b84bd0406
.casalemedia.com/ Name: CMID
Value: YgQMr1gvlLyb4v.Z5bAfRgAA
.casalemedia.com/ Name: CMPS
Value: 3192
www.themarysue.com/ Name: ntv_as_us_privacy
Value: 1---
.casalemedia.com/ Name: CMPRO
Value: 1162
ads.stickyadstv.com/ Name: UID
Value: a84fe54f807135d5301ae88c5ba294ca
www.themarysue.com/ Name: __aaxsc
Value: 2
www.themarysue.com/ Name: sharedid
Value: b7548ff1-6b22-4804-b194-2a05f283df59
www.themarysue.com/ Name: sharedid_last
Value: Wed%2C%2009%20Feb%202022%2018%3A49%3A20%20GMT
www.themarysue.com/ Name: _lr_retry_request
Value: true
www.themarysue.com/ Name: _lr_env_src_ats
Value: false
.bidswitch.net/ Name: tuuid
Value: 7ada77cf-cf9d-4397-9a5f-93661a1f5393
.bidswitch.net/ Name: c
Value: 1644432560
.bidswitch.net/ Name: tuuid_lu
Value: 1644432560
.postrelease.com/ Name: opt_out
Value: 1
www.themarysue.com/ Name: ntvSession
Value: {"id":3491183,"placementID":1024382,"lastInteraction":1644432560448,"sessionStart":1644432560448,"sessionEndDate":1644451200000,"experiment":""}
.yahoo.com/ Name: A3
Value: d=AQABBLAMBGICEMw3AG45aITgjXD9c7d7TqsFEgEBAQFeBWINYgAAAAAA_eMAAA&S=AQAAAgghIQgXuD66YJqjQ99Vm0I
.creativecdn.com/ Name: ts
Value: 1644432560
.creativecdn.com/ Name: u
Value: uXzbKyZDHk4DUMLCQjrL
ads.us.e-planning.net/ Name: CT
Value: 1
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s568|YgQMs
.e-planning.net/ Name: E
Value: ADTJixrS4cbCTJOa
.rubiconproject.com/ Name: khaos
Value: KZFWOSJN-1R-IQWW
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3gR5Yk79DvEszzH/SUMvpGs1wMD2ZZQDJ2wHsFnqwQFGRX3f+1X1/VT2Auwp9voJN7U3HAScTA0OCAnekPgJibWwUZhu5bAzzc6UO785F0Pw==
.adscale.de/ Name: uu
Value: 70dd8218844b4212aa706e1fc8eb1d11
.zeotap.com/ Name: zc
Value: 991872fa-8d59-44e2-7e93-0fa96c5883a6
.zeotap.com/ Name: zsc
Value: %994FR%8E%29%83%FE%EC%DD%F5%C5%07x%B8%FC%7Ba%913%BD%26%26%A6%F1%C1%03%B1%E9%81%C6%3B%0D%BC%191%BBR%2B%A4-%B3J%FF%BA%0A%CE%A5%F2%EB%FF%3E0%EEC-%10%CA%87%CC%BBMs%CA%BFs%E4%A8%02%5E%29%90%04f%A2O%04c%AD%84I%97%5BO%26%92%1E%EC%91%ED8%DC%F6%FC%DB%A9%99%17%E2g%99v%D0%9Ci%F9%86%1E%11%C3gIN3%02%14%DB%ADJB%10%8C%F6%C5%E4%B9%F5%DB%AA%C9%96%B3%DC%7F%1D%8BP%C4%9D%18h+JZ%DB%3FS%09p%F7B%88%1A2%CD%13Y%832J%C1%07%C5%DDA%B1%AC%1D
.casalemedia.com/ Name: CMST
Value: YgQMsGIEDLEA
.proper.io/ Name: mediagrid
Value: 7ada77cf-cf9d-4397-9a5f-93661a1f5393
.proper.io/ Name: verizon_media
Value: y-x01b20RE2uGHwBIhkoef64rBLykjrR7e~A
.themarysue.com/ Name: properSessionData
Value: eyJ1dWlkIjoiNjNiZGJjNWMtZjU3Zi00YzkzLWJlZmMtZDRiOTIyZGQyOWRiIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwiaW5kZXgiOjEsIm9wZW54IjoxLCJzb3ZybiI6MSwidGVhZHMiOjEsImNyaXRlbyI6MSwibWFudGlzIjoxLCJzb25vYmkiOjEsInJ1Ymljb24iOjEsImFwcG5leHVzIjoxLCJtZWRpYW5ldCI6MSwicHVibWF0aWMiOjEsImFkeW91bGlrZSI6MSwicmh5dGhtb25lIjoxLCJ0cmlwbGVsaWZ0IjoxLCJqdXN0cHJlbWl1bSI6MSwic2hhcmV0aHJvdWdoIjoxLCJ0aGlydHl0aHJlZWFjcm9zcyI6MX0sImxhc3RfdGhyZXNob2xkIjowfQ==
www.themarysue.com/ Name: _lr_geo_location
Value: DE
.richaudience.com/ Name: avcid-zeo-uid
Value: 991872fa-8d59-44e2-7e93-0fa96c5883a6
.console.adtarget.com.tr/ Name: a550070
Value: ${USER_ID}
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.owneriq.net/ Name: si
Value: Q6977189611836453733
.owneriq.net/ Name: p2
Value: cc
.tapad.com/ Name: TapAd_TS
Value: 1644432561259
.tapad.com/ Name: TapAd_DID
Value: d2d6c7bd-0fb9-44c3-8f93-9f365eaecbe0
.themarysue.com/ Name: _awl
Value: 2.1644432561.0.5-474b4ce68cac5d57b4323eae99973685-6763652d6575726f70652d7765737431-0
.themarysue.com/ Name: _admrla
Value: 2.0-474b4ce6-8cac-5d57-b432-3eae99973685
.adsrvr.org/ Name: TDID
Value: 7719060d-a5d2-4d3e-b0a1-d7d6829c8c90
.weborama.fr/ Name: AFFICHE_W
Value: Alj3u-q889UC27
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDQzszQwMLO0MBXiM9S1dA4p9vWtMLZwT46X4jU0MzExMTYyNTM0NrQAAENAuFs0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJiYmxkamZobGgJAAFYlYcQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDQzszQwMLO0MBXiM9S1dA4p9vWtMLZwT44HAAtX4aolAAAA
.adfarm1.adition.com/ Name: UserID1
Value: 7062784069981436048
.tidaltv.com/ Name: tidal_ttid
Value: 98947a0b-f8af-4a03-8198-e4bf8cd32702
.theadex.com/ Name: tis_VgL
Value: VgLeAogw
.theadex.com/ Name: axd
Value: 4285444988223140272
.doubleclick.net/ Name: IDE
Value: AHWqTUmekEMtKeyx1XGlPcYm1vCrJCy0qNz7-Lp5DnHxnqcp9y2RqHhkVDOWnmeUz-o
.dpm.demdex.net/ Name: dpm
Value: 48080667597909697622365193066645172727
.demdex.net/ Name: demdex
Value: 48080667597909697622365193066645172727
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjAytjK0MAIAGi8mtgkAAAA="
.agkn.com/ Name: ab
Value: 0001%3AO%2F3WaB1VDMJZTZJsDSYdCFVbKkplJgxd
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.krxd.net/ Name: _kuid_
Value: OpxdZAXn
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: d938d2728e7294d60449986214cf8ac9
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.ibillboard.com/ Name: ibbid
Value: BBID-01-03191465614766965-16521336
.mathtag.com/ Name: uuid
Value: 5f7d6204-0cb1-4200-b03a-5c0f6506ce6d
ads.stickyadstv.com/ Name: sessionId
Value: 717baa43e211b4cdf6689a89b684e21a
.proper.io/ Name: __cf_bm
Value: poyNBfJUo1gcyVECT6.WnEpRy0.gXywSnVns3EdEEmI-1644432559-0-Ad%2FhAMRRXALNJmvkDNMW%2F%2FolzPjZxSfA9%2ByfdbQVeHwaVIjcN%2FtySMBZaS1K%2BsDad7VrBJn7Ok0Dxa9R8AsXw%2B7rc%2FQdmaY%2BMjIP3Og6TuDT
.eqads.com/ Name: EQUser
Value: UID=c141e2dd-2e0a-41d7-91de-ef94760b4c55
.adform.net/ Name: C
Value: 1
.advertising.com/ Name: APID
Value: UPfe67a7d5-89d8-11ec-a164-02078e4a63ac
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YgQMsQAE-eqM7ABH
.console.adtarget.com.tr/ Name: a550214
Value: ${USER_ID}
.adform.net/ Name: uid
Value: 6002394307703791370
.analytics.yahoo.com/ Name: IDSYNC
Value: "190z~2356:187s~2356"
.casalemedia.com/ Name: CMRUM3
Value: b062040cb105a00&e662040cb12760&2762040cb10b40&2862040cb12760c141e2dd-2e0a-41d7-91de-ef94760b4c55&0562040cb105a0&2d62040cb12760CAESELBwBKJTeO9pZDe1JG_9x2I&3962040cb127605142336719669006985&f162040cb105a0
.fwmrm.net/ Name: _uid
Value: "pc027_7062784069973358526"
.mathtag.com/ Name: mt_mop
Value: 9:1644432561
ads.stickyadstv.com/ Name: uid-bp-36033
Value: pc027_7062784069973358526
ads.stickyadstv.com/ Name: MRM_UID
Value: pc027_7062784069973358526
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEEKUZVm0zRp72sCKOZMT6Dg
.adscale.de/ Name: cct
Value: 1644432562021
.console.adtarget.com.tr/ Name: a307080
Value: uXzbKyZDHk4DUMLCQjrL
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwiu34Dg84G2OhAFOAFaCXN0aWNreWFkc2AC
ads.stickyadstv.com/ Name: uid-bp-892
Value: 7719060d-a5d2-4d3e-b0a1-d7d6829c8c90
.m6r.eu/ Name: test
Value: true
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-KI4WYGZE2oM3jtoubL7syELi92UCY.ubPn9.9vKf~A
.m6r.eu/ Name: cct
Value: 1644432562239
.m6r.eu/ Name: id
Value: 10804cb480b52a182b9e8d168ace4ae1
ads.stickyadstv.com/ Name: uid-bp-951
Value: 6749432177276425798
.ih.adscale.de/ Name: tu
Value: 4#2419831187#48~10804cb480b52a182b9e8d168ace4ae1~456786~0~0#101~BBID-01-03191465614766965-16521336~456786~456786~2#38~CAESEHNx1xd7H1mISKiOxm371bc~456786~0~0#39~5f7d6204-0cb1-4200-b03a-5c0f6506ce6d~456786~0~0#40~~456786~456786~2#42~6002394307703791370~456786~456786~2#75~6749432177276425798~456786~0~0#63~YgQMr1gvlLyb4v.Z5bAfRgAA&1162~456786~456786~2
.console.adtarget.com.tr/ Name: a307442
Value: ADTJixrS4cbCTJOa
ads.stickyadstv.com/ Name: uid-bp-529
Value: 5f7d6204-0cb1-4200-b03a-5c0f6506ce6d
ads.stickyadstv.com/ Name: uid-bp-617
Value: 6002394307703791370
ads.stickyadstv.com/ Name: uid-bp-45
Value: YgQMsQAE-eqM7ABH
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.eyeota.net/ Name: SERVERID
Value: 20080~DM
.w55c.net/ Name: wfivefivec
Value: 3HiTLSHY1NhS1Q5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: 3HiTLSHY1NhS1Q5
.console.adtarget.com.tr/ Name: vmuid
Value: 830301d2e920d380
.console.adtarget.com.tr/ Name: a307565
Value: 70dd8218844b4212aa706e1fc8eb1d11
.bidr.io/ Name: checkForPermission
Value: ok
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIYuHZAqSgAAAN7gEn"
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLE0tkgxMjeySDU3sjRJMTMwMbG0tDAzMjRJTrNITLZkAIIkFp4tf%2F%2F%2F%2F88P4oAB18RJL1QZ28oZ%2FjMyMrxbMocFxt6977IAjP3xsyWMefzoIWYY%2B%2FBihPLjm6bAtU4%2FoQ5T8mHiHHEY%2BxmScgC1QzaX"
.turn.com/ Name: uid
Value: 8291825515391026312
.audrte.com/ Name: arcki2
Value: f7eiqoH0AWdQ1KEcP5LeElp9w!20210804!1644432564544

9 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=991872fa-8d59-44e2-7e93-0fa96c5883a6&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=991872fa-8d59-44e2-7e93-0fa96c5883a6&reqId=0649f58e-b06b-49c3-7495-a3a09c5cf115&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://tags.bluekai.com/site/87734?id=c3fff460-e208-4fd4-4090-2cc2c1442a93&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c3fff460-e208-4fd4-4090-2cc2c1442a93&reqId=d215839d-5637-4d15-4153-5e6d0e06d6d5&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
aa.agkn.com
aax-eu.amazon-adsystem.com
abcheck.proper.io
ad4m.at
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.yahoo.com
adscale-emea.adnxs.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bids.proper.io
bn01.er.bemail.it
btlr.sharethrough.com
c.aaxads.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn.id5-sync.com
cdn.onesignal.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
csync.loopme.me
d.turn.com
dis.criteo.com
disqus.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb.proper.io
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geekosystem.com
geniuslinkcdn.com
geo.privacymanager.io
global.ib-ibi.com
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
jadserve.postrelease.com
js.adscale.de
js.cookieless-data.com
l3.aaxads.com
live.primis.tech
loadeu.exelator.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onesignal.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid.media.net
primis-d.openx.net
propermedia-d.openx.net
ps.eyeota.net
px.owneriq.net
rtb.openx.net
rules.quantcount.com
s-jsonp.moatads.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.ntv.io
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
spc.themarysue.com
spl.zeotap.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
superficialeyes.com
sync-tm.everesttech.net
sync.adotmob.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.tidaltv.com
tag.1rx.io
tags.bluekai.com
tags.crwdcntrl.net
terrifictooth.com
themarysue.com
themarysue.disqus.com
tlx.3lift.com
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
um2.eqads.com
unpkg.com
ups.analytics.yahoo.com
usermatch.krxd.net
usync.proper.io
video.primis.tech
wt.rqtrk.eu
www.aaxdetect.com
www.google-analytics.com
www.googletagmanager.com
www.themarysue.com
x.bidswitch.net
z.moatads.com
match.prod.bidr.io
104.102.28.254
104.102.30.13
104.108.145.8
104.108.145.83
104.89.31.187
104.90.192.27
104.92.105.214
104.92.70.118
104.92.91.221
13.32.240.82
142.250.186.130
151.1.205.165
151.101.192.134
151.101.194.49
168.119.79.223
172.217.16.130
178.162.133.150
178.250.0.165
178.250.2.151
18.156.0.31
18.158.20.100
18.158.238.206
18.198.28.225
18.64.103.63
18.66.109.174
18.66.248.90
185.183.112.148
185.184.8.65
185.255.84.151
185.29.134.248
185.33.221.215
185.64.189.112
185.64.190.78
185.94.180.124
185.94.180.125
193.0.160.128
198.20.95.18
199.232.192.134
2.19.35.65
2001:678:cb4:bbbb::13
205.234.175.175
209.54.180.144
212.129.3.112
212.82.100.182
213.19.147.42
23.0.33.234
23.209.68.8
23.37.42.132
23.88.75.187
2600:1f18:6593:f600:d00c:d52c:5371:efa
2600:9000:2182:1400:8:48e:53c0:93a1
2600:9000:223f:1000:f:4f64:8940:93a1
2600:9000:225f:4a00:6:44e3:f8c0:93a1
2602:803:c004:200::141
2606:4700:10::ac43:14a1
2606:4700:10::ac43:db6
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700::6810:7aaf
2606:4700::6811:4f22
2606:4700::6812:e134
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:80:800::7001
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:600::300
2a05:d018:24:b001:3357:fdd3:4721:80d2
2a05:d018:d29:3602:bd34:6511:c5e2:890a
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.122.58.191
3.125.184.48
3.127.178.105
34.107.148.139
34.120.133.55
34.120.157.206
34.149.20.76
34.192.120.237
34.226.144.114
34.242.175.248
34.254.143.3
34.98.64.218
35.156.28.35
35.158.183.66
35.164.52.163
35.174.217.176
35.190.39.246
35.201.81.244
35.201.96.133
35.227.248.159
35.227.252.103
35.244.174.68
37.157.2.238
37.157.6.241
37.252.172.36
37.252.173.62
38.91.45.7
44.225.168.153
46.105.202.126
5.178.65.245
5.178.65.253
51.75.146.160
51.89.20.86
51.89.9.252
52.209.129.133
52.223.40.198
52.28.203.152
52.45.237.203
52.45.242.235
52.58.50.64
52.95.125.22
54.154.13.77
54.155.222.85
62.149.0.72
62.209.227.211
63.250.56.119
63.250.60.65
66.155.71.149
69.169.86.38
69.173.144.138
69.173.144.139
72.251.232.229
72.251.244.140
72.251.249.14
76.223.111.18
83.136.253.58
85.114.159.118
89.163.159.106
95.100.209.94
95.100.210.71
027983e9670bd35f6833ee1f9f56a891bb293a80a65e5d0ae4701fc774537d67
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0350c457103cc91b27e3244e09782469c485d8e76b4f5d591ba94a1cd2c35089
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ef372e2961e878df63a345e7521c54851659325847f6697b3e8e947ebd7837
0754f2e081b1a1355ac5858d85bdbcab8eee6656507a66e7e76202cc7db74c51
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11c74e4fa3ec8e97b00ef9cae99b67f4455fef9f4abc1c767d47afa21ac323cb
134f84597142857661d345298a6f740a5c345169009b7a2e3adf8036767e7ca4
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1528682ca72ebacc65a9b45556576c6598b70a3c135bfb6c866596422d507c6a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
17f5d59f711df1df1d7ee06dc111c7b8c2633469313890fe41a8110a79df0cd0
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1a03b23bd3aaafc5631f40afe0a908f0b51d342c4c5583e0d1e107d2979c318f
1b746f4b7f61be6e97de8be6b7aea2ea378b3f9d462a296123dd944e5b794c62
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
22a420db9f3026cba64a4e5b7bae2972de615bc9b5dd71d78469e952adbeaf96
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b63d5f8e1604ba190a867e4f12eeffcab1499bc42fa7fef1ed89fff7f3991d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2837dc24270bc43e4d013b223b1d5d59df7369d82e0208ef30691af7be3aba3e
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
293c4dc0bc427f936cbfafa8f6e004998f032a2a407285a296fba02d23573846
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2b79b2be823f85a176fed8bcfa6fd848248ce5044221afc3cfd627b7fef16543
2b81c10bead8bab8d324700b999cd9549c410678f2f43cf36dc3aacf818a8f32
2be9cf8fed41b71d3408d293dcca46eae7858d27328b190e2607a87d2a66fdef
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f01d0e33fa9c077c4f1f837e7cb193d6ef3a902b0e45d6ee0cc625d099023b2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302603cbea23a21ffba092d2e6ab3a8d33262bf1849955efaf56eea8d9191455
30b582e9bfdbf0af2563f1220ace33de65ad5f1b73d0a0542ffd9c02788cf2be
3251f19e0ef7efc125509d8c9aac52e3abdebfcf6f6ea6c2114907259e96edef
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34c9e24691708ae6ada274602d3da1881113417f36184dc79333b9a515b32904
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38840bc3330b98934d326969a95d581fc42bbac2f6c020160bf4d366e9ca9885
3a1be0eaeb582395645936ab59a67adbc488b54c9ebe216bae00fdbc12ee2a28
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3d9dde8583bd9a08b29bc9bb5ae15a4bdf33c7a16dc6b7c3f0ad92a5d4a9e411
3da031ff072bc0fde56a065bc8971c0dfce5d9176b611422a3f44b43b4b41958
3db8515069b4b9007e2a0ccb4fdcb44005f9ee0226af864d6aad23b802f3be31
3ea314f9d44a5be06ae36d7a73d51d515ff4d233421cdef14d1a0d6edf0c5ad8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b499aa0b45aef438756a2f74f2d6a0fdf22b01d423b19f52111fa4fbc9f79b
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188
53ccee744c5db641ca9e37f041a302720b862edf02e7fdee87ba9cb66921a287
53dfab331426cfb18c2817a8d8c6c0acf8d173d74d143df95bf18f5611ddee54
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5715929471189592a4584792deec7c0b804976c71366f1cf03ab8d0eb782a00a
58598d04c3bdf8eb43a5dcb66a932dc4191fae75384ca76c405dbaf826e9f594
58bd911e74ccb27197748bdca29575ff90bee756047f6371cb86dce2e22bf2d7
58c8f9f8ac07ad5688411afc87c4dfbf14c0d82ece30f3fa776d7c000231b152
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cbaa50905cbfd614dc889e6155550145a3ed92a0085f7cbfcdd5df69145dfdf
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61e015278e360c2f6543f8d1eaaa595f5e3f13a27fd991cfe6aad5608463b747
635e0cc36774866d8c63bdfe28234c030577929403e90528e5ddd108af489992
63ebdc62dbd0fada3451ea97594ab7be5f71632c6afaac9162f33e22c4978d53
65621a20369b1ca5589327125146c84c3bf1fae38b500dc77b81cf23e018fe42
6829e036a70ec0db65da1037d5308787bcd3a8d4b4f891949c8189ca62435c85
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
69e9f053c60b651628e0c7d097aca33d351e12a2a39b7d393ff0214cf927d1ea
6a1a2583c33044054e8c3c92d790712c2a3ccb1b90dbef25e62e0a4f00350b5c
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ac50d301a31d0dd7a016f13f80ea50db930734c9461f694339c35c15d2ba7a1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
71196740943f35199c4efd811d4387be6cb89dee4881e13dc94b1ac20ad3a255
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
781e67ecb2f9e56a60b2e356544fddea7f6b4bcb9b63fa3d19675112b0081826
7961a1433b796f1546f9e9c53ce2bfbaa7c91742773edad8d9fa5ddf71898f0a
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
81422271146b5886d672abad6c7454dd07e813cf83e582db7576289a0bb7960d
81aa34fcac9ffacb34a7ed839729b591cdea2fefb373ee2c2ec66d2fe6888961
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83732e8687ef4c56953be4994d897ad3cd92fa51c427c3d5e2547cc3287fa3a0
840721a3d2a3abdab15351bf54fe19e1f8b1f343dbeddd273e017c09cb13d0ea
85aeaa189347798ee272b355822338df162e3dd4ae2e4e1e57a8cb71a6de7fda
8615a71c1f36362def617ba2fb1e9aac84cd9e712523552063cc39375e4e2f1c
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b1016fd5db496e1b5d3f0245a59bd602839b7568091d598c3248bb42faabef8
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea6b4fbb65cd19131bde00aeca3a58beb9c1faf8a8ca2d89e36009555b595c0
9116785fe6dda0b83d844a87f363f97808c24a6fd977088cab207c347be49dcb
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
95b9162643dec1ad9fd40391d498a03d7f0276f74666188f483087a1547eaec2
96fc6c9332f2c8af676f74890cae663376d65e10f2fe850891842dff3252fcf0
99e73ad0a32cb8e853229c884083a3e5c0379c2de7fd45504fb70c41209ae5b9
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7
9daa70f04bcab7bfa85850050b2a1adcf9be552b4492510fa271be85ff041479
9ebadcb8f4f706d2c4db7744b22465ba72064a4ca975b8f96faf2cd147d5f8bd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b0f264b246e9152f7e4359f2a6a6836f316fc97e14adab47e81343aa5f9779
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a48fe78fda97e6ca8bde40cec9328b4453c9224fe4b2f223547690b5b670db07
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e8ba096ba44a27d53819ae9f82f5c73cf71fea5ff38d034bdf5839e7c09fc1
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b6942a98c80d8127dd9338f14bcae526bbb5b595d60439b47c6f48dd21582097
b7f99bb37a679f17c558288c7d178724cb48888f48632bc4a63958e28a04dcdb
bacb3c0e40dd4c86c4919d06574d8cf77f320a498d35b667e65e86b148b51d9b
bad1404a13472a9c712f8669d8c32653747a6c9d7034c5718dbfa7d61eef97fe
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be69496fe4311ce11f780f385d013372aea78aeb5a5a57e14f3307a8185aa6f0
bebc0ae1c09872eb1ee9c76e7e2273c089e70e290dbe06a2dee1a58d1b396e14
c04f805e270119baf7fd56a4bb438a0d12d48e76ace5d1bd779c1bb41038a483
c198ea194079eb6d5c2dcb28ce68e481cbeccc04dc5408d07be0ea6047bacc25
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d86047c1afcf78f644fe2156f5f8021f8667ecfb3b12dbf4609e728c79a6d2
c456b04617da13cccb8509c8c74dcd79be3809978ea655d93a304718c4e532ba
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c91fbc2625f077388874afef81f05f9a2f8c19e2deb95243dbf255ad651f7067
ca84439bb3cda98449c1170c97e2871cb5d520d0c31c3a4f85c47fa2bc6b11b0
cb2f136536100cecd793ad2208200acb19744fdb4fdb4694644271ad79345aab
cc0c4f5c3d6acef428e5aa92fada14b3238a6f318b6a6fc9b0c5a4c1397611ae
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d1720e14b7ad40537f7d7f1338954b0ca4b62b7d9432a69f711c9ebc3cbfd4fb
d58a7f584aeb33d60d2ced3e9f3408f973f11b91ae87f1bf2221a09236885375
d63011ced6d79c38287d0ea3a81886b4b8f479bac5aae214de5b0dc8ccb25384
d73288e015b94b30bf69ded2f374a038a2c84286d6188167286d2a64e2e003ae
d892de48681f6ca98b25929b3d0940d36cbe92b18cc93b387e326c27616b0cd9
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db0811bb161c53b5359aa4434fc4ca6a9c2806d77bb2840013a8814a6f4f7cc1
db341ee384dc1f22ab13aa78c6c9b5470ce109e950327406f1ae65015031c75e
dc954e26da6e124b93bc85b27dbe52dcb740d7ff856dfae89eba91195f1214c2
dd226f3829c76c878c38c078df74f948ce6579c5cb4ccc6e1ec234b76b62b061
ddc608553c368676512e6770ba713fcb63bc2524ce3285c6abb4a71082853b43
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
e02d0fb111b84ee38d1a251c114af1e747f107d543083043d3bbf9893ad23a77
e1f0d43d8c349110000d08ec3c15692eca8dc6fea1930a2bc03675f40b15d241
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3faae9a155907fb5fbb8df7e272334e962395621064dbdc1d5e5cce4d13fe28
e5235bae34849e2d6783d71b130eeb24f09be3325bce12ab95f2b549cf6f1e6e
e787eccbaa2fc69b0d6cd90c88d999775564004e6432c14ea8112c8250e7f034
e83ade8841826e5cf9e954304d57003ea082aec65050eadbe92e2cb7a57175d1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e954ddab5f0d3bf94b1bf5a1d73fb3f5711c64eb79a53a9d31d3bece479aba21
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
eb64da40aab740e4d9b913ff1a35823dad54df6290825ea9d1fc649e699903fb
eb9332c933f942b959ff5d66ed18ee6e756aaef3f515dce70b5b61d3b20b92da
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec32c0ca4826f63185cdad8150473e62e69b622c46980008253446bf2e552460
eccea9abb9062bd89d864b8514e77d3f08e1decfbdf1cb16f7d635658c03cd7f
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
efdf095b8654cdd35aca8cd904f12d31887fc8b3fd57db8b94152da731d359f9
f0080c6287851528b2e79e81355deed01b6cd00f3642b44abf2a6c82e524bd34
f1180570af40ea4e8174e7af8027d627989e1c3ba769b0eac46b6c27ced94cec
f390804c9bdd244863b1c98b2d8400b0fbf7cfc95c0967306fd1dd0d82d8c0cc
f593e49d021dfe9c0375a39265498dda7577848fbb80329b5996348547f13e64
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927
f7884a71467d172da66b6beb6cb3ce1abeb5435157c881766f86cc1e35484c12
f9ef63a1c5f7a4ed3ecf04cb34452aefabae3943c9f0834d4b162b89f9a2e6a7
f9f9d4034c499654f02633aded8d85aea66529c881516dff70f4517adfa3bcfb
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56
fbea5260d51ef6ebffe18f8abe006ad537908cb1d02bdc26d3cf7e97672e6a59
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb