urlscan.io logo urlscan.io
SecurityTrails logo

www.themarysue.com Open in urlscan Pro
2606:4700:10::6816:4085  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://themarysue.com/
Effective URL: https://www.themarysue.com/
Submission: On May 09 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 10 countries across 68 domains to perform 265 HTTP transactions. The main IP is 2606:4700:10::6816:4085, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.themarysue.com. The Cisco Umbrella rank of the primary domain is 151345.
TLS certificate: Issued by E1 on March 15th 2022. Valid for: 3 months.
This is the only time www.themarysue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 2606:4700:10:... 13335 (CLOUDFLAR...)
22 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 92.122.144.184 16625 (AKAMAI-AS)
1 83.136.253.58 202053 (UPCLOUD)
25 2600:9000:214... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (STACKPATH...)
6 35.190.39.246 15169 (GOOGLE)
1 35.201.96.133 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 108.157.4.121 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 142.250.186.66 15169 (GOOGLE)
4 34.120.157.206 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
7 52.9.210.200 16509 (AMAZON-02)
6 13.226.159.202 16509 (AMAZON-02)
2 3 3.120.166.248 16509 (AMAZON-02)
2 52.24.77.206 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
2 141.95.98.64 16276 (OVH)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 35.83.57.60 16509 (AMAZON-02)
1 178.250.2.131 44788 (ASN-CRITE...)
7 34.149.20.76 15169 (GOOGLE)
1 34.107.148.139 15169 (GOOGLE)
1 216.52.2.30 30282 (AS-INAPCD...)
1 37.252.173.215 29990 (ASN-APPNEX)
3 2.21.111.28 16625 (AKAMAI-AS)
1 2602:803:c004... 26667 (RUBICONPR...)
3 213.19.147.42 26120 (RHYTHMONE)
1 18.196.86.25 16509 (AMAZON-02)
1 52.57.7.236 16509 (AMAZON-02)
1 178.162.133.150 60781 (LEASEWEB-...)
3 204.237.133.116 62713 (AS-PUBMATIC)
10 18.195.145.239 16509 (AMAZON-02)
5 35.244.159.8 15169 (GOOGLE)
1 104.79.89.16 16625 (AKAMAI-AS)
1 108.157.4.92 16509 (AMAZON-02)
1 104.89.31.187 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 1 151.101.0.134 54113 (FASTLY)
5 199.232.196.134 54113 (FASTLY)
4 104.92.105.214 16625 (AKAMAI-AS)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 65.9.63.76 16509 (AMAZON-02)
1 104.90.179.41 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
2 92.122.147.28 16625 (AKAMAI-AS)
2 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a06:8640:464... 55081 (24SHELLS)
16 63.250.60.65 204548 (CLOUDWEBM...)
1 1 23.88.75.187 24940 (HETZNER-AS)
3 4 2.20.157.55 16625 (AKAMAI-AS)
2 2 76.223.111.18 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 37.252.172.38 29990 (ASN-APPNEX)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
1 1 184.87.212.24 16625 (AKAMAI-AS)
8 23.227.139.243 55081 (24SHELLS)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 2600:9000:249... 16509 (AMAZON-02)
2 7 37.157.3.28 198622 (ADFORM)
1 104.36.113.23 62713 (AS-PUBMATIC)
4 18.156.195.47 16509 (AMAZON-02)
2 185.86.139.85 201081 (SMARTADSE...)
2 4 104.79.89.79 16625 (AKAMAI-AS)
1 13 18.157.218.241 16509 (AMAZON-02)
1 1 62.209.227.211 13036 (TMOBILE-)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 103.229.205.243 30419 (MEDIAMATH...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 18.202.123.28 16509 (AMAZON-02)
2 52.223.40.198 16509 (AMAZON-02)
1 1 18.134.84.19 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 2 142.250.186.98 15169 (GOOGLE)
2 2 72.251.244.141 ()
265 80
13    2606:4700:10::6816:4085 (United States)

ASN13335 (CLOUDFLARENET, US)
themarysue.com
www.themarysue.com
22    2606:4700:10::6816:4185 (United States)

ASN13335 (CLOUDFLARENET, US)
www.themarysue.com
themarysue.com
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    92.122.144.184 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-144-184.deploy.static.akamaitechnologies.com
s.ntv.io
1    83.136.253.58 (United Kingdom)

ASN202053 (UPCLOUD, FI)
PTR: 83-136-253-58.uk-lon1.upcloud.host
geniuslinkcdn.com
25    2600:9000:2146:4e00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
6    35.190.39.246 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 246.39.190.35.bc.googleusercontent.com
superficialeyes.com
1    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
terrifictooth.com
6    2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
abcheck.proper.io
eb.proper.io
4    108.157.4.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
4    34.120.157.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.themarysue.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:206f:e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    52.9.210.200 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-210-200.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
6    13.226.159.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-202.dus51.r.cloudfront.net
c.amazon-adsystem.com
3    3.120.166.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-166-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.24.77.206 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-77-206.us-west-2.compute.amazonaws.com
usync.proper.io
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    35.83.57.60 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-57-60.us-west-2.compute.amazonaws.com
bids.proper.io
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
7    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    213.19.147.42 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    18.196.86.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-86-25.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
1    52.57.7.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-7-236.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
3    204.237.133.116 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
10    18.195.145.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
propermedia-d.openx.net
u.openx.net
primis-d.openx.net
1    104.79.89.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com
a.teads.tv
1    108.157.4.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-92.dus51.r.cloudfront.net
ats.rlcdn.com
1    104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    151.101.0.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
5    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
themarysue.disqus.com
4    104.92.105.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-105-214.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    2600:9000:224a:8200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2606:4700:10::6816:3a6e (United States)

ASN13335 (CLOUDFLARENET, US)
am22.mediaite.com
1    65.9.63.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-76.fra56.r.cloudfront.net
geo.privacymanager.io
1    104.90.179.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-179-41.deploy.static.akamaitechnologies.com
www.aaxdetect.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    92.122.147.28 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-28.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a06:8640:464:0:92e2:baff:fed9:e201 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
16    63.250.60.65 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
1    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
4    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
js-sec.indexww.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2600:1f18:612b:4200:ada2:2974:cd33:9395 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
60687.publishers.tremorhub.com
1    184.87.212.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-24.deploy.static.akamaitechnologies.com
cs.media.net
8    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.console.adtarget.com.tr
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    2600:9000:2490:2a00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
7    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
adx.adform.net
track.adform.net
1    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
2    185.86.139.85 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
4    104.79.89.79 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-79.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
13    18.157.218.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    62.209.227.211 (Kostany, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    18.202.123.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-123-28.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    18.134.84.19 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-19.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
2    72.251.244.141 (None, )

ASN- ()
tracking.m6r.eu
Apex Domain
Subdomains		 Transfer
41 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3859
video.primis.tech — Cisco Umbrella Rank: 6443
5 MB
39 themarysue.com
themarysue.com — Cisco Umbrella Rank: 147498
www.themarysue.com — Cisco Umbrella Rank: 151345
spc.themarysue.com — Cisco Umbrella Rank: 612340
402 KB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7275
ih.adscale.de — Cisco Umbrella Rank: 5193
16 KB
10 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1585
1 KB
9 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5879
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 6341
4 KB
9 proper.io
global.proper.io — Cisco Umbrella Rank: 12502
abcheck.proper.io — Cisco Umbrella Rank: 14366
usync.proper.io — Cisco Umbrella Rank: 20853
bids.proper.io — Cisco Umbrella Rank: 12946
eb.proper.io — Cisco Umbrella Rank: 22741
138 KB
7 adform.net
cm.adform.net — Cisco Umbrella Rank: 2730
adx.adform.net — Cisco Umbrella Rank: 3636
track.adform.net — Cisco Umbrella Rank: 3866
2 KB
7 33across.com
ssc.33across.com — Cisco Umbrella Rank: 2373
1 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 856
gum.criteo.com — Cisco Umbrella Rank: 448
mug.criteo.com — Cisco Umbrella Rank: 1931
dis.criteo.com — Cisco Umbrella Rank: 974
3 KB
7 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1708
4 KB
6 disqus.com
disqus.com — Cisco Umbrella Rank: 2981
themarysue.disqus.com — Cisco Umbrella Rank: 682685
7 KB
6 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 669
ads.pubmatic.com — Cisco Umbrella Rank: 655
image6.pubmatic.com — Cisco Umbrella Rank: 857
12 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 695
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 821
ssum.casalemedia.com — Cisco Umbrella Rank: 1860
9 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 420
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1408
820 B
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 375
81 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
cm.g.doubleclick.net — Cisco Umbrella Rank: 289
159 KB
6 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 81598
206 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3619
r.skimresources.com — Cisco Umbrella Rank: 3245
t.skimresources.com — Cisco Umbrella Rank: 3455
p.skimresources.com — Cisco Umbrella Rank: 5951
20 KB
5 openx.net
propermedia-d.openx.net — Cisco Umbrella Rank: 19301
u.openx.net — Cisco Umbrella Rank: 1045
primis-d.openx.net — Cisco Umbrella Rank: 14157
846 B
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 942
3 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
imasdk.googleapis.com — Cisco Umbrella Rank: 439
333 KB
4 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 5422
l3.aaxads.com — Cisco Umbrella Rank: 7974
174 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 213
3 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 119
177 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 879
eb2.3lift.com — Cisco Umbrella Rank: 590
1 KB
3 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 2155
522 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 326
secure.adnxs.com — Cisco Umbrella Rank: 612
3 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 915
cdn.id5-sync.com — Cisco Umbrella Rank: 2170
13 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 405
2 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3095
onesignal.com — Cisco Umbrella Rank: 840
73 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 447
656 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 680
1 KB
2 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1801
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 837
721 B
2 tremorhub.com
60687.publishers.tremorhub.com — Cisco Umbrella Rank: 7568
646 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 744
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 760
59 KB
2 gstatic.com
fonts.gstatic.com
53 KB
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 663
pixel.rubiconproject.com — Cisco Umbrella Rank: 478
4 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1781
cs.media.net — Cisco Umbrella Rank: 2876
2 KB
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1038
ats.rlcdn.com — Cisco Umbrella Rank: 1878
38 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2525
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 195
83 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1250
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
110 KB
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 6065
532 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1014
2 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2011
339 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
17 KB
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 22203
550 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1334
243 B
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 11518
324 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1941
589 B
1 mediaite.com
am22.mediaite.com — Cisco Umbrella Rank: 312653
138 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 777
482 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2487
17 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1362
250 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2860
897 B
1 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 5717
259 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 881
761 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1160
2 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1338
10 KB
1 terrifictooth.com
terrifictooth.com — Cisco Umbrella Rank: 78651
6 KB
1 geniuslinkcdn.com
geniuslinkcdn.com — Cisco Umbrella Rank: 69366
6 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4617
115 KB
0 mantisadnetwork.com Failed
mantodea.mantisadnetwork.com Failed
265 68
Domain Requested by
32 www.themarysue.com www.themarysue.com
25 live.primis.tech www.themarysue.com
live.primis.tech
16 video.primis.tech live.primis.tech
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
10 btlr.sharethrough.com global.proper.io
live.primis.tech
8 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
7 ssc.33across.com global.proper.io
7 jadserve.postrelease.com s.ntv.io
www.themarysue.com
6 c.amazon-adsystem.com global.proper.io
c.amazon-adsystem.com
live.primis.tech
6 superficialeyes.com www.themarysue.com
superficialeyes.com
5 themarysue.disqus.com www.themarysue.com
themarysue.disqus.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.themarysue.com
4 ads.stickyadstv.com 2 redirects live.primis.tech
4 c2shb.pubgw.yahoo.com live.primis.tech
4 adx.adform.net live.primis.tech
4 spc.themarysue.com themarysue.com
4 sb.scorecardresearch.com 2 redirects www.themarysue.com
4 pagead2.googlesyndication.com www.themarysue.com
pagead2.googlesyndication.com
srcdoc
imasdk.googleapis.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 gum.criteo.com 1 redirects static.criteo.net
3 hbopenbid.pubmatic.com global.proper.io
live.primis.tech
3 tag.1rx.io global.proper.io
live.primis.tech
3 htlb.casalemedia.com global.proper.io
live.primis.tech
3 x.bidswitch.net 2 redirects www.themarysue.com
3 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
3 global.proper.io www.themarysue.com
global.proper.io
3 themarysue.com 2 redirects www.themarysue.com
2 tracking.m6r.eu 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 track.adform.net 2 redirects
2 match.adsrvr.org live.primis.tech
www.themarysue.com
2 mug.criteo.com www.themarysue.com
2 sync.mathtag.com 2 redirects
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 prg.smartadserver.com live.primis.tech
2 primis-d.openx.net live.primis.tech
2 creativecdn.com 2 redirects
2 60687.publishers.tremorhub.com 1 redirects www.themarysue.com
2 secure.adnxs.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 u.openx.net live.primis.tech
2 sync.search.spotxchange.com 2 redirects
2 ads.pubmatic.com live.primis.tech
2 static.criteo.net global.proper.io
static.criteo.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com superficialeyes.com
live.primis.tech
2 l3.aaxads.com www.themarysue.com
2 p.skimresources.com www.themarysue.com
2 t.skimresources.com www.themarysue.com
s.skimresources.com
2 c.aaxads.com www.themarysue.com
2 id5-sync.com global.proper.io
live.primis.tech
2 ups.analytics.yahoo.com 2 redirects
2 usync.proper.io www.themarysue.com
2 script.4dex.io global.proper.io
script.4dex.io
2 abcheck.proper.io www.themarysue.com
2 connect.facebook.net www.themarysue.com
connect.facebook.net
2 unpkg.com 1 redirects www.themarysue.com
2 cdn.onesignal.com www.themarysue.com
cdn.onesignal.com
2 www.googletagmanager.com www.themarysue.com
www.googletagmanager.com
1 dis.criteo.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 js-sec.indexww.com live.primis.tech
1 id.crwdcntrl.net live.primis.tech
1 s0.2mdn.net imasdk.googleapis.com
1 ssum.casalemedia.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 cm.adform.net s.console.adtarget.com.tr
1 cs.media.net 1 redirects
1 pixel.rubiconproject.com www.themarysue.com
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr live.primis.tech
1 eb.proper.io global.proper.io
1 www.aaxdetect.com www.themarysue.com
1 onesignal.com cdn.onesignal.com
1 geo.privacymanager.io ats.rlcdn.com
1 am22.mediaite.com www.themarysue.com
1 static.adsafeprotected.com www.themarysue.com
1 r.skimresources.com s.skimresources.com
1 disqus.com 1 redirects
1 cdn.id5-sync.com www.themarysue.com
1 secure.cdn.fastclick.net www.themarysue.com
1 ats.rlcdn.com www.themarysue.com
1 a.teads.tv global.proper.io
1 propermedia-d.openx.net global.proper.io
1 apex.go.sonobi.com global.proper.io
1 tlx.3lift.com global.proper.io
1 pre.ads.justpremium.com global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 ib.adnxs.com global.proper.io
1 ap.lijit.com global.proper.io
1 prebid.media.net global.proper.io
1 bidder.criteo.com global.proper.io
1 bids.proper.io global.proper.io
1 api.rlcdn.com global.proper.io
1 rules.quantcount.com secure.quantserve.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 secure.quantserve.com global.proper.io
1 terrifictooth.com www.themarysue.com
1 s.skimresources.com www.themarysue.com
1 geniuslinkcdn.com www.themarysue.com
1 s.ntv.io www.themarysue.com
0 mantodea.mantisadnetwork.com Failed global.proper.io
265 104
Subject Issuer Validity Valid
*.themarysue.com
E1		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
geniuslinkcdn.com
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.primis.tech
Amazon		 2021-10-28 -
2022-11-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
superficialeyes.com
R3		 2022-04-02 -
2022-07-01		 3 months crt.sh
terrifictooth.com
R3		 2022-04-03 -
2022-07-02		 3 months crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-15 -
2022-05-16		 3 months crt.sh
spc.bestgamingsettings.com
R3		 2022-04-21 -
2022-07-20		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-03-22 -
2022-06-20		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
tracking.justpremium.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-20		 a year crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.aaxdetect.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-03-29 -
2022-06-27		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2022-04-19 -
2022-06-18		 2 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 21 frames:

Primary Page: https://www.themarysue.com/
Frame ID: B377F8AE99103FFC424E2A8081D36E1C
Requests: 172 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: CD6E6758932E4B91F041CDB029C6D806
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1652081028&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 8A9250A80728BF546DBF082F10AFF128
Requests: 47 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.31774646423408304
Frame ID: 1CB709B8288139BCC4BBE7A3F3E97D2A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.themarysue.com&gdpr=1&gdpr_consent=
Frame ID: 840E8523FDD26D476B246B418B2D4801
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 388DBFFD05F8E9F30C66E82A11980C26
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=94&advUuid=f9994ce1-cf68-11ec-b585-129210fe0206
Frame ID: D2E5DB931F7942D1E9A58C917135E562
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 1B3C8B4FB4A92DE168CE46E16543DB12
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 3A25EFA45458EEDE92FA528945D50CD8
Requests: 4 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 837DE31E072D650F1A6BA2B46B208AD6
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: C87DEAA55CA74CFD803975E844CBDCB6
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LyQYfYO0uUfA0Vb6Lodo&pi=admatic&tc=1
Frame ID: FE3C277AEC882E78DCF34F544741DEE5
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 3A4FE55758AB7EF98FBEB5CAB616FCBA
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 44BF201F731844152B546D0322735723
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 09B1E2E0979E98DDA5ABEE90779D39AE
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 1EEE23EFDFEE812088DA85542C053AE3
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Frame ID: DD73EDCEDCB400BC67614B925A663080
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8463C80E189B627793FC4F6074B16DAD
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 5170A99F4AF61C673FE4042528E8FF3E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: B2A90357E80908F81528228CD0AAD3BD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A752972A2873DC2C68F350AD3F1462A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Mary Sue - The Nexus of Pop Culture and the Uncharted UniverseTwitterTwittermascot-1The Mary Sueuser-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

  1. http://themarysue.com/ HTTP 301
    https://themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

265
Requests

90 %
HTTPS

28 %
IPv6

68
Domains

104
Subdomains

80
IPs

10
Countries

7741 kB
Transfer

13619 kB
Size

70
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://themarysue.com/ HTTP 301
    https://themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://sb.scorecardresearch.com/cs/36750692/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 30
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Request Chain 40
  • https://sb.scorecardresearch.com/b?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1652081028485&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1652081028485&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
Request Chain 59
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Df6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&callback=window.proper_b5d0cc61_93ba3024_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Df6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&callback=window.proper_b5d0cc61_93ba3024_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=f6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3&uid=0b1f376a-7b81-4f41-a36a-6055b756d962
Request Chain 60
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b21b03c7_71c06575_2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b21b03c7_71c06575_2&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-04DLvWJE2uErps7qjY5EjIDIu6a.gKO9~A
Request Chain 100
  • https://disqus.com/forums/themarysue/count.js HTTP 302
  • https://themarysue.disqus.com/count.js
Request Chain 158
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=f9994d3e-cf68-11ec-b585-129210fe0206 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=94&advUuid=f9994ce1-cf68-11ec-b585-129210fe0206
Request Chain 167
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=93&advUuid=2ae9185d-7b7a-4536-b3ad-1f4c7ab9d710
Request Chain 168
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=99&advUuid=YnjBh19sSZlV4kpMFrOXAgAAAS4AAAIB
Request Chain 169
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3455833921465557833701&advId=121&advUuid=3455833921465557833701
Request Chain 171
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D6278c18566be3%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=105&advUuid=7641965637758625676
Request Chain 172
  • https://60687.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://60687.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Request Chain 173
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=6278c18566be3&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D1723987475%2526pcid%253D%3Cvsid%3E%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Request Chain 183
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LyQYfYO0uUfA0Vb6Lodo&pi=admatic&tc=1
Request Chain 206
  • https://ih.adscale.de/uu?cbfn=receive&t=1652081031 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1652081031&nut&uu=afa14595c42b4c549402dbaaf5e015e2
Request Chain 215
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=afa14595c42b4c549402dbaaf5e015e2&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?tpid=101&tpuid=BBID-01-03267950324719862-16598232
Request Chain 217
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=2fc439e0712ea96347c7fe6637bcee181b521d18cb54cfaba83d0bee9ac88076&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YnjBh19sSZlV4kpMFrOXAgAA%26302
Request Chain 221
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=f2711621c56481e1ef5b9bf3eca8918486608f77c201825a48b52e34364d81f4&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=bd4b6278-c18a-4700-a57d-52fda1264514&gdpr=0&gdpr_consent=
Request Chain 225
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themarysue.com%2F&domain=www.themarysue.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=3r410HwxSTdlN2gyUnEwTzhOa2ZVVnJJZllhL25aeUtsazZMbDRUb1BnSG4yYldnR05MZTB0SDZkOCsvbk9heWw1NXEyYjJqSEVMMFNHYVdVUFZsUHo2NlpTOTMwa3dKbkpxOUg0c1NVUXRLSWNJWVBHazFIbHgwd1M2d2ZJZWg4d0F6SEtvbXJ1MmFNR0dwT0pxM2JSK3BPcjlZMGova2VYS0E5TXZBcTJoWWhaTmlvR2Y3d1JlbWFnRUs4cGJjQ0hIeDkwVzFsVTFiR1plUFVhTmRnTmJxM25XVWlrZnBac3owSjlPSExhS204RWgwPXw&cppv=2
Request Chain 232
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=54d64c471eaa7a3794ef72459a1536a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d1%26gdpr_consent%3d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0b85_7095634007077604143&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Request Chain 235
  • https://track.adform.net/serving/cookie/match/?party=9&uid=ed3804a50d6472c6cc1572d79f5a02ee0f622fd6f289f10d930f9246841287ad&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=ed3804a50d6472c6cc1572d79f5a02ee0f622fd6f289f10d930f9246841287ad&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?tpid=42&gdpr=0&tpuid=7303995348562619484
Request Chain 236
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=fd2ca0fee3068122fe43867a3a8a0478088698973376cb4a1d09de8a45727eca&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=0271b404-24e1-4145-b3ec-90f9bf8a8918&gdpr=0
Request Chain 237
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=fc23aa1e5a8bb9ebc36348674641ee26e711d27ba2acd81f6e8df6cb97124dd8&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=ccb66278-c18a-4800-af69-0bf650df577d&gdpr=0&gdpr_consent=
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=4958fbc7cb555abf73484dac84a5be10cf23863fc552d7b40a933a960281858a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm=&google_sc=&uid=4958fbc7cb555abf73484dac84a5be10cf23863fc552d7b40a933a960281858a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg&gdpr=0&google_tc= HTTP 302
  • https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?uid=4958fbc7cb555abf73484dac84a5be10cf23863fc552d7b40a933a960281858a&tpid=38&gdpr=0&tpuid=CAESED28hsqbFiaUE2bjuMUim0Q&google_cver=1
Request Chain 239
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=c4f83d6eee56c03c2966a39b0e8edd80d5512cad62581c8db200695a27997339&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=c4f83d6eee56c03c2966a39b0e8edd80d5512cad62581c8db200695a27997339&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/js?tpid=48&tpuid=e4dded1a02a5789fbdf395f539d33692

265 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.themarysue.com/
Redirect Chain
  • http://themarysue.com/
  • https://themarysue.com/
  • https://www.themarysue.com/
116 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddddf95da39eff0113e52d9ee1629adae2a5f8644043661b6e3959dcdc671f8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
7088b1142df872ba-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 09 May 2022 07:23:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://www.themarysue.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
7088b10dffac72ba-LHR
content-type
text/html; charset=UTF-8
date
Mon, 09 May 2022 07:23:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 09 May 2022 08:23:47 GMT
location
https://www.themarysue.com/
server
cloudflare
vary
Accept-Encoding
x-redirect-by
WordPress
am-asap-500.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500.woff2?2204260822
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Apr 2022 08:22:00 GMT
server
cloudflare
age
2133
etag
"6267aba8-2e68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7088b119cb3172ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11880
am-asap-500i.woff2
www.themarysue.com/wp-content/themes/m2019-tms/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/fonts/am-asap-500i.woff2?2204260822
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Apr 2022 08:22:00 GMT
server
cloudflare
age
4041
etag
"6267aba8-31dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7088b119cb3872ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12764
crit-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/crit-main.min.css?2204260822
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d1107dd863c1ba43c1487b9a3055e9022be594aeb9d9842571b654a6a51424d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Apr 2022 08:22:00 GMT
server
cloudflare
age
1119464
etag
W/"6267aba8-b35a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
7088b119cb3472ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
def-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		290 B
266 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/def-main.min.css?2204260822
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Apr 2022 08:22:00 GMT
server
cloudflare
age
1119463
etag
W/"6267aba8-122"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
7088b119cb3572ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
min.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/min.js?2204260822
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
age
1119463
cf-polished
origSize=13019
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Apr 2022 08:22:00 GMT
server
cloudflare
etag
W/"6267aba8-32db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7088b119cb3b72ba-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
flying-focus.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/flying-focus.js?2204260822
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
age
1119463
cf-polished
origSize=3787
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Apr 2022 08:22:00 GMT
server
cloudflare
etag
W/"6267aba8-ecb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7088b11a8f7d72de-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cca7de749081f0868084e09b6a38da49b164256d750edbb5e873c7faad7a1473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55916
x-xss-protection
0
server
cafe
etag
11517909100258580410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 09 May 2022 07:23:48 GMT
js
www.googletagmanager.com/gtag/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d62e5b787e64fe71fc85ae0a2f3f54c31c81199234792aa584a8952a7b6c31d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41767
x-xss-protection
0
expires
Mon, 09 May 2022 07:23:48 GMT
load.js
s.ntv.io/serve/ 		394 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.144.184 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-144-184.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9b51a836ae7316739f0c4ff04aa3f769b13f1700b512d7d8c36334b30400c863

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:48 GMT
Content-Encoding
gzip
x-amz-request-id
2TRDDEY7ZWMP8G2X
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
hcDeBydzaYZNLA2xyXYpzmJToG52ezoP0XlFNCK8hR2oxUx023GyqIUOUUPTnIvXq8vc8rEyN7E=
Last-Modified
Wed, 04 May 2022 19:11:13 GMT
Server
AmazonS3
ETag
"a793fba08c1bc147128a6f6083fc6499"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
ads-prebid-banner-proper-outbrain.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		25 B
136 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/ads-prebid-banner-proper-outbrain.js?2204260822
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
age
1119463
cf-polished
origSize=27
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Apr 2022 08:22:00 GMT
server
cloudflare
etag
W/"6267aba8-1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7088b119cb3c72ba-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-index.css
www.themarysue.com/wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/gamursteam-dotesports-gutenberg-blocks-179555d1e273/build/style-index.css?ver=1641882089
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
age
4085678
cf-polished
origSize=5733
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 11 Jan 2022 06:21:29 GMT
server
cloudflare
etag
W/"61dd21e9-1665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
7088b119cb3972ba-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
pmpromc.css
www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/ 		182 B
222 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.9.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
age
2887268
cf-polished
origSize=220
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Mar 2021 11:12:11 GMT
server
cloudflare
etag
W/"603f6f0b-dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
7088b119cb3a72ba-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
www.themarysue.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Aug 2021 09:57:57 GMT
server
cloudflare
age
4085678
etag
W/"6107c1a5-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7088b119cb3e72ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
www.themarysue.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4085 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Dec 2020 12:49:55 GMT
server
cloudflare
age
4085678
etag
W/"5fec7773-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7088b119cb3f72ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
snippet.min.js
geniuslinkcdn.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geniuslinkcdn.com/snippet.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
83.136.253.58 , United Kingdom, ASN202053 (UPCLOUD, FI),
Reverse DNS
83-136-253-58.uk-lon1.upcloud.host
Software
nginx /
Resource Hash
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
ratelimit-reset
1652081088
last-modified
Mon, 24 May 2021 12:29:48 GMT
ratelimit-limit
15
content-length
5652
ratelimit-resettime
Mon, 09 May 2022 07:24:48 GMT
server
nginx
ratelimit-observed
0
etag
"60ab9c3c-1614"
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
ratelimit-remaining
15
expires
Tue, 10 May 2022 07:23:48 GMT
Who-is-the-partner-of-Ncuti-Gatwa-the-actor-who-768x432.jpeg
www.themarysue.com/wp-content/uploads/2022/05/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/05/Who-is-the-partner-of-Ncuti-Gatwa-the-actor-who-768x432.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b0a9157ad681abf042372dc212a1de60dfbb910ce751a4a7803cba7121bac3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
cf-cache-status
HIT
age
40865
cf-polished
origSize=37961, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37056
last-modified
Sun, 08 May 2022 13:29:37 GMT
server
cloudflare
etag
"6277c5c1-9449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b11a8f7f72de-LHR
cf-bgj
imgq:100,h2pri
thehandmaidstale-432x243.jpg
www.themarysue.com/wp-content/uploads/2019/08/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2019/08/thehandmaidstale-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a6c45a420102d5aaf3badf3949e984fe9d66d788cedffb6451568ce7bfec96c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
cf-cache-status
HIT
age
128873
cf-polished
origSize=24212, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15331
last-modified
Wed, 14 Aug 2019 18:03:08 GMT
server
cloudflare
etag
"5d544cdc-5e94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b11a8f8172de-LHR
cf-bgj
imgq:100,h2pri
liveView.php
live.primis.tech/live/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c2fd2385572554e2fdad194d4143c52550096f624afc782069a3ecbf7a647437

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:48 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/javascript; charset=utf-8
x-amz-cf-id
USOoJGbXmXLN5Zk30fMm66yNpQVM-r5QUtPiqjVTuXnj38WpeRNJ3Q==
promo-gossip.jpg
www.themarysue.com/wp-content/themes/m2019-tms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/images/promo-gossip.jpg?v=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
cf-cache-status
HIT
age
4085678
cf-polished
origFmt=jpeg, origSize=3659
content-disposition
inline; filename="promo-gossip.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3474
last-modified
Wed, 16 Mar 2022 22:09:22 GMT
server
cloudflare
etag
"62326012-e4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b11a8f8272de-LHR
cf-bgj
imgq:100,h2pri
email-decode.min.js
www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Apr 2022 17:17:34 GMT
server
cloudflare
etag
W/"626c1dae-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7088b11a6f5472de-LHR
vary
Accept-Encoding
expires
Wed, 11 May 2022 07:23:48 GMT
mpp-frontend.js
www.themarysue.com/wp-content/plugins/metronet-profile-picture/js/ 		290 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
age
4085632
cf-polished
origSize=331
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 17 Jun 2019 13:15:40 GMT
server
cloudflare
etag
W/"5d07927c-14b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7088b11a7f6f72de-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
comment_count.js
www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/ 		708 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
age
4085678
cf-polished
origSize=889
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Mar 2019 08:40:52 GMT
server
cloudflare
etag
W/"5c91fc94-379"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7088b11a7f7672de-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
theme-my-login.min.js
www.themarysue.com/wp-content/plugins/theme-my-login/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbaa50905cbfd614dc889e6155550145a3ed92a0085f7cbfcdd5df69145dfdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Jul 2020 12:20:42 GMT
server
cloudflare
age
4085678
etag
W/"5eff229a-6cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7088b11a7f7872de-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9.3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3324
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7088b11b1f7a75de-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 12 May 2022 07:23:48 GMT
114526X1684681.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/114526X1684681.skimlinks.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
516fb604fb9b385996d297bfe61bf9e7bb5172aaae91ff7d8263d4a304c3e7f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 10:46:44 GMT
server
AmazonS3
x-amz-request-id
ZR9EVB70NY7SAKXB
etag
"7c8552ec431b274d5b6aeee1c900bb3f"
x-hw
1652081028.cds211.lo4.hn,1652081028.cds290.lo4.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
18850
x-amz-id-2
yt7D7RINozcREdEOj+L4mEmQ0Q7X2PREkYA+TmMQiqmzhxO7W5UDry5quwXwzKuYD0HFCgbJBrs=
v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
superficialeyes.com/ 		506 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
65860e387da1a66713fa721e8c8b257f3ae474564a68aa9e0969bff57c53a4f7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"07f396b797026969f64450f922fb79159151555df0276a7d0c461480fb3f6408"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-7ghk
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 09 May 2022 07:23:48 GMT
x-buildnumber
520707442
timing-allow-origin
*
v2scndJ-AMeJMokTSkHu5IoG9csmT7Lfvk0EM8dzFKSEFzT2YhAC8u7_JGnlqI6GhAkPEdXTCeVTWn--yRA
terrifictooth.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://terrifictooth.com/v2scndJ-AMeJMokTSkHu5IoG9csmT7Lfvk0EM8dzFKSEFzT2YhAC8u7_JGnlqI6GhAkPEdXTCeVTWn--yRA
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
45faff320479dae433fb95a88117cf9da0342cec93f928330a7648896670d48a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"27abb550f56d91c56a6215be3c86ae9dcd67e25ed16c7180747a2e786eddae9e"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-7ghk
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 09 May 2022 07:23:48 GMT
x-buildnumber
520707442
timing-allow-origin
*
themarysue.min.js
global.proper.io/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/themarysue.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70acaad5a88b0640f98caeb63133bf5e271d710158ac3844bd9935d1c1231640

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 May 2022 21:13:01 GMT
server
cloudflare
age
468579
etag
W/"62719add-2a5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
7088b11b19bc76b9-LHR
expires
Mon, 09 May 2022 07:28:48 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/36750692/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:00:50 GMT
content-encoding
gzip
etag
W/"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
1379
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
ncV8gNtxpvoOGH0B6Ee2jaexbpFFpemnB56YFFvf-OZF5iciZD_p-w==

Redirect headers

location
/internal-cs/default/beacon.js
date
Mon, 09 May 2022 07:23:48 GMT
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
ocpzoCdSc-4dSkqkZSvkTmaxO1Ytb-laTQGkKmjpqUTciRb_a8EVaw==
x-cache
Miss from cloudfront
plow.lite.js
themarysue.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.com/plow.lite.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
age
4085678
cf-polished
origSize=38821
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 13 Jan 2022 02:24:24 GMT
server
cloudflare
etag
W/"61df8d58-97a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7088b11a8f8372de-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
web-vitals.iife.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
9349879
fly-request-id
01FSX6G5RYEAGTK5HMSMATEW7K
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7088b11c8c430666-LHR

Redirect headers

date
Mon, 09 May 2022 07:23:48 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G2KTZTPJTDYX73J42KM6Y0EX-lhr
server
cloudflare
age
259
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7088b11c1bb70666-LHR
access-control-allow-origin
*
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ede980eeb961f57ee8d7920d34ac7a599b2a9ae1c2253872ac162b75731ddb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XD2D7HG9Auv8USZokbHC0Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 09 May 2022 07:38:51 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
hzbb0uhFuN0CL/U8SMGcznkTQoMgIEfU0t4y26wPwlYoKNNSTwyE2JEZ7ISgeN4HGcZen1fn7m/iYW/PyN4v3Q==
x-fb-trip-id
917726464
x-fb-content-md5
4f21aa3604822c4c9cc6c70a0cb7c087
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 09 May 2022 07:23:48 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d33187d22bca406cf72498257313a32a"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/themarysue.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
9c568b90c053eead7e8b550d62178753e4206048853c461bc9f77d26d8e60e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28416
x-xss-protection
0
server
sffe
etag
"1209 / 796 of 1000 / last-modified: 1651874797"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 09 May 2022 07:23:48 GMT
latest.js
global.proper.io/payloads/ 		512 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/themarysue.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c543985155ec9d4a38342a017e372037db393e26e3c16a291f9eee793f6b93a0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 May 2022 18:46:45 GMT
server
cloudflare
age
4
etag
W/"62717895-7ffe8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
7088b11b8a4776b9-LHR
expires
Mon, 09 May 2022 07:28:48 GMT
themarysue.14301.json
global.proper.io/config/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/config/themarysue.14301.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/themarysue.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfc8b08482e3691e3650f7e4d66a0e554f2f1fe983048caf3631f32aad48b78

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 May 2022 21:13:01 GMT
server
cloudflare
age
468632
etag
W/"62719add-43cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
7088b11c195676f9-LHR
expires
Mon, 09 May 2022 07:28:48 GMT
px.gif
abcheck.proper.io/ 		842 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=1&rn=6.871948196741651
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
183ZPX1YGSCRSDJK
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7088b11bca9876b9-LHR
content-length
842
x-amz-id-2
4pYjldoKRhLt1R0LGrB+Bw/1iGlNYCufHqAM1+5v5jSaSXy/hmu00pXOo1G8C0KqScA5z2kW3tE=
expires
Mon, 09 May 2022 11:23:48 GMT
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=2&rn=6.871948196741651
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
183YDJYH1J2S6VWF
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7088b11c1b1776b9-LHR
content-length
842
x-amz-id-2
jhX8+KwJA3wNE5JqgffA1MTxQmMeLW/F9d2fS0tn9Ljircxayn+oJXZKf39/JpTjcWxBl2PWYHI=
expires
Mon, 09 May 2022 11:23:48 GMT
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 May 2022 07:23:48 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
09ab7763fa1e70485b57372182d2e080
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: themarysue.com
URL: https://themarysue.com/plow.lite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
a1cf1bbffed93cf96cbd503312726983
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
js
www.googletagmanager.com/gtag/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07e7ab130606c54cabaf0443d311b46601c7014da3cba159a90ace70bd0f437a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69874
x-xss-protection
0
expires
Mon, 09 May 2022 07:23:48 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1652081028485&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1652081028485&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus...
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1652081028485&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
BmKf-Yhxp0D7BeYZL2zCS__GuwA8RpvE4aLhNzGdv5hStbqSQIBYCg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=36750692&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1652081028485&ns_c=UTF-8&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
date
Mon, 09 May 2022 07:23:48 GMT
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
r1fdKx51Vpb2Fs0iHjqrDFtTYpJtTZAsHYS02QDEW_w86f_NbhnnHA==
x-cache
Miss from cloudfront
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 16 May 2022 07:23:48 GMT
localstore.js
script.4dex.io/ 		483 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2393078
x-amz-request-id
tx6e6f1dacee994dfb86df1-0062543d8e
x-amz-id-2
tx6e6f1dacee994dfb86df1-0062543d8e
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTAFmGE1c%2Fa2VIgHZvxqRC440EBz8SoLSygocHxnPzyXDMbsEUMfYbAoU0JWvUcq4odltrQ7PIhD0GvyYp1FIsXBjdigaIQCvYJTOGQ03KKjHF20zP%2Bw6AhP0hcEQk9uNpIyG9TsVVN6zYqZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1649687875786561
cf-ray
7088b11cfb38742f-LHR
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/ 		304 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=www.themarysue.com&bust=31067401
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd6a637d7dd3b025abe1b78f89b3c4296d2789b4f47dbcf87bc9c43afe382375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111224
x-xss-protection
0
server
cafe
etag
6347821740000135602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 09 May 2022 07:23:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame CD6E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
58915
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 15:01:53 GMT
etag
1428802124239944296
expires
Sun, 22 May 2022 15:01:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all.js
connect.facebook.net/en_US/ 		284 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=219bac6d9339cec0d3eb1e4e193c1e09
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6181012d7679e425e21a6623f3990bb579bb9bf645fdcfa201c1c1dd85519df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
mVYGMnQ1y7i13snqB7HnUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 09 May 2023 06:16:43 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82590
x-fb-rlafr
0
x-fb-debug
KDgQa0O6XfKIIb9o119pSNoSYdQDejGq/166TkKVXKlYbZlIeBERYuBYhnRHkmO+OOhCACaNYEQ1rUo0jzfu4g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e7d117f024ea7609ca1b1c977c1035b4
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 09 May 2022 07:23:48 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"b037e1cf430ebe15fc11ad7a8df27237"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
pubads_impl_2022050401.js
securepubads.g.doubleclick.net/gpt/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067452
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
463f3a36ad85e31f7b490397a006aeb2b9ebcaa9929f50c35fb766e6ee3005a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 06:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127725
x-xss-protection
0
last-modified
Wed, 04 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 May 2023 06:31:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		355 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e70f1fdadde06d2446e18faf5115c44b382d1ddde082a7af3719f961db76ddab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Mon, 09 May 2022 07:23:48 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2392542
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8048b514cf904b1e9ca7f-0062543f6f
x-amz-id-2
tx8048b514cf904b1e9ca7f-0062543f6f
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bhq%2Fv%2BNdERf%2FAelYKzwHn00OxPFcma4JftuSXo9kPHkfskrrKK4DBGg%2FtNrRdmMpNyvEERC9tYYK4hspUsvi99lb8UKq9t6r5DPXbWDhA8RH%2Fa%2BBsv1gGr7mHYjLlgJWe4guqz5Nj4T0Fp16"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1649687874851815
cf-ray
7088b11defcb72c0-LHR
access-control-allow-headers
Authorization
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:14:32 GMT
content-encoding
gzip
age
556
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 22:03:49 GMT
server
AmazonS3
etag
W/"ebff52074a206856b4f1993710373d93"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
KWffI2OdE1how1HYxf4bgUTgJrIkxzgHmXiH58t_edgj_CygvMCuyQ==
acv.json
superficialeyes.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/acv.json
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Tue, 03 May 2022 19:59:28 GMT
x-datacenter
gce-europe-west1
date
Mon, 09 May 2022 07:23:48 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-7ghk
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
520707442
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
accept-ranges
bytes
collect
www.google-analytics.com/g/ 		0
164 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7PGVNEX4L0&gtm=2oe540&_p=314099540&_z=ccd.tbB&cid=1284264339.1652081029&ul=en-us&sr=1600x1200&_s=1&sid=1652081028&sct=1&seg=0&dl=https%3A%2F%2Fwww.themarysue.com%2F&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3879
date
Mon, 09 May 2022 06:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 09 May 2022 08:19:09 GMT
t
jadserve.postrelease.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.themarysue.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.210.200 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-210-200.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
856ac0fc21af484f3c9548199a0078ef70d57b580d186c25db8527394e6dd152

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1422
expires
Mon, 1 Jan 1990 12:00:00 GMT
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ 		2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: themarysue.com
URL: https://themarysue.com/plow.lite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
744e82a38904a8ec3b687a5c3dcbf2e7
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tp2
spc.themarysue.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com/com.snowplowanalytics.snowplow/tp2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 May 2022 07:23:49 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
2001daed46d82582ca23239619dca415
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=314099540&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=743205971&gjid=275188232&cid=1284264339.1652081029&tid=UA-21433528-1&_gid=1035489975.1652081029&_r=1&gtm=2ou540&z=1224474265
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=314099540&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1284264339.1652081029&tid=UA-21433528-1&_gid=1035489975.1652081029&gtm=2ou540&z=794882376
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 21:29:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35673
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
434
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1ADG7GYFSBE2WSMGTK6P
date
Mon, 09 May 2022 07:17:16 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 2395e6175733260a159a0b484ed8febc.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vNrF6hd_wat36_kkKSaB0Rbjybag-eKnwE_1N4oDNSLZ0NUVXooDVw==
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Df6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&callba...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Df6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=f6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3&uid=0b1f376a-7b81-4f41-a36a-6055b756d962
183 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=f6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3&uid=0b1f376a-7b81-4f41-a36a-6055b756d962
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
52.24.77.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-77-206.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4971f90988d3288ecf12d7bd22957409da96e6ed46953e14486983767be1626f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 09 May 2022 07:23:49 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=f6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3&uid=0b1f376a-7b81-4f41-a36a-6055b756d962
Date
Mon, 09 May 2022 07:23:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b21b03c7_71c06575_2
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b21b03c7_71c06575_2&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-04DLvWJE2uErps7qjY5EjIDIu6a.gKO9~A
151 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-04DLvWJE2uErps7qjY5EjIDIu6a.gKO9~A
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
52.24.77.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-77-206.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
dc04242a405180168f69f3511895f4ddb85b590880f65ce73d3300ea5b9e82dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 09 May 2022 07:23:49 GMT
server
nginx/1.18.0
content-length
151
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-04DLvWJE2uErps7qjY5EjIDIu6a.gKO9~A
date
Mon, 09 May 2022 07:23:49 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
445.json
id5-sync.com/g/v2/ 		212 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
4601547c2bdd0f876e2042b8c20e2040c6e4b9cf01374bbaa8c2088bbb81008f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:48 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.57.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-57-60.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 09 May 2022 07:23:49 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
19716
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Mon, 09 May 2022 05:10:43 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2395e6175733260a159a0b484ed8febc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
BUyBuNiXhBGOdwfD34oeSBTzEO_dl0i6VzVc091JyLOvtzcr2lhILQ==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.themarysue.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
2e95bcc1d51302added6bad654c12c789b25780c0d03b1e7e54aac653a66a55b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 04:33:11 GMT
via
1.1 2395e6175733260a159a0b484ed8febc.cloudfront.net (CloudFront)
server
Server
age
10237
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
content-length
1405
x-amz-cf-id
IxosVorAAp7w7pm5_vTNCWDhk3MD6Ybpe9ZqEiPyQ_IHoD1DeFtlUg==
liveView.php
live.primis.tech/live/ Frame 8A92 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1652081028&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9738044857e8dc992a28268ada64e78e8f6095e1ad6c1df1260fcb1bd04563a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/javascript; charset=utf-8
x-amz-cf-id
EVtOH-f2f1s0bF5SpHNg7PoVtbDtl9q-Tfx_ZK-kZHTpr-_XKJVsew==
cdb
bidder.criteo.com/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.20.0&cb=80019431715&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:48 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
hb
ssc.33across.com/api/v1/ 		87 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e249297b9fd3c953b76b6ec838197f731957631d02f51af50b052cda2910f741

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
50d0dce52f491031af70252b907dbfabbbc8cfbcd6dcd85cb36c5d9285d06255

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1d7886e5fe1d82681fc3b48305f9ac2b187cf193e6d5c7622d7aef8f4371169c

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2398d6b7ba3a2bb4629530ae998e22f7314eb802629c1f826c4b669a7833dd05

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
6631a642c185d94d8507330f511f803e05890bba8b1d89bb0151d6055a181b6d

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
354f768ba846887f8611f5467b39e9dcaa0e7e86912cce7810bbedf452adad27

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
08b03eef0da14c1243cc76b16af2c14013630955d69538f5eb1670dcf6dd07bf

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
prebid.media.net/rtb/ 		1 KB
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d41a49cc73c39409aa92484fc91b51c036a2d375b503f8e783b4da5920a0f78d

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ 		115 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.20.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
36b7395dd803f1704b9917058f1e3bdd56f050213c694824a6f87f5b3467eda6

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 09 May 2022 07:23:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.themarysue.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
110
prebid
ib.adnxs.com/ut/v3/ 		817 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
729df9f410ff2d213c922a41cf67e0e6871c30b42385720e27333109a087e046
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 09 May 2022 07:23:49 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.43; 82.199.130.43; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c8973ea0-145b-47cb-b920-daa108bcef59
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=756014&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22079484e4-13e3-484f-9354-43ddf09f49b2%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-2tMKO%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-2tMKO%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22728x90-2-iMYw5%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-iMYw5%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22160x600-1-9h1jA%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-9h1jA%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22160x600-2-FNjtP%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-FNjtP%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22160x600-3-tcgGK%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-3-tcgGK%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x250-1-nX2XR%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-nX2XR%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-qjkuH%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-qjkuH%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-2MpKw%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-2MpKw%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-4-fT642%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-fT642%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-7k9FV%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-7k9FV%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x600-2-G99yy%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-G99yy%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x600-3-Qy2Ik%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-3-Qy2Ik%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x600-4-i7bqG%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-4-i7bqG%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22970x250-1-mj0xG%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-1-mj0xG%22%2C%22siteID%22%3A%22756014%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A970%2C%22h%22%3A250%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
057fa9ca2929d63d04db738da053f9d3fcd862d6906fde189d289bf68c6828ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.43], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5918
x-ak-client-geo
27
expires
Mon, 09 May 2022 07:23:49 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.themarysue.com%2F&pid=vSRC5kSyHmLU7&cb=0&ws=1600x1200&v=7.75.0&t=550&slots=%5B%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A100%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
via
1.1 2395e6175733260a159a0b484ed8febc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-amz-rid
T383QTEPTGY0ZR7ENPNB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
g-N_FoaxC-eS-2Y4E0VFUitrpFzlGbkONH92Q1kt2H2XsZn65E2-LQ==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		959 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=399458&zone_id=2234776&size_id=2%3B15%3B15%3B15%3B15%3B10%3B57&alt_size_ids=55%3B2%3B9%2C10%3B9%2C10%3B9%2C10%3B%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=e0374e60-044e-49db-b730-941c85aa25c0%3B341dfc16-ec26-4f3d-a9e0-6d75fef2a096%3B0003d198-c952-4ec5-92d7-52f146615e18%3Bc2b48108-1fd1-4852-9d03-b9ca0666af32%3Be791fe5a-81f9-4468-8561-363915939d74%3B6bd5448b-ef06-4200-8c60-ab35a6f0f391%3B03bddf13-2a49-46ad-9ca7-c57076be0cd9&p_screen_res=1600x1200&tg_fl.eid=2234776-5%3B2234776-6%3B2234776-2%3B2234776-3%3B2234776-4%3B2234776-1%3B2234776-7&rf=https%3A%2F%2Fwww.themarysue.com%2F&x_source.pchain=proper.io%3A48cb0d23-4635-11ec-91ed-06ef03bc0096&ppuid=f6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=f6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3%5E1&gdpr=1&rp_schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&slots=7&rand=0.6317826373173805
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
51146dea49d250745b8b671153d9f97922b2a8c13fb785746449a1f3369a854f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 May 2022 07:23:49 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
959
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/243908/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/243908/0/mvo?z=1r&hbv=6.20,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1652081029274
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.86.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-86-25.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3cbeb1e5978920a40cadf4ebd8c6b99ac34aeccd49a255273099543cecc1f3e9

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.20.0&referrer=https%3A%2F%2Fwww.themarysue.com%2F&tmax=550&gdpr=true
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.7.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-7-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
trinity.json
apex.go.sonobi.com/ 		438 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228a311db38ba15aa6aa75%22%3A%228a311db38ba15aa6aa75%7C728x90%7C0.1%22%2C%225b0e6e6f2a92abcb5007%22%3A%225b0e6e6f2a92abcb5007%7C728x90%7C0.1%22%2C%22209775575b35341aca88%22%3A%22209775575b35341aca88%7C160x600%7C0.1%22%2C%223b3718792ba43287996a%22%3A%223b3718792ba43287996a%7C160x600%7C0.1%22%2C%22b097a7cb6178d260c258%22%3A%22b097a7cb6178d260c258%7C160x600%7C0.1%22%2C%22c2cb660426b08c6c338d%22%3A%22c2cb660426b08c6c338d%7C300x250%7C0.1%22%2C%22c79143fd09a5a4fe39d1%22%3A%22c79143fd09a5a4fe39d1%7C300x250%7C0.1%22%2C%22c19a3bac825004343486%22%3A%22c19a3bac825004343486%7C300x250%7C0.1%22%2C%2223b93715f74b67043e08%22%3A%2223b93715f74b67043e08%7C300x250%7C0.1%22%2C%22de684bf25025721a84ef%22%3A%22de684bf25025721a84ef%7C300x600%7C0.1%22%2C%22d82478e93591573e21db%22%3A%22d82478e93591573e21db%7C300x600%7C0.1%22%2C%22042ebee48fb31feb22bb%22%3A%22042ebee48fb31feb22bb%7C300x600%7C0.1%22%2C%2234ec77ba30e32187a6a9%22%3A%2234ec77ba30e32187a6a9%7C300x600%7C0.1%22%2C%227a9c2495c89c07b9839a%22%3A%227a9c2495c89c07b9839a%7C970x250%7C0.1%22%7D&ref=https%3A%2F%2Fwww.themarysue.com%2F&s=16271feb-f59b-4f04-9675-7f96b3865f82&pv=48841d69-7f8f-4054-a0a9-68111f12a63a&vp=desktop&lib_name=prebid&lib_v=6.20.0&us=1&ius=1&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3%22%2C%22atype%22%3A1%7D%5D%7D%5D&userid=%7B%22pubcid%22%3A%22f6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3%22%2C%22id5id%22%3A%7B%22uid%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2248cb0d23-4635-11ec-91ed-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D&gdpr=true
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
3826db73fbe6bfb4a1b8b1e8087ba8dcf7973d4b7c07e5e77115b934ad82e23d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 May 2022 07:23:49 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
284
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:49 GMT
access-control-allow-credentials
true
vary
Origin
display
mantodea.mantisadnetwork.com/prebid/ 		0
0
arj
propermedia-d.openx.net/w/1.0/ 		73 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=300x600%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C728x90%2C970x90%7C728x90%2C300x250%7C970x250&auid=551036772%2C551036773%2C551036774%2C551036775%2C551036776%2C551036777%2C551036778&aumfs=100%2C100%2C100%2C100%2C100%2C100%2C100&dddid=e561fd07-011b-44e5-8746-03159ae85fcb%2C5c6e6d5b-8557-4325-9de3-6b4c31c7161f%2C573537bd-3185-4eab-bc9c-a2dfc5d9ee55%2C0400cbd6-c791-4d69-beb1-9ebd4f0f29c8%2C0d579934-ec33-4745-a66c-92d84d5d3ee4%2C860443e0-aab4-48ff-8f58-9747f783516d%2C6747ec02-994d-4c93-9128-c97e9dd74e61&divIds=openx-0311433f-6f97-4f07-a773-69a504dd15be%2Copenx-ec5e00ca-1c42-45f2-a523-3c59bf3fd69c%2Copenx-9e8d9ba6-5981-47ec-8e9a-ed7a5247d965%2Copenx-9c70e477-41fe-4506-abdf-f1cef1559ca3%2Copenx-ff93f94c-9819-4fcd-a887-8004c12e7aa3%2Copenx-41c5dcd1-bd17-43d9-8074-750350ecc252%2Copenx-464ee2ab-4f85-44f6-830b-f12c14f3768a&be=1&bc=hb_pb_3.0.1&nocache=1652081029279&schain=1.0%2C1!proper.io%2C48cb0d23-4635-11ec-91ed-06ef03bc0096%2C1&gdpr=1&x_gdpr_f=1&id5id=0&_pubcid=f6c8dcfc-3b8f-4eb5-a05b-acc9a9e57cb3
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
0e2feaac065f212c61f008b13b6d0522459e97c38d3876017887f3dbeb66362e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 09 May 2022 07:23:49 GMT
ats.js
ats.rlcdn.com/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-92.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
67562
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Sun, 08 May 2022 12:37:48 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
_GE5bYoauckrJS5sJ8yA6tk6i0psXR5teGWLVxRCHGtz2pztjAITcQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 09 May 2022 07:38:49 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:16:15 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
rbx1
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
909184608
count.js
themarysue.disqus.com/
Redirect Chain
  • https://disqus.com/forums/themarysue/count.js
  • https://themarysue.disqus.com/count.js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
5
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 02 May 2022 21:24:36 GMT
Server
nginx
ETag
"62704c14-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW55-C3
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
6AM9EtGksbzM5fkM7lwPamc0GcRIX_k6r1fBV82ZDfQPEw-zjkXl6Q==

Redirect headers

Date
Mon, 09 May 2022 07:23:49 GMT
Server
Varnish
Strict-Transport-Security
max-age=300; includeSubdomains
Location
https://themarysue.disqus.com/count.js
Cache-Control
public, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
count.js
themarysue.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
5
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 02 May 2022 21:24:36 GMT
Server
nginx
ETag
"62704c14-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW55-C3
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
6AM9EtGksbzM5fkM7lwPamc0GcRIX_k6r1fBV82ZDfQPEw-zjkXl6Q==
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3387
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7088b121a9e806fd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 12 May 2022 07:23:49 GMT
aax.js
c.aaxads.com/ 		937 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAXBD4DM4&hst=www.themarysue.com&ver=1.2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f92c0d25094e0daa52af343b0e47602ee822be47391110a199beeb7eb2270380
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 09 May 2022 07:23:49 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Mon, 09 May 2022 07:53:49 GMT
/
r.skimresources.com/api/ 		150 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
d3d51a8a1497c0ac4985a8caf8a13f51b62a0ca2509412c992ee45d358f28af7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame 1CB7 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.31774646423408304
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=0.9191784996677124
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=0.9191784996677124
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
age
23814555
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
tx5uH659tSJlz2romY0BXz568fFzXOEEG2B3pm3L0B79lcQS8Sk5Zw==
doctor-strange-2-multiverse-of-madness-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/05/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/05/doctor-strange-2-multiverse-of-madness-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8936138d86bebaf23910489b6b4c373cabd7a14589edc7fece69840a4acc29

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
307052
cf-polished
origSize=25023, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21887
last-modified
Wed, 04 May 2022 16:18:29 GMT
server
cloudflare
etag
"6272a755-61bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b1219d7672de-LHR
cf-bgj
imgq:100,h2pri
FLg3v6QXoAEl0BK-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/02/FLg3v6QXoAEl0BK-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1d3381ceefe91d05c46c8985bd51dae98808d088e93212d64802f8525b0ca4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
555901
cf-polished
origSize=12369, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12335
last-modified
Mon, 14 Feb 2022 01:13:45 GMT
server
cloudflare
etag
"6209acc9-3051"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b1219d7c72de-LHR
cf-bgj
imgq:100,h2pri
pjimage-2022-05-06T110256.222-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/05/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/05/pjimage-2022-05-06T110256.222-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
607b53ecfe4d32c5de8659eec9204d22fac9d151d48fb6b8fbc6c9e779fa51df

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
214425
cf-polished
origSize=30715, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29777
last-modified
Fri, 06 May 2022 18:03:03 GMT
server
cloudflare
etag
"627562d7-77fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b121ad7e72de-LHR
cf-bgj
imgq:100,h2pri
doctor-stephen-strange-in-the-multiverse-of-madness-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/04/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/doctor-stephen-strange-in-the-multiverse-of-madness-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b698a2b5ec66fb84f316ecbb7aa89c6a440dd84d8a3f0d74a0d0c8503da5e265

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
288406
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7510
last-modified
Mon, 11 Apr 2022 20:37:12 GMT
server
cloudflare
etag
"62549178-1d56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b121ad7f72de-LHR
cf-bgj
imgq:100,h2pri
vampire-diaries-matt-davis.jpg-432x243.webp
www.themarysue.com/wp-content/uploads/2022/05/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/05/vampire-diaries-matt-davis.jpg-432x243.webp
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d396b523e99c1b5183cd448012c20ae6a31c23bc82c892d01e6407f9b57a12b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
last-modified
Fri, 06 May 2022 17:34:40 GMT
server
cloudflare
age
4350
etag
"62755c30-2980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7088b121ad8072de-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10624
Japanese-Breakfast-432x243.jpeg
www.themarysue.com/wp-content/uploads/2022/05/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/05/Japanese-Breakfast-432x243.jpeg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8123647776b78318bac540672281ab42cbb607d4369d90eaf8232d3f3999cfcd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
40853
cf-polished
origSize=31919, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23946
last-modified
Tue, 03 May 2022 19:36:06 GMT
server
cloudflare
etag
"62718426-7caf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b121ad8172de-LHR
cf-bgj
imgq:100,h2pri
the-adam-project-ryan-reynolds-zoe-saldana-432x243.webp
www.themarysue.com/wp-content/uploads/2022/03/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/03/the-adam-project-ryan-reynolds-zoe-saldana-432x243.webp
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53bf43d38f7609aff6e52dfa3d1ece4e55f8458e585fe353c4ff78cc4eadc8be

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
last-modified
Thu, 10 Mar 2022 18:07:01 GMT
server
cloudflare
age
1605
etag
"622a3e45-4516"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7088b121ad8272de-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17686
eternals-angelina-jolie-thena-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/11/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/11/eternals-angelina-jolie-thena-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c7b340a74180ec6988f6552d72444f1247f1c5ab0138fa9045c47189153ebba

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
61966
cf-polished
origSize=15688, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15344
last-modified
Wed, 10 Nov 2021 15:49:11 GMT
server
cloudflare
etag
"618be9f7-3d48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b121ad8372de-LHR
cf-bgj
imgq:100,h2pri
jamie-lee-curtis-beauty-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/10/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/10/jamie-lee-curtis-beauty-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec21a05e6e8c47ab1730a94d620bbd76eaa92849c15dfc7cb3b5c9b057a8753

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
121849
cf-polished
origSize=13416, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13252
last-modified
Tue, 05 Oct 2021 20:18:50 GMT
server
cloudflare
etag
"615cb32a-3468"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b121ad8472de-LHR
cf-bgj
imgq:100,h2pri
george-perez-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/12/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/12/george-perez-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a4fbb602888ac947ab9087fee7bb8a0fd17a01a1031a6e8328355960c43997

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
125638
cf-polished
origSize=23383, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22538
last-modified
Wed, 08 Dec 2021 16:11:22 GMT
server
cloudflare
etag
"61b0d92a-5b57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b121ad8572de-LHR
cf-bgj
imgq:100,h2pri
doctor-strange-spider-man-no-way-home-432x243.jpg
www.themarysue.com/wp-content/uploads/2021/08/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2021/08/doctor-strange-spider-man-no-way-home-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
439aa86a4e7892312867d1ba15cc9e71a8a01c94b0bab0fff4d7d3ef9ebb3923

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
132034
cf-polished
origSize=16374, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13713
last-modified
Tue, 24 Aug 2021 16:07:03 GMT
server
cloudflare
etag
"61251927-3ff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b121ad8672de-LHR
cf-bgj
imgq:100,h2pri
natalie-portman-jane-foster-mighty-thor-love-and-thunder-432x243.jpg
www.themarysue.com/wp-content/uploads/2022/04/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/04/natalie-portman-jane-foster-mighty-thor-love-and-thunder-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd49cdd222664a3ae53a485e192b420aad3cf05a17f89e7e42558b43c9a4c46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
366672
cf-polished
origSize=19148, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16561
last-modified
Mon, 18 Apr 2022 17:36:15 GMT
server
cloudflare
etag
"625da18f-4acc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b121ad8772de-LHR
cf-bgj
imgq:100,h2pri
The-Meaning-of-Wanda-Maximoffs-Outfits-in-the-WandaVision-Teaser-432x243.jpg
www.themarysue.com/wp-content/uploads/2020/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2020/02/The-Meaning-of-Wanda-Maximoffs-Outfits-in-the-WandaVision-Teaser-432x243.jpg
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5409669d8ef0dc2d10976f9fbfb86010c67e57c9b5315f08255cc0fb7378ec63

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
206424
cf-polished
origSize=27387, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19709
last-modified
Mon, 03 Feb 2020 17:04:20 GMT
server
cloudflare
etag
"5e385294-6afb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7088b121ad8972de-LHR
cf-bgj
imgq:100,h2pri
TMS-Newsletter-promo-1.27.20.png
am22.mediaite.com/tms/cnt/uploads/2021/10/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am22.mediaite.com/tms/cnt/uploads/2021/10/TMS-Newsletter-promo-1.27.20.png
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d861557eb9ebf623f534bda4f9524c02b1533bb40b086f9c4873cc7e6265b7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
cf-cache-status
HIT
age
454254
content-length
140591
pragma
public
last-modified
Tue, 26 Oct 2021 22:54:11 GMT
server
cloudflare
etag
"61788713-2252f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7088b1233d92719f-LHR
expires
Wed, 11 May 2022 01:12:55 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4253724&ntv_pl=1024382
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.210.200 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-210-200.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ea760299-8b89-484e-9fd9-8192381d52d8&ntv_fl=CF4se3gYGjAPzQcMJoAeWQqsPt2l_q8KQYbuXRZcjU8BrVkRnd4WR3Zg1hG4epTDHPWk9GTYnTSvrj-R0iOKtC9KBAWrTYwC0Q7MSriftyZRFdDKPzVW8rRELhvR_4PMby_Hn40cTUJP4sWDMSnQEZP0wYeUjspS90vn3AYqaqhF7RVna7qZnK7dv1vWzvbC&ntv_ht=hcF4YgA&ntv_at=303,302&ntv_a=AAAAAAAAAAfqEPA&ord=1652081029402&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.210.200 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-210-200.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=a29bc64a-cfba-40f7-9347-90dfd1937dce&ntv_fl=CF4se3gYGjAPzQcMJoAeWQ4Ag_rEUY9escSf7g_EwDR-qeE_UEJZGEbfUJuEUCThwt62glj-xYvIg6b4Ld5COQ2alyKRxX16TzObMmEObaINAxHMa5TumiN1SL-9uBsOolGaE-vN8z9UQMJ45jcV91gTU5LqrXaaClNDPKyyrZm2CkFopyqvIIW8CtlrP2Wb&ntv_ht=hcF4YgA&ntv_at=303&ntv_a=AAAAAAAAAAhlwQA&ord=1652081029405&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.210.200 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-210-200.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=681d7444-6733-48b6-8358-3855bdf723e0&ntv_fl=CF4se3gYGjAPzQcMJoAeWev-HfnNSWDD1Y73RyypuVbM5ftktOCzFonV40tbdZETw-cR7HnrPeY0B_Onmf6tJ8wj286hPOSYl4xdG9G47_A68963VEIxnNNpfPdU_PECV-4nTltRxD4FjnVihDIn0yUnBN4RbLb06t5u_eeUxvmAkjgNqD5fNsGLqYWh1Ogi&ntv_ht=hcF4YgA&ntv_at=303&ntv_a=AAAAAAAAAAh1wQA&ord=1652081029405&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.210.200 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-210-200.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=0c293ae6-5e8c-41c0-940e-796a2ad5d291&ntv_fl=CF4se3gYGjAPzQcMJoAeWej5eXZ_sJQFyBOSWHNXWkKnscpKJRsOHZwdKOgCpe7wJ_2MzYeE9J6dOls_zMVvWjIUOudlms7vNFXdahvmyPpeIKee0umH87mIvIeMuHMPsgvaKMYHdxG3j9ldStCql8V4VpAnucSHkJrEqMS4zLl0ddrXGKlHBnr9_ey7lp4A&ntv_ht=hcF4YgA&ntv_at=303&ntv_a=AAAAAAAAAAvfkQA&ord=1652081029406&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.210.200 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-210-200.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1024382&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.210.200 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-210-200.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
count-data.js
themarysue.disqus.com/ 		905 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=587839%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D587839&1=588044%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D588044&1=588239%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D588239&1=588641%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D588641&1=588828%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D588828&1=589147%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589147&1=589208%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589208&1=589239%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589239&1=589268%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589268&1=589275%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589275
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f187aadf15d1e2c4492b48429656c40b3ae4eb139b1b0a5eaa1332586f152f2
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:49 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
315
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
905
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		902 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=589276%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589276&1=589306%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589306&1=589323%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589323&1=589331%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589331&1=589351%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589351&1=589352%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589352&1=589373%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589373&1=589375%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589375&1=589387%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589387&1=589397%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589397
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
209821ad1ea321ba3f839f7c812954993e5848c028f0b91c60e3314412748d95
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:49 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
315
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
902
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		628 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=589414%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589414&1=589489%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589489&1=589502%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589502&1=589540%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589540&1=589543%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589543&1=589586%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D589586
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be3d5f80bc50b26188d62dcb665657378588c1ed8ac472579203433b8f4d9102
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:49 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
315
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
628
X-XSS-Protection
1; mode=block
/
geo.privacymanager.io/ 		28 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-76.fra56.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 05:04:04 GMT
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront), 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
age
8385
x-amzn-requestid
502dc60c-0ca5-4652-8e06-0ce758932d26
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6278a0c4-123685b717ab3ff8709b78a3;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1, FRA56-C1
x-amz-apigw-id
R14OvFB-joEFngw=
content-length
28
x-amz-cf-id
XvqqacP-LohVdq5wzeKMVhlk-RayN82tk7Jzbtz5cXsbYqALMBO_lA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
web
onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7601dc37799101cb59fd4286c2ccf863e9a0e5599d2e39e6bfb977729bd88c8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
2074
cf-polished
origSize=3421
status
200 OK
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
500bc3b6-cb70-4e16-abe0-df9a65ade557
x-runtime
0.020876
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"32cee6238f6568367e95e4b8542e31f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7088b1234b7e75de-LHR
access-control-allow-headers
SDK-Version
expires
Mon, 09 May 2022 08:23:49 GMT
page
t.skimresources.com/api/v2/ 		22 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:49 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 8A92 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1652081028&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
SFO53-C1
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-id
PtFJz27KNyyuqDO2LWeXHqkUJ3HNqYus15ThgWx_tQRLHqQcu0R6VQ==
expires
Tue, 09 May 2023 07:23:49 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 8A92 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1652081028&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
SFO53-C1
etag
W/"6024fccc-228f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-id
I8majY6PS_GLWMiHXMY36gURLFewfsQRLdS4XLVWX8kXpvJxHjxXjg==
expires
Tue, 09 May 2023 07:23:49 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 8A92 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1652081028&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
SFO53-C1
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-id
dwAASUePVMJ8l02uW3GnI2yMIktky0BGmto5Q6w3JrLYsCHmviLEvw==
expires
Tue, 09 May 2023 07:23:49 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 8A92 		258 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1652081028&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
SFO53-C1
etag
W/"623b1724-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-id
9Wt7AsB0uKheGl-NniuWd-5mjZmRR-UD-Jr46uOVfuUH5pnu_VnO0g==
expires
Tue, 09 May 2023 07:23:49 GMT
prebidVid.6.18.0_1.min.js
live.primis.tech/content/prebid/ Frame 8A92 		468 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1652081028&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
12eb2bc0ae6531a7e14a1db935b87ab3cb19af9fc097ada63afb42d0c12a9cb2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 12:16:36 GMT
server
nginx
x-amz-cf-pop
SFO53-C1
etag
W/"625ea824-75130"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-id
Pcm7Pk6N00LJDHBCGtaIsbpQ7lY7FCpEWXKv7dLO0Mb-UUeH1IYzsg==
expires
Tue, 09 May 2023 07:23:49 GMT
liveVideo.php
live.primis.tech/live/ Frame 8A92 		518 KB
519 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1652081028&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d09f5218e36211e885a46e71fbb22e837045f014f01a37856d04d08719d805dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SFO53-C1
x-amz-cf-id
VfpSZKU3K_o6LGOaqqQKPoVHZ0qMIlF9Gx6LLexvaGr1UYSNAdzs3g==
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
v2iaoECv2rMA-izSkQyqoXQhyGU0oeTzdr6SGeH2OoF8nwUjOeY6_tCttCwht15hN-5_c5wDp
superficialeyes.com/ 		209 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2iaoECv2rMA-izSkQyqoXQhyGU0oeTzdr6SGeH2OoF8nwUjOeY6_tCttCwht15hN-5_c5wDp
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b760e50c6e98edf85a10979af93355e821d3e09826430a1363c881cec0bcec99
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 09 May 2022 07:23:49 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-7ghk
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
520707442
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Mon, 09 May 2022 07:23:48 GMT
v2vgnAfKCY7FtO9j74y7aqF_8yAb6Y9Opn_kRSzC9q7BF7huf97PbDIgOUIbeTD9WU7N46rnF
superficialeyes.com/ 		402 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2vgnAfKCY7FtO9j74y7aqF_8yAb6Y9Opn_kRSzC9q7BF7huf97PbDIgOUIbeTD9WU7N46rnF
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
3f9ffe66762b6198aa1a830a416d80f6fc9961def1145c91dd3ceecabf7ee995
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 09 May 2022 07:23:49 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-7ghk
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
x-buildnumber
520707442
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
402
pxusr.gif
c.aaxads.com/ 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:49 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=482179
accept-ranges
bytes
content-length
43
expires
Sat, 14 May 2022 21:20:08 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.90.179.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-179-41.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:50 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=1027791
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 21 May 2022 04:53:41 GMT
ConsentManager
superficialeyes.com/v2eraqJiTfIE4fpZXE3uJVF3NP4SMXr3PrJumkH3XnL9cv-WNQUaWbLgWR3DC66dnjtbCvKY/ 		243 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2eraqJiTfIE4fpZXE3uJVF3NP4SMXr3PrJumkH3XnL9cv-WNQUaWbLgWR3DC66dnjtbCvKY/ConsentManager
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ba9dfb9279f25eacc3eab71b4261a5bd036145eaf9b9ce6c197607111f675c2b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"dd89a5828c06c5c33249ae5be0b34cbb9d2a2d8ba9cb675c2359736e06c78d3d"
vary
Accept-Encoding, Accept-Language, Origin
x-hostname
fen-hoothoot-europe-west1-spot-7ghk
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
520707442
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Mon, 09 May 2022 07:23:50 GMT
s2s
eb.proper.io/ 		267 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9319494d1a29700c2fbd8768baa8c9b9038b30ff3c91218029153dfbb273181d

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:174
cf-ray
7088b125df5f76b9-LHR
expires
-1
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAXBD4DM4&fw=LONDON&ff=GB&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=themarysue.com&vhuyqdph=ssp-serving-55f9d57564-ft47s&vyu=050516_368_050516_333_ssp&vf=EN&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001652081029883013888066562544&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=-1&dgeg=0&qsd=0&jgsu=1&fvvwu=&wfi_fps=9&wfi_vwdwxv=loaded&wfi_sus=0000--0--0&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=1---&xifd=0&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=0&gdeg=2&ghqg=263&fhqg=33&hqg=51&gvwduw=33&fvwduw=33&vwduw=33&uhtxuo=https%3A%2F%2Fwww.themarysue.com%2F&nzui=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:50 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 09 May 2022 07:23:50 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2eraqJiTfIE4fpZXE3uJVF3NP4SMXr3PrJumkH3XnL9cv-WNQUaWbLgWR3DC66dnjtbCvKY/ConsentManager
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d415c1f468838c2e44920adeae714edaa41b30c3c3e9f76b031310aa8d8be3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 09 May 2022 06:08:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 09 May 2022 07:23:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 May 2022 07:23:50 GMT
v2iaoECv2rMA-izSkQyqoXQhyGU0oeTzdr6SGeH2OoF8nwUjOeY6_tCttCwht15hN-5_c5wDp
superficialeyes.com/ 		196 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2iaoECv2rMA-izSkQyqoXQhyGU0oeTzdr6SGeH2OoF8nwUjOeY6_tCttCwht15hN-5_c5wDp
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2cvbeDyaj-ZOjNy3N3VYW2BuN3u6H2zPh1h4olWiVW64mdLD_suoHaHgqX2I2mcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
73c4a685ecbdfc4b0a0eab7ce9d2c53107456aef8aaf21c42466437fa03b7f06
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 09 May 2022 07:23:50 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-7ghk
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
520707442
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
196
expires
Mon, 09 May 2022 07:23:49 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 17:07:46 GMT
x-content-type-options
nosniff
age
483364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37716
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 17:07:46 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 May 2022 07:23:50 GMT
syncframe
gum.criteo.com/ Frame 840E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.themarysue.com&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
972
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 09 May 2022 07:23:50 GMT
server-processing-duration-in-ticks
403
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 May 2022 07:23:51 GMT
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:50 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
x-amz-cf-pop
SFO53-C1
etag
"620367f6-465a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
18010
x-amz-cf-id
C98Xxcvvb6RhtgjpvaBOjbWzRXZgb7SQw2gKALBLjxejf3Kw2qY6Kg==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8A92 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
436
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1ADG7GYFSBE2WSMGTK6P
date
Mon, 09 May 2022 07:17:16 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 2395e6175733260a159a0b484ed8febc.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mpBaWU3cc0Lj13O2I989HOAz8MEQQvFI8APgZ1EnMm0Kv5UA_djwsA==
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 09 May 2022 06:40:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 09 May 2022 07:23:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 May 2022 07:23:51 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 388D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101728
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 09 May 2022 07:23:51 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 10 May 2022 11:39:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame D2E5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=94&advUuid=f9994ce1-cf68-11ec-b585-129210fe0206
0
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=94&advUuid=f9994ce1-cf68-11ec-b585-129210fe0206
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
0
cache-control
no-store
content-type
text/html; charset=utf-8
date
Mon, 09 May 2022 07:23:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
x-amz-cf-id
KZKL7vJYbc8-5SZ3tu51crSNLBrYODXCfcZhozSBa3HvGe3iKI-j-w==
x-amz-cf-pop
SFO53-C1
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 09 May 2022 07:23:51 GMT
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=94&advUuid=f9994ce1-cf68-11ec-b585-129210fe0206
Server
nginx
X-fe
87
cm
u.openx.net/w/1.0/ Frame 1B3C 		43 B
131 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Mon, 09 May 2022 07:23:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
s.console.adtarget.com.tr/ Frame 3A25 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:464:0:92e2:baff:fed9:e201 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1d26c395006fe4f53b2fff048aa5a8fc376c2f362386deb30aa903cddade4d8d

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.themarysue.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
835
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 May 2022 07:23:50 GMT
Server
Adtelligent
X-Robots-Tag
noindex
liveView.php
live.primis.tech/live/ Frame 8A92 		105 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MwU3Y2FuYwFwZTJxMDM4NTEkNwMmLz1jNCZ2nWRsY29hqGVhqF9cZD0lMTY5NmA4JaZcZF9wo250ZW50X2Ryp2M9VG9gK0qipz1cY2FhK2FhZCgLZXZcovgFqHRyovg0YWkeK1VhYzVupzFvoGUeV2VcZ2u0K29zK01up3NcqzUeVGFfZW50JaZcZF9wo250ZW50X3RcqGkyPVRioSgHo3JgnWNuovguozQeS2V2nW4eRXR0ZW4eqGFfnlgVozJyYXJuYzkyK1qynWqbqCgiZvgNYXNmnXZyK1RuoGVhqCZ2nWRsY29hqGVhqF9xqXJuqGyiow0lOTQzZGVvqWqJozZipz1uqGyiow0zrD0lNwAzrT0kNDYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmUlRDMjMmx1RwMkMmA3RDqCNmMmMTM3MmEmNwM3MmpmNTM1N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RTUlNxY1QTU3MmE2ODYmNxU2QmqBNwQ1NmU1NmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM5MmA3RDqCNTxmMmM5MmA3RDqCNwYmMTqEN0I0QmMkMmMmMTMjMmE3REZFRxUznXNBpHA9MCZaZW9MYXRcPTQ5LwQ0MDQzZ2ViTG9hZm0kMS44NTtlJaVmZXJJpEFxZHI9MzEjMSUmQTRuMCUmQTJwJTNBJTNBMTAzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMS4jLwQ5NTEhNDEeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPXBlnW1cp1BfYXyypvZwp3V1nWQ9NwI3OGMkODU2NzJyMlZwYaVmqGVlPTE2NTIjODEjMmEjNDtzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
64cfe94ef0d05d138c265702612a9c413066826dca7b59d41d06a3e1d95204de

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
SFO53-C1
content-type
application/json; charset=utf-8
content-length
10006
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
x-amz-cf-id
c5Gpf51m_IpPw2dl_rSTmtw3FPuE_cNgpx718jGC4MucbQR5ZP-L2Q==
liveView.php
live.primis.tech/live/ Frame 8A92 		105 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MwU3Y2FuYwFwZTJxMDM4NTEkNwMmLz1jNCZ2nWRsY29hqGVhqF9cZD0lMTY5NmA4JaZcZF9wo250ZW50X2Ryp2M9VG9gK0qipz1cY2FhK2FhZCgLZXZcovgFqHRyovg0YWkeK1VhYzVupzFvoGUeV2VcZ2u0K29zK01up3NcqzUeVGFfZW50JaZcZF9wo250ZW50X3RcqGkyPVRioSgHo3JgnWNuovguozQeS2V2nW4eRXR0ZW4eqGFfnlgVozJyYXJuYzkyK1qynWqbqCgiZvgNYXNmnXZyK1RuoGVhqCZ2nWRsY29hqGVhqF9xqXJuqGyiow0lOTQzZGVvqWqJozZipz1uqGyiow0zrD00MDAzrT0lMwUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmUlRDMjMmx1RwMkMmA3RDqCNmMmMTM3MmEmNwM3MmpmNTM1N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RTUlNxY1QTU3MmE2ODYmNxU2QmqBNwQ1NmU1NmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM5MmA3RDqCNTxmMmM5MmA3RDqCNwYmMTqEN0I0QmMkMmMmMTMjMmE3REZFRxUznXNBpHA9MCZaZW9MYXRcPTQ5LwQ0MDQzZ2ViTG9hZm0kMS44NTtlJaVmZXJJpEFxZHI9MzEjMSUmQTRuMCUmQTJwJTNBJTNBMTAzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMS4jLwQ5NTEhNDEeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPXBlnW1cp1BfYXyypvZwp3V1nWQ9NwI3OGMkODU2NzJyMlZwYaVmqGVlPTE2NTIjODEjMmEjNDtzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c4465fb196d3f4453c794333627f3f64dbf194943603908f289c37c08f5b98f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
SFO53-C1
content-type
application/json; charset=utf-8
content-length
10013
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
x-amz-cf-id
Wh-J6QzKPYyH3hAjg3p0nniYLC7l2dU1mNKFfDF26s9uTZanRlOIKw==
liveView.php
live.primis.tech/live/ Frame 8A92 		48 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTU2OSUlRaZcZGViXmYkOTI2NwJwY2Q1ZzI4Mmx3NDMlMTEyMxZ2nWQ2MwU3Y2FuYwFwZTJxMDM4NTEkNwMmLz1jNCZ2nWRsY29hqGVhqF9cZD0lMTY5NmA4JaZcZF9wo250ZW50X2Ryp2M9VG9gK0qipz1cY2FhK2FhZCgLZXZcovgFqHRyovg0YWkeK1VhYzVupzFvoGUeV2VcZ2u0K29zK01up3NcqzUeVGFfZW50JaZcZF9wo250ZW50X3RcqGkyPVRioSgHo3JgnWNuovguozQeS2V2nW4eRXR0ZW4eqGFfnlgVozJyYXJuYzkyK1qynWqbqCgiZvgNYXNmnXZyK1RuoGVhqCZ2nWRsY29hqGVhqF9xqXJuqGyiow0lOTQzZGVvqWqJozZipz1uqGyiow0zrD0lNwAzrT0kNDYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmUlRDMjMmx1RwMkMmA3RDqCNmMmMTM3MmEmNwM3MmpmNTM1N0Q3QwQmMmUmNmqEN0I1MmY0MmM2NDMmNEM2RTUlNxY1QTU3MmE2ODYmNxU2QmqBNwQ1NmU1NmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM5MmA3RDqCNTxmMmM5MmA3RDqCNwYmMTqEN0I0QmMkMmMmMTMjMmE3REZFRxUznXNBpHA9MCZaZW9MYXRcPTQ5LwQ0MDQzZ2ViTG9hZm0kMS44NTtlJaVmZXJJpEFxZHI9MzEjMSUmQTRuMCUmQTJwJTNBJTNBMTAzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMS4jLwQ5NTEhNDEeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPXBlnW1cp1BfYXyypvZwp3V1nWQ9NwI3OGMkODU2NzJyMlZwYaVmqGVlPTE2NTIjODEjMmEjNTEzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
23d2f398f069ce57747f5be7cb0ce51602c8ffefe6cf651438ac7753f3f7656c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:50 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
SFO53-C1
content-type
application/json; charset=utf-8
content-length
6056
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
x-amz-cf-id
glzN_VrvuwITmKvnFJmf_mEXd7GAudKCB-cnFpSRB9qWTXmBITpKGQ==
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
f9409a6da72fadffd9c2e43b8a9099f1c33e2c3a21c48a07e1d3be04a53f0588

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 4f6b42c00be2b57f5f03a09501620500.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
content-length
1730
last-modified
Thu, 14 Apr 2022 07:36:52 GMT
server
Tengine
etag
"dd948a3170c27896fc42788419264980"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
30PO-YmMAoY1RzIu-IsdcDcfgB-1KFFRggaqruCwjrOfpFdyHDP-Sg==
expires
Mon, 23 May 2022 07:23:51 GMT
liveView.php
live.primis.tech/live/ 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY1MwA4MTAmMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEjMwx1JaN0YT0jJat9MwYjJax9MTQ2JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM1MxQmMDM5NUYmMTMjN0Q3QwpmMmEmNmMkMmYmNmM3MmUmNTqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmMmOTMjN0Q3QwY2MmE3RDqCNEMmMTMmMmEmMDMkN0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTJuMDEyM0E0YTAyM0ElYlUmQSUmQTEjJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMS4jLwQ5NTEhNDEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNmuwMTt1NwZvZTMzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MwA4MTAmMTA0MvZ1nWQ9U2VenW5xo1NQoGF5ZXI2Mwp4YmE4NwBzMDyzJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:50 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=UTF-8
x-amz-cf-id
fVduhIVY2oMTbxI1I_vIQoKc8Hh0gVsEIEeiQQQ3assECbdatAF57w==
sync
x.bidswitch.net/ Frame 8A92 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.166.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-166-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 8A92
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=93&advUuid=2ae9185d-7b7a-4536-b3ad-1f4c7ab9d710
0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=93&advUuid=2ae9185d-7b7a-4536-b3ad-1f4c7ab9d710
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:50 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=utf-8
x-amz-cf-id
9UBmy90ipw-SmZMmv-v1l60wx_JEKvaDpe1wTsdponNFiPI0p1eLLg==

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=93&advUuid=2ae9185d-7b7a-4536-b3ad-1f4c7ab9d710
date
Mon, 09 May 2022 07:23:51 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 8A92
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=99&advUuid=YnjBh19sSZlV4kpMFrOXAgAAAS4AAAIB
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=99&advUuid=YnjBh19sSZlV4kpMFrOXAgAAAS4AAAIB
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=utf-8
x-amz-cf-id
_6MRbfDmrC2FqOhgU3IGVK-5iiYZTJlPINiwApb1sFTtVAVDts6rXQ==

Redirect headers

Pragma
no-cache
Date
Mon, 09 May 2022 07:23:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=99&advUuid=YnjBh19sSZlV4kpMFrOXAgAAAS4AAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 09 May 2022 07:23:51 GMT
liveCS.php
live.primis.tech/live/ Frame 8A92
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3455833921465...
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3455833921465557833701&advId=121&advUuid=3455833921465557833701
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=utf-8
x-amz-cf-id
nhjd9d6YAYzSpUgot79KqYwV1p0EMgG0zXKympWIXm1SVgi-3Q1GKA==

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3455833921465557833701&advId=121&advUuid=3455833921465557833701
date
Mon, 09 May 2022 07:23:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.php
pixel.rubiconproject.com/exchange/ Frame 8A92 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 8A92
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D6278c18566be3%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=105&advUuid=7641965637758625676
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=105&advUuid=7641965637758625676
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=utf-8
x-amz-cf-id
46iuwRIMWuqd9QkAvF1jAdGv4NCqHI2tbYUYxKMd4Q-mKNvj9Zrqqg==

Redirect headers

Pragma
no-cache
Date
Mon, 09 May 2022 07:23:51 GMT
X-Proxy-Origin
82.199.130.43; 82.199.130.43; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b6921b9d-fcb8-4a12-af3c-ee2666a8af67
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=&advId=105&advUuid=7641965637758625676
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
verify
60687.publishers.tremorhub.com/pubsync/ Frame 8A92
Redirect Chain
  • https://60687.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%...
  • https://60687.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3Dhttps%253A%252F%252Fsync.intent...
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://60687.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:1f18:612b:4200:ada2:2974:cd33:9395 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
date
Mon, 09 May 2022 07:23:51 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
liveCS.php
live.primis.tech/live/ Frame 8A92
Redirect Chain
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=6278c18566be3&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3Dhttps%253A%252F%252...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%...
0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=utf-8
x-amz-cf-id
gqPt9h55_bw9YtYODSIe_TMywt1xFOEgMLt7h8d0N6Ydgp7hs1vTsQ==

Redirect headers

Pragma
no-cache
Date
Mon, 09 May 2022 07:23:51 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6278c18566be3&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 09 May 2022 07:23:51 GMT
vid6257caab1ce2d038511633.jpg
video.primis.tech/uploads/cn1/video/users/converted/29569/video_6192662ccd5fb839743211/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.jpg?cbuster=1649921539
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
80f314f2be12995ec9badad6d0ae7a48cd3a72bd87b72e4216cc26cdeb05cfb6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Thu, 14 Apr 2022 07:34:27 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"b2469ec08e4863c2661f6f5e9747e86e"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 07:23:51 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
16108
x-amz-cf-id
DLDRk2wf96DlixMAUsAiukj4TkvpRKk6EFR-GvLNp1oargigwPYlbg==
x-proxy-cache
HIT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8A92 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
19718
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Mon, 09 May 2022 05:10:43 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2395e6175733260a159a0b484ed8febc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
HPSns6gvsRT_mTCCuxOwNKwh5-JpyHwPYBc9ynV8UW8iV3ewvTTcgA==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 01:46:21 GMT
x-content-type-options
nosniff
age
279450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 01:46:21 GMT
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		369 KB
370 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
640d3602939994cd1c59d0bfa30ecd8f1ab2b141bfdb11e02b4fa94a112b89d4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
377692
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"98839c2ed1e4d4ea3dd40a3c53ab0045"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
3l9Z7rdPiYmt20Cv3iKbqFPEM_LR3WBf7ZjCIti6wgAMYceRLFhnKQ==
expires
Mon, 23 May 2022 07:23:51 GMT
21379e9e-b539-46b0-a289-5bb95ee30246
https://www.themarysue.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.themarysue.com/21379e9e-b539-46b0-a289-5bb95ee30246
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
vid6257caab1ce2d038511633.jpg
video.primis.tech/uploads/cn1/video/users/converted/29569/video_6192662ccd5fb839743211/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.jpg?cbuster=1649921539
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
80f314f2be12995ec9badad6d0ae7a48cd3a72bd87b72e4216cc26cdeb05cfb6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Thu, 14 Apr 2022 07:34:27 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"b2469ec08e4863c2661f6f5e9747e86e"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 23 May 2022 07:23:51 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
16108
x-amz-cf-id
DLDRk2wf96DlixMAUsAiukj4TkvpRKk6EFR-GvLNp1oargigwPYlbg==
x-proxy-cache
HIT
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		334 KB
335 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
876e13e576923df52c6d877e76ff318edc4be2369cb9052646b7327557394464

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 d78b645a0212e56f1a04609bf83554e4.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
content-length
342160
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"d1b6ac9ab56a4baf66a8f8fd1d9dc558"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
NqM4A2bHt2mhyLNwVaCLN1BpYYfZSzEVx9iy_7o0N78q3WqRT1nFcA==
expires
Mon, 23 May 2022 07:23:51 GMT
csync
sync.console.adtarget.com.tr/ Frame 837D 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 09 May 2022 07:23:52 GMT
Etag
0b1807b2260183b4
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame C87D 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 09 May 2022 07:23:52 GMT
Etag
0b1807b2260183b4
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame FE3C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LyQYfYO0uUfA0Vb6Lodo&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LyQYfYO0uUfA0Vb6Lodo&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 09 May 2022 07:23:52 GMT
Etag
0b1807b2260183b4
Server
VertaMedia 1.0

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 09 May 2022 07:23:51 GMT Mon, 09 May 2022 07:23:51 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LyQYfYO0uUfA0Vb6Lodo&pi=admatic&tc=1
pragma
no-cache
pbsync.html
js.adscale.de/ Frame 3A4F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2a00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
613
cache-control
max-age=7200
content-encoding
br
content-type
text/html
date
Mon, 09 May 2022 07:13:39 GMT
etag
W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified
Fri, 06 May 2022 09:13:36 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
x-amz-cf-id
3hLFCpRjyREYcqr7VVlc8Ut4vP4NrffSmVlGFVVxI2A_OS2QQPbp8Q==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
4I7jup18L86xm.w2ijurOzxUareIQMNC
x-cache
Hit from cloudfront
cookie
cm.adform.net/ Frame 44BF 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 09 May 2022 07:23:51 GMT
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 09B1 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 09 May 2022 07:23:52 GMT
Etag
0b1807b2260183b4
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame 3A25 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:52 GMT
Server
VertaMedia 1.0
Etag
0b1807b2260183b4
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 3A25 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:52 GMT
Server
VertaMedia 1.0
Etag
0b1807b2260183b4
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 3A25 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:52 GMT
Server
VertaMedia 1.0
Etag
0b1807b2260183b4
Content-Length
43
Content-Type
image/gif
w_480_00002.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		383 KB
384 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a0a4d417eee5d11dbdeb66ad029a0f4ca0d1910db235c29c5ea684822532fb70

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
392544
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"65a84f25fc293ed7c8a5b54fe0b126f5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
JB3PtrF2cwuz1rPEnoIA6nubpG9oUfTQAsi8Q1fDaikTQXfszrHbtw==
expires
Mon, 23 May 2022 07:23:51 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 388D 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6333540&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6278c18566be3%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
content-length
0
w_480_00003.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		363 KB
364 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
004c9bc8693626f44a16223ac6f811ea475dfab016ffb7fdc8ab294895773cfa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
371488
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"9d89a1530ba89bb604c0f523921ed40a"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
d8r6O7aNB5wQctTH_Y5Zp_paYnBuw6MQACvnhLNMbcJHuvlw6nSNUw==
expires
Mon, 23 May 2022 07:23:51 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 09 May 2022 07:23:52 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 09 May 2022 07:23:52 GMT
server
ATS/9.1.0.46
avjp
primis-d.openx.net/v/1.0/ Frame 8A92 		106 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=59043997-810a-4835-b96b-1bbd4aa30336&nocache=1652081031745&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C29569%2C1%2C%2C%2C&auid=540289187&vwd=260&vht=146&aucs=adUnit_7&aumfs=2400
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 google
server
OXGW/18.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 8A92 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
openrtb
adx.adform.net/adx/ Frame 8A92 		0
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:52 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
liveInternalSsp.php
live.primis.tech/live/ Frame 8A92 		25 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0ElNwAyMxMyMwJbZWyanHQyMwIyM0EkNDYyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlMzEjMSUmQTRuMCUmQTJwJTNBJTNBMTAyMwIyMxMyMwJaZW9JZCUlMvUmQTU3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlREUyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGMTAkLwAhNDx1MS40MSUlMFNuZzFlnSUlRwUmNl4mNvUlMvUlQlUlMzkuqCUlMvUmQSUlMwQ5LwQ0MDQyMwIyMxMyMwJfo24yMwIyM0EyMwIkMS44NTtlJTIlJTJDJTIlYXBjTzFgZSUlMvUmQSUlMvUlMvUlQlUlMzFjpEyxJTIlJTNBJTIlJTIlJTJDJTIlnXNBpHAyMwIyM0EjJTJDJTIlYXBjQaVhZGkySWQyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvUlMvUlQlUlMzFjpFN0o3JyVXJfJTIlJTNBJTIlJTIlJTJDJTIlYXBjUHJcqzFwrVBioGywrSUlMvUmQSUlMvUlMvUlQlUlMzFjpEymUGFcZCUlMvUmQSUlMvUlMvUlQlUlMzFjpERyqzVfo3BypvUlMvUmQSUlMvUlMvUlQlUlMzyzYSUlMvUmQSUlMvUlMvUlQlUlMzyzqvUlMvUmQSUlMvUlMvUlQlUlMzF0qHMyMwIyM0EyMwIyMwIyMxMyMwJupHBWZXJmnW9hJTIlJTNBJTIlJTIlJTJDJTIlpzVzZXJlZXIyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvUlMvUlQlUlMaBuZ2UyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvUlMvUlQlUlMzqxpHIyMwIyM0EkJTJDJTIlZ2RjpxNioaNyoaQyMwIyM0EyMwIyMwIyMxMyMwJcp1qyUGFmp0qxpHIyMwIyM0EyMwIjJTIlJTJDJTIlY2NjYSUlMvUmQTAyMxMyMwJwY3BuQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzRioWFcovUlMvUmQSUlMaq3ql50nGVgYXJ5p3VyLzNioSUlMvUlQlUlMaqyYaNcqGUyMwIyM0EyMwJ3q3php2VenW5xol5wo20yMwIyMxMyMwJmZWN1pzUyMwIyM0EkJTJDJTIlZ2ViU291pzNyJTIlJTNBJTIlSVAyMwIyMxMyMwJwo3BjYSUlMvUmQTAyMxMyMwJ1qWyxJTIlJTNBJTIlNwI3OGMkODU2NzJyMlUlMvUlQlUlMzJfo2NeQaJuozRmJTIlJTNBJTVCJTVEJTJDJTIlZXu0VXNypxyxplUlMvUmQSU1QvU3QvUlMaNiqXJwZSUlMvUmQSUlMzyxNS1mrW5wLzNioSUlMvUlQlUlMaVcZHMyMwIyM0EyNUIyN0IyMwJcZCUlMvUmQSUlMwAyMwIyMxMyMwJuqHyjZSUlMvUmQTEyMxMyMwJyrHQyMwIyM0EyN0IyMwJfnW5eVHyjZSUlMvUmQTAyN0QyN0QyNUQyN0QyNUQyMxMyMwJgpzFcZEFfoG93ZWQyMwIyM0EjJTJDJTIlZGVvqWqJozZipz1uqGyiovUlMvUmQSUlMvUlMvUlQlUlMaNcqGVJZCUlMvUmQTEkMDI5NSUlQlUlMaB1Yzkcp2uypxyxJTIlJTNBMwx1NwxyMxMyMwJmY2uunW4yMwIyM0EyN0IyMwJ2ZXIyMwIyM0EyMwIkLwAyMwIyMxMyMwJwo21joGV0ZSUlMvUmQTEyMxMyMwJho2RyplUlMvUmQSU1QvU3QvUlMzFmnSUlMvUmQSUlMaBlnW1cpl50ZWNbJTIlJTJDJTIlp2yxJTIlJTNBJTIlMwx1NwxyMwIyMxMyMwJbpCUlMvUmQTEyN0QyNUQyN0QyMxMyMwJlZWqco24yMwIyM0EyMwJGUvUlMvUlQlUlMzNuoXBunWqhplUlMvUmQSU3QvUlMwp4MmE3JTIlJTNBJTqCJTIlqHJuY2gypvUlMvUmQSUlMzNuoXBunWqhRaJypUNupCUmRDAyMwUlRwAyMwZwYW1jYWyaoxyxJTNENmtmMTpyMwZmpGFwZTJBZEyxJTNEMTpjNTUmMwtyMwIyMxMyMwJjpzVvnWROp3NjSW5xZXtyMwIyM0EjJTJDJTIlp3BuY2UlQWRJZCUlMvUmQSUlMwE3MDU1MmI4JTIlJTJDJTIlZGVuoCUlMvUmQSU3QvUlMzymUaRvRGVuoCUlMvUmQTAyMxMyMwJlqGJEZWFfSWQyMwIyM0EyMwIyMwIyMxMyMwJlqGJTZWF0SWQyMwIyM0EyMwIyMwIyN0QyMxMyMwJlqGJXU2VuqCUlMvUmQSUlMvUlMvUlQlUlMzNuoXBunWqhSWQyMwIyM0E3ODMkNlUlQlUlMzNuoXBunWqhU2NipGUyMwIyM0EyMwJjqWJfnWMyMwIyMxMyMwJvqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMzFxVXNypxyxJTIlJTNBMmEjMwIyMxMyMwJvY2F0JTIlJTNBJTIlJTIlJTJDJTIlYzFmZUZfo29lJTIlJTNBMv42JTJDJTIlZXu0JTIlJTNBJTqCJTIlpGFlqG5ypvUlMvUmQSUlMwElMSUlMvUlQlUlMaJyqyNbYXJyJTIlJTNBJTIlMS4jMCUlMvUlQlUlMaBfYWNyoWVhqEyxJTIlJTNBJTIlUHJcoWymX0qyozVlYWksUyRCJTIlJTJDJTIlp3VjpGkcZXJsnWQyMwIyM0EyMwI0MvUlMvU3RCUlQlUlMaJyZzVlZW5wZUyxJTIlJTNBMTEyMxMyMwJvnWRzoG9ipvUlMvUmQSUlMwIhNwAyMwIyMxMyMwJmY2uunW4yMwIyM0EyN0IyMwJ2ZXIyMwIyM0EyMwIkLwAyMwIyMxMyMwJwo21joGV0ZSUlMvUmQTEyMxMyMwJho2RyplUlMvUmQSU1QvU3QvUlMzFmnSUlMvUmQSUlMaBlnW1cpl50ZWNbJTIlJTJDJTIlp2yxJTIlJTNBJTIlMwx1NwxyMwIyMxMyMwJbpCUlMvUmQTEyN0QyNUQyN0QyN0QyN0QyMxMyMwJjoGFwZW1yoaRDYXQyMwIyM0EyNUIyMwJJQUIkLTIyMwIyNUQyMxMyMwJjYWqyY2F0JTIlJTNBJTVCJTIlSUFCOS0mMCUlMvU1RCUlQlUlMzNioaRyoaRwYXQyMwIyM0EyNUIyMwJJQUIkLTIyMwIyNUQyN0Q%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=UTF-8
x-amz-cf-id
IIYN30h22ccf0ZjSzhRT2E2nZIKS6QVQQGKyoeli5nLLPVt4IN40IQ==
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 8A92 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:52 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
cygnus
htlb.casalemedia.com/ Frame 8A92 		37 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221140d75b475617d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212d683d64303e67%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22sid%22%3A%22260x146%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2F110295%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B260%2C146%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A260%2C%22h%22%3A146%7D%2C%22bidfloor%22%3A2.6%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2229569%22%2C%22hp%22%3A1%2C%22rid%22%3A%225da9eb04-61d8-4848-b86e-77f41eb89195%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c059f1e8343e304a52f6dcca2f18dde140312e3ff2cbd7cb6a74bab4f7f5863e

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Mon, 09 May 2022 07:23:51 GMT
translator
hbopenbid.pubmatic.com/ Frame 8A92 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ Frame 8A92 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:51 GMT
access-control-allow-credentials
true
vary
Origin
mvo
tag.1rx.io/rmp/246181/0/ Frame 8A92 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/246181/0/mvo?z=1r&hbv=6.18,2.1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 8A92 		67 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1652081031756&pKey=931097706&_fw_gdpr_consent=&_fw_gdpr=true&schain=1.0%2C1!primis.tech%2C29569%2C1%2C5da9eb04-61d8-4848-b86e-77f41eb89195%2C%2C&loc=https%3A%2F%2Fwww.themarysue.com%2F&playerSize=260x146
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.79 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-79.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 09 May 2022 07:23:52 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1652081031820050-344
Expires
Mon, 09 May 2022 07:23:52 GMT
liveView.php
live.primis.tech/live/ 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwUlMDtkMDMkJaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTpjNmtmMDEzrD0lNwAzrT0kNDYzoXN0YT0kNmE2Nmp1NSZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTJuMDEyM0E0YTAyM0ElYlUmQSUmQTEjJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMS4jLwQ5NTEhNDEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNmuwMTt1NwZvZTMzpaZhPSR7VyBsUyZOX01BQ1JPsSZuqHRyoXB0TXVfqGyjoGyypw0lMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwUlMDtkMDMkNmM0JaVcZD1TZWgcozRiU1BfYXyypwYlNmuwMTt2MGYjOWYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
x-amz-cf-pop
SFO53-C1
content-type
image/gif
x-amz-cf-id
ZiSIDSoZxDoi211SPXGE4YkxW4skjFfcWYN9bKz5y8_Jh3O7tPTrGg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
uu
ih.adscale.de/ Frame 3A4F
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1652081031
  • https://ih.adscale.de/uu?cbfn=receive&t=1652081031&nut&uu=afa14595c42b4c549402dbaaf5e015e2
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1652081031&nut&uu=afa14595c42b4c549402dbaaf5e015e2
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dafa6b54913c182eac7badf529d5722e41ef262723ce2bd4eda1ca2ed9538491

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1652081031&nut&uu=afa14595c42b4c549402dbaaf5e015e2
date
Mon, 09 May 2022 07:23:51 GMT
content-length
0
w_480_00004.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		344 KB
345 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
85d723836386e4112e75b3557a11adbc9655f01011ab1a80afb91211d267f44c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 a33954238ddc352c152e2314fffad1ae.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
content-length
352312
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"76693e77afe8fbbd55d2edf649cf5584"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
kMHIWkGDNpmsZLYsGpvr4AFMb4mAHdatMbm2gFZ6rUAubvafby2k7g==
expires
Mon, 23 May 2022 07:23:51 GMT
w_480_00005.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		361 KB
361 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
acc29ee48cfb18f75d06dc7f21f8ebdfc2b516a5ccd412630916f993cd896bf2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:51 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
369232
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"034559d97ce84c80b1048fbf8dab15cf"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
m13kJ36qBXqQqbP6VeDqQy_PCKYhNWOgEZhJ96OnP6sD7aXtVUtYqQ==
expires
Mon, 23 May 2022 07:23:51 GMT
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=25bccp7ihn5fs6949k6cjst5iltv5zda4r85fx7&lwbsh=AAX&dgw=desktop&flg=AAXBD4DM4&fw=LONDON&ff=GB&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=themarysue.com&vhuyqdph=ssp-serving-55f9d57564-ft47s&vyu=050516_368_050516_333_ssp&vf=EN&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001652081029883013888066562544&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=-1&dgeg=0&qsd=0&jgsu=1&fvvwu=&wfi_fps=9&wfi_vwdwxv=loaded&wfi_sus=0000--0--0&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=1---&xifd=0&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&vlg=proper-ad-themarysue_side_2&gvlg=%2F5376056%2C143457427%2Fthemarysue_side_2_0&vcv=1x1%7C300x250%7C300x600%7C160x600&ws=proper_slot%3D4%7Cproper_floor%3D0.10&odwh=0&vuw=-1&oco=1&wrs=2083.78125&ewp=2083.78125&oiw=1190&ujkw=1190&oshu=1&vlg=proper-ad-themarysue_side_3&gvlg=%2F5376056%2C143457427%2Fthemarysue_side_3_0&vcv=1x1%7C300x250&ws=proper_slot%3D5%7Cproper_floor%3D0.10&odwh=0&vuw=-1&oco=1&wrs=5765.6875&ewp=5765.6875&oiw=1190&ujkw=1190&oshu=1&vlg=proper-ad-themarysue_side_1&gvlg=%2F5376056%2C143457427%2Fthemarysue_side_1_0&vcv=1x1%7C300x250%7C300x600%7C160x600&ws=proper_slot%3D3%7Cproper_floor%3D0.10&odwh=0&vuw=-1&oco=1&wrs=274&ewp=274&oiw=1185&ujkw=1185&oshu=1&vlg=proper-ad-themarysue_skin&gvlg=%2F5376056%2C143457427%2Fthemarysue_skin_0&vcv=1x1%7C2x2&ws=proper_slot%3D2%7Cproper_floor%3D0.10&odwh=0&vuw=-1&oco=1&wrs=70&ewp=70&oiw=-160&ujkw=1600&oshu=1&vlg=proper-ad-themarysue_sticky&gvlg=%2F5376056%2C143457427%2Fthemarysue_sticky_0&vcv=1x1%7C728x90%7C970x90&ws=proper_slot%3D8%7Cproper_sticky%3Dtrue%7Cproper_floor%3D0.10&odwh=0&vuw=-1&oco=1&wrs=0&ewp=0&oiw=0&ujkw=0&oshu=1&uhtxuo=https%3A%2F%2Fwww.themarysue.com%2F&nzui=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:51 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 09 May 2022 07:23:51 GMT
userconnect.js
js.adscale.de/ Frame 3A4F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2a00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
l14ei6mrGNnxtq2e0hXb7NMIinlWaZ_p
content-encoding
gzip
last-modified
Fri, 06 May 2022 09:13:36 GMT
server
AmazonS3
age
614
etag
W/"988fbfb6c270a6080f89deb043243858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 09 May 2022 07:13:39 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
SaRwb9Da1mjkhJeqE7-lobao7J9kNycq9GGDDSFkme2G684iV72_Gw==
csync
sync.console.adtarget.com.tr/ Frame 3A4F 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=afa14595c42b4c549402dbaaf5e015e2
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 09 May 2022 07:23:52 GMT
Server
VertaMedia 1.0
Etag
ccf331cb71a25bb4
Content-Length
0
userconnect
ih.adscale.de/ Frame 3A4F 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1652081032084&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:52 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame 1EEE 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a1ffed190a7ea36dd6b98e73a7663e84d8a5cf5aed7bb788380895ca29fa23ed

Request headers

Referer
https://js.adscale.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
2792
content-type
text/html;charset=ISO-8859-1
date
Mon, 09 May 2022 07:23:52 GMT
match.js
js.adscale.de/ Frame 1EEE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2a00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
kdGqo3E1H7Zp2AP0nbUdH11g0q7T09ER
content-encoding
br
last-modified
Fri, 06 May 2022 09:13:36 GMT
server
AmazonS3
age
614
etag
W/"ff7cce9128150bd82f1a709c03692e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 09 May 2022 07:13:39 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
51xYbYdoiPAlX7Sb59Oqj87y751PwJ25UZk4G8Lzas4kdFrhxjZaiQ==
img
ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/ Frame 1EEE
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=afa14595c42b4c549402dbaaf5e015e2&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf14a9a7c578%2F1652081032178%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?tpid=101&tpuid=BBID-01-03267950324719862-16598232
49 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?tpid=101&tpuid=BBID-01-03267950324719862-16598232
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:52 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 09 May 2022 07:23:52 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?tpid=101&tpuid=BBID-01-03267950324719862-16598232
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8A92 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30352D30395F31307D7B7331373136373735357D7B4335377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=2a01%3A4a0%3A2c%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6278c18566be3&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2bcbnqmpjgzk&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=tr&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=49.4404&geoLong=11.8582&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=www.themarysue.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
260561a7eb727dcab19e6a6fcf626183fb3abe0b46a122d7cdae9c6d6dca97b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128643
x-xss-protection
0
expires
Mon, 09 May 2022 07:23:52 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1EEE
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=2fc439e0712ea96347c7fe663...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YnjBh19sSZlV4kpMFrOXAgAA%26302
49 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YnjBh19sSZlV4kpMFrOXAgAA%26302
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:52 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 09 May 2022 07:23:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YnjBh19sSZlV4kpMFrOXAgAA%26302
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
309
Expires
Mon, 09 May 2022 07:23:52 GMT
bridge3.513.0_en.html
imasdk.googleapis.com/js/core/ Frame DD73 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
144328
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209849
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 15:18:24 GMT
expires
Sun, 07 May 2023 15:18:24 GMT
last-modified
Tue, 03 May 2022 16:58:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 8A92 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 May 2022 07:23:52 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8463 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 06:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 09 May 2022 07:47:12 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1EEE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=f2711621c56481e1ef5b9bf...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=bd4b6278-c18a-4700-a57d-52fda1264514&gdpr=0&gdpr_consent=
49 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=bd4b6278-c18a-4700-a57d-52fda1264514&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:54 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 09 May 2022 07:23:54 GMT
Server
MT3 4390 fb8620d master nrt-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=bd4b6278-c18a-4700-a57d-52fda1264514&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 09 May 2022 07:23:53 GMT
liveView.php
live.primis.tech/live/ 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY1MwA4MTAmMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEjMwx1JaN0YT0jJat9MwYjJax9MTQ2JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTJuMDEyM0E0YTAyM0ElYlUmQSUmQTEjJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMS4jLwQ5NTEhNDEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNmuwMTt1NwZvZTMzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MwA4MTAmMmA3NSZ1nWQ9U2VenW5xo1NQoGF5ZXI2Mwp4YmE4NwBzMDyzJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:52 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=UTF-8
x-amz-cf-id
hc6YZjRcxkq03eI_nL7lommLCazd8l1tTi1uGyxBvl0QReAyl0p3jQ==
ads
pagead2.googlesyndication.com/gampad/ Frame DD73 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21734706084%2C143457427%2FGamurs.group&description_url=https%3A%2F%2Fwww.themarysue.com%2F&env=vp&correlator=2545129596890685&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&cust_params=prmsig%3Duwgxnm&sdkv=h.3.513.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=2135589714&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.513.0&sid=DB17B9E3-6DE1-4B3E-A94B-F943E3B07C04&nel=0&eid=44747319%2C44761692&url=https%3A%2F%2Fwww.themarysue.com%2F&dlt=1652081029240&idt=3878&dt=1652081033272&scor=258341198107719&ged=ve4_td4_tt0_pd4_la4000_er1122.-2730.1276.-2470_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themarysue.com%2F&domain=www.themarysue.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 09 May 2022 07:23:52 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1268
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 8A92
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themarysue.com%2F&domain=www.themarysue.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=3r410HwxSTdlN2gyUnEwTzhOa2ZVVnJJZllhL25aeUtsazZMbDRUb1BnSG4yYldnR05MZTB0SDZkOCsvbk9heWw1NXEyYjJqSEVMMFNHYVdVUFZsUHo2NlpTOTMwa3dKbkpxOUg0c1NVUXRLSWNJWVBHazFIbHgwd1M2d2...
342 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3r410HwxSTdlN2gyUnEwTzhOa2ZVVnJJZllhL25aeUtsazZMbDRUb1BnSG4yYldnR05MZTB0SDZkOCsvbk9heWw1NXEyYjJqSEVMMFNHYVdVUFZsUHo2NlpTOTMwa3dKbkpxOUg0c1NVUXRLSWNJWVBHazFIbHgwd1M2d2ZJZWg4d0F6SEtvbXJ1MmFNR0dwT0pxM2JSK3BPcjlZMGova2VYS0E5TXZBcTJoWWhaTmlvR2Y3d1JlbWFnRUs4cGJjQ0hIeDkwVzFsVTFiR1plUFVhTmRnTmJxM25XVWlrZnBac3owSjlPSExhS204RWgwPXw&cppv=2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6551ee1c159cbd13cafedfad877333e649a0803668c2cb7e230acf1679299e3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:53 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2951
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:52 GMT
location
https://mug.criteo.com/sid?cpp=3r410HwxSTdlN2gyUnEwTzhOa2ZVVnJJZllhL25aeUtsazZMbDRUb1BnSG4yYldnR05MZTB0SDZkOCsvbk9heWw1NXEyYjJqSEVMMFNHYVdVUFZsUHo2NlpTOTMwa3dKbkpxOUg0c1NVUXRLSWNJWVBHazFIbHgwd1M2d2ZJZWg4d0F6SEtvbXJ1MmFNR0dwT0pxM2JSK3BPcjlZMGova2VYS0E5TXZBcTJoWWhaTmlvR2Y3d1JlbWFnRUs4cGJjQ0hIeDkwVzFsVTFiR1plUFVhTmRnTmJxM25XVWlrZnBac3owSjlPSExhS204RWgwPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1544
content-length
482
expires
0
212.json
id5-sync.com/g/v2/ Frame 8A92 		213 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a0ffe316dd4c1077d25a5047aef8cf5cc5d9dc13367bb7a395ce99ad6122b5d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:23:53 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 8A92 		63 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.123.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-123-28.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
80e9d68f9a8a7120fb28beb530eda1e046c7f2ba986108dc3d0832b8b41d0393

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache
x-server
10.45.27.96
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame 8A92 		63 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
496ab035dbce61beb9230fa5db9def2566c6ec741b0ed47a401023913716e408

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 May 2022 07:23:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 08 Jun 2022 07:23:53 GMT
pd
u.openx.net/w/1.0/ Frame 5170 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 09 May 2022 07:23:53 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B2A9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101726
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 09 May 2022 07:23:53 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 10 May 2022 11:39:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A752 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 May 2022 07:23:53 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 8A92
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=54d64c471eaa7a3794ef72459a1536a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0b85_7095634007077604143&gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Mon, 09 May 2022 07:23:53 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1652081033594084-346
Expires
Mon, 09 May 2022 07:23:53 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3r410HwxSTdlN2gyUnEwTzhOa2ZVVnJJZllhL25aeUtsazZMbDRUb1BnSG4yYldnR05MZTB0SDZkOCsvbk9heWw1NXEyYjJqSEVMMFNHYVdVUFZsUHo2NlpTOTMwa3dKbkpxOUg0c1NVUXRLSWNJWVBHazFIbHgwd1M2d2ZJZWg4d0F6SEtvbXJ1MmFNR0dwT0pxM2JSK3BPcjlZMGova2VYS0E5TXZBcTJoWWhaTmlvR2Y3d1JlbWFnRUs4cGJjQ0hIeDkwVzFsVTFiR1plUFVhTmRnTmJxM25XVWlrZnBac3owSjlPSExhS204RWgwPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 09 May 2022 07:23:52 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
969
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7PGVNEX4L0&gtm=2oe540&_p=314099540&_z=ccd.tbB&cid=1284264339.1652081029&ul=en-us&sr=1600x1200&_s=2&sid=1652081028&sct=1&seg=0&dl=https%3A%2F%2Fwww.themarysue.com%2F&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&en=Allowed&_et=3&ep.event_category=Ad%20Block&ep.non_interaction=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/ Frame 1EEE
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=ed3804a50d6472c6cc1572d79f5a02ee0f622fd6f289f10d930f9246841287ad&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fbe5cbf...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=ed3804a50d6472c6cc1572d79f5a02ee0f622fd6f289f10d930f9246841287ad&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba419fb...
  • https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?tpid=42&gdpr=0&tpuid=7303995348562619484
49 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?tpid=42&gdpr=0&tpuid=7303995348562619484
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:54 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:54 GMT
server
nginx
location
https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?tpid=42&gdpr=0&tpuid=7303995348562619484
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1EEE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=0271b404-24e1-4145-b3ec-90f9bf8a8918&gdpr=0
49 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=0271b404-24e1-4145-b3ec-90f9bf8a8918&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:54 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:53 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=0271b404-24e1-4145-b3ec-90f9bf8a8918&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1393897
content-length
0
expires
Mon, 09 May 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 1EEE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=fc23aa1e5a8bb9ebc3634867...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=ccb66278-c18a-4800-af69-0bf650df577d&gdpr=0&gdpr_consent=
49 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=ccb66278-c18a-4800-af69-0bf650df577d&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:54 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 09 May 2022 07:23:54 GMT
Server
MT3 4390 fb8620d master nrt-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=ccb66278-c18a-4800-af69-0bf650df577d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 09 May 2022 07:23:53 GMT
img
ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/ Frame 1EEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=4958fbc7cb555abf73484dac84a5be10cf23863fc552d7b40a933a960281858a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e...
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm=&google_sc=&uid=4958fbc7cb555abf73484dac84a5be10cf23863fc552d7b40a933a960281858a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4...
  • https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?uid=4958fbc7cb555abf73484dac84a5be10cf23863fc552d7b40a933a960281858a&tpid=38&gdpr=0&tpuid=CAESED28hsqbFiaUE2bjuMUim0Q...
49 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?uid=4958fbc7cb555abf73484dac84a5be10cf23863fc552d7b40a933a960281858a&tpid=38&gdpr=0&tpuid=CAESED28hsqbFiaUE2bjuMUim0Q&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/img?uid=4958fbc7cb555abf73484dac84a5be10cf23863fc552d7b40a933a960281858a&tpid=38&gdpr=0&tpuid=CAESED28hsqbFiaUE2bjuMUim0Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/ Frame 1EEE
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=c4f83d6eee56c03c2966a39b0e8edd80d5512cad62581c8db200695a27997339&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba41...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=c4f83d6eee56c03c2966a39b0e8edd80d5512cad62581c8db200695a27997339&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F47e4d8f60eba41...
  • https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/js?tpid=48&tpuid=e4dded1a02a5789fbdf395f539d33692
44 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/js?tpid=48&tpuid=e4dded1a02a5789fbdf395f539d33692
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
63e5fea5ff9e647534f5790e62c79b2da10c7d06fa7835d66f8d27e6f7e5dcb1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:55 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Mon, 09 May 2022 07:23:55 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/47e4d8f60eba419fbe5cbf14a9a7c578/1652081032178/0/js?tpid=48&tpuid=e4dded1a02a5789fbdf395f539d33692
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
sium
ih.adscale.de/ Frame 1EEE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.218.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-218-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 09 May 2022 07:23:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
f9409a6da72fadffd9c2e43b8a9099f1c33e2c3a21c48a07e1d3be04a53f0588

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:58 GMT
via
1.1 4f6b42c00be2b57f5f03a09501620500.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
content-length
1730
last-modified
Thu, 14 Apr 2022 07:36:52 GMT
server
Tengine
etag
"dd948a3170c27896fc42788419264980"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
30PO-YmMAoY1RzIu-IsdcDcfgB-1KFFRggaqruCwjrOfpFdyHDP-Sg==
expires
Mon, 23 May 2022 07:23:58 GMT
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		369 KB
370 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
640d3602939994cd1c59d0bfa30ecd8f1ab2b141bfdb11e02b4fa94a112b89d4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:58 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
377692
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"98839c2ed1e4d4ea3dd40a3c53ab0045"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
3l9Z7rdPiYmt20Cv3iKbqFPEM_LR3WBf7ZjCIti6wgAMYceRLFhnKQ==
expires
Mon, 23 May 2022 07:23:58 GMT
b4a06b3b-abb0-4127-b8b6-b0092e84fbb3
https://www.themarysue.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.themarysue.com/b4a06b3b-abb0-4127-b8b6-b0092e84fbb3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		334 KB
335 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
876e13e576923df52c6d877e76ff318edc4be2369cb9052646b7327557394464

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:58 GMT
via
1.1 d78b645a0212e56f1a04609bf83554e4.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
content-length
342160
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"d1b6ac9ab56a4baf66a8f8fd1d9dc558"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
NqM4A2bHt2mhyLNwVaCLN1BpYYfZSzEVx9iy_7o0N78q3WqRT1nFcA==
expires
Mon, 23 May 2022 07:23:58 GMT
w_480_00002.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		383 KB
384 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a0a4d417eee5d11dbdeb66ad029a0f4ca0d1910db235c29c5ea684822532fb70

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:58 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
392544
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"65a84f25fc293ed7c8a5b54fe0b126f5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
JB3PtrF2cwuz1rPEnoIA6nubpG9oUfTQAsi8Q1fDaikTQXfszrHbtw==
expires
Mon, 23 May 2022 07:23:58 GMT
w_480_00003.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		363 KB
364 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
004c9bc8693626f44a16223ac6f811ea475dfab016ffb7fdc8ab294895773cfa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:58 GMT
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
371488
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"9d89a1530ba89bb604c0f523921ed40a"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
d8r6O7aNB5wQctTH_Y5Zp_paYnBuw6MQACvnhLNMbcJHuvlw6nSNUw==
expires
Mon, 23 May 2022 07:23:58 GMT
w_480_00004.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		344 KB
345 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
85d723836386e4112e75b3557a11adbc9655f01011ab1a80afb91211d267f44c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:58 GMT
via
1.1 a33954238ddc352c152e2314fffad1ae.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
content-length
352312
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"76693e77afe8fbbd55d2edf649cf5584"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
kMHIWkGDNpmsZLYsGpvr4AFMb4mAHdatMbm2gFZ6rUAubvafby2k7g==
expires
Mon, 23 May 2022 07:23:58 GMT
w_480_00005.ts
video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/ 		361 KB
361 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29569/video_6192662ccd5fb839743211/vid6257caab1ce2d038511633.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
acc29ee48cfb18f75d06dc7f21f8ebdfc2b516a5ccd412630916f993cd896bf2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 07:23:58 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
369232
last-modified
Thu, 14 Apr 2022 07:36:53 GMT
server
Tengine
etag
"034559d97ce84c80b1048fbf8dab15cf"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
m13kJ36qBXqQqbP6VeDqQy_PCKYhNWOgEZhJ96OnP6sD7aXtVUtYqQ==
expires
Mon, 23 May 2022 07:23:58 GMT
liveView.php
live.primis.tech/live/ 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY1MwA4MTAmMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEjMwx1JaN0YT0jJat9MwYjJax9MTQ2JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTJuMDEyM0E0YTAyM0ElYlUmQSUmQTEjJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMS4jLwQ5NTEhNDEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNmuwMTt1NwZvZTMzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwUlMDtkMDM5MDU5JaVcZD1TZWgcozRiU1BfYXyypwYlNmuwMTt2MGYjOWYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:58 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=UTF-8
x-amz-cf-id
QYOGc6AMoMqYKwrnVoxopsm9AFpdaxPRk4WwL_tn-S0b83PRq7t1dw==
liveView.php
live.primis.tech/live/ 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTY1MwA4MTAmMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEjMwx1JaN0YT0jJat9MwYjJax9MTQ2JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTJuMDEyM0E0YTAyM0ElYlUmQSUmQTEjJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMS4jLwQ5NTEhNDEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNmuwMTt1NwZvZTMzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwUlMDtkMDM5MDp1JaVcZD1TZWgcozRiU1BfYXyypwYlNmuwMTt2MGYjOWYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZW1upaymqWUhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:58 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=UTF-8
x-amz-cf-id
FKYYQpvFPFG0UuUynRE0QO-UeZ_3RL1Y7lJJ7mTEu2mASxajmgyLJw==
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 09 May 2022 07:24:00 GMT
server
ATS/9.1.0.46
translator
hbopenbid.pubmatic.com/ Frame 8A92 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:24:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
liveInternalSsp.php
live.primis.tech/live/ Frame 8A92 		25 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0ElNwAyMxMyMwJbZWyanHQyMwIyM0EkNDYyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlMzEjMSUmQTRuMCUmQTJwJTNBJTNBMTAyMwIyMxMyMwJaZW9JZCUlMvUmQTU3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlREUyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGMTAkLwAhNDx1MS40MSUlMFNuZzFlnSUlRwUmNl4mNvUlMvUlQlUlMzkuqCUlMvUmQSUlMwQ5LwQ0MDQyMwIyMxMyMwJfo24yMwIyM0EyMwIkMS44NTtlJTIlJTJDJTIlYXBjTzFgZSUlMvUmQSUlMvUlMvUlQlUlMzFjpEyxJTIlJTNBJTIlJTIlJTJDJTIlnXNBpHAyMwIyM0EjJTJDJTIlYXBjQaVhZGkySWQyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvUlMvUlQlUlMzFjpFN0o3JyVXJfJTIlJTNBJTIlJTIlJTJDJTIlYXBjUHJcqzFwrVBioGywrSUlMvUmQSUlMvUlMvUlQlUlMzFjpEymUGFcZCUlMvUmQSUlMvUlMvUlQlUlMzFjpERyqzVfo3BypvUlMvUmQSUlMvUlMvUlQlUlMzyzYSUlMvUmQSUlMvUlMvUlQlUlMzyzqvUlMvUmQSUlMvUlMvUlQlUlMzF0qHMyMwIyM0EyMwIyMwIyMxMyMwJupHBWZXJmnW9hJTIlJTNBJTIlJTIlJTJDJTIlpzVzZXJlZXIyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvUlMvUlQlUlMaBuZ2UyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvUlMvUlQlUlMzqxpHIyMwIyM0EkJTJDJTIlZ2RjpxNioaNyoaQyMwIyM0EyMwIyMwIyMxMyMwJcp1qyUGFmp0qxpHIyMwIyM0EyMwIjJTIlJTJDJTIlY2NjYSUlMvUmQTAyMxMyMwJwY3BuQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzRioWFcovUlMvUmQSUlMaq3ql50nGVgYXJ5p3VyLzNioSUlMvUlQlUlMaqyYaNcqGUyMwIyM0EyMwJ3q3php2VenW5xol5wo20yMwIyMxMyMwJmZWN1pzUyMwIyM0EkJTJDJTIlZ2ViU291pzNyJTIlJTNBJTIlSVAyMwIyMxMyMwJwo3BjYSUlMvUmQTAyMxMyMwJ1qWyxJTIlJTNBJTIlNwI3OGMkODU2NzJyMlUlMvUlQlUlMzJfo2NeQaJuozRmJTIlJTNBJTVCJTVEJTJDJTIlZXu0VXNypxyxplUlMvUmQSU1QvU1RCUlQlUlMz1lYWyxQWkfo3qyZCUlMvUmQTAyMxMyMwJxZWJ1Z0yhZz9loWF0nW9hJTIlJTNBJTIlJTIlJTJDJTIlp2y0ZUyxJTIlJTNBMTEjMwx1JTJDJTIlpHVvoGymnGVlSWQyMwIyM0ElOTU2OSUlQlUlMaNwnGFcovUlMvUmQSU3QvUlMaZypvUlMvUmQSUlMwEhMCUlMvUlQlUlMzNioXBfZXRyJTIlJTNBMSUlQlUlMz5iZGVmJTIlJTNBJTVCJTqCJTIlYXNcJTIlJTNBJTIlpHJcoWymLaRyY2tyMwIyMxMyMwJmnWQyMwIyM0EyMwIlOTU2OSUlMvUlQlUlMzujJTIlJTNBMSU3RCU1RCU3RCUlQlUlMaJyZ2yiovUlMvUmQSUlMxZSJTIlJTJDJTIlY2FgpGFcZ25mJTIlJTNBJTqCJTIlNmtmMTpyMwIyM0EyN0IyMwJ0pzFwn2VlJTIlJTNBJTIlY2FgpGFcZ25GpzVkQ2FjJTNEMCUlNTJGMCUlNzNuoXBunWqhSWQyM0Q3ODMkNlUlNaNjYWNyMxFxSWQyM0QkNmA1NTMlOCUlMvUlQlUlMaBlZWJcZE5mp3BJozRyrCUlMvUmQTAyMxMyMwJmpGFwZTJBZEyxJTIlJTNBJTIlMTpjNTUmMwtyMwIyMxMyMwJxZWFfJTIlJTNBJTqCJTIlnXNSqGJEZWFfJTIlJTNBMCUlQlUlMaJ0YxRyYWkJZCUlMvUmQSUlMvUlMvUlQlUlMaJ0YyNyYXRJZCUlMvUmQSUlMvUlMvU3RCUlQlUlMaJ0YyqTZWF0JTIlJTNBJTIlJTIlJTJDJTIlY2FgpGFcZ25JZCUlMvUmQTp4MmE3JTJDJTIlY2FgpGFcZ25TY29jZSUlMvUmQSUlMaB1YzkcYlUlMvUlQlUlMzJ1rWVlVWyxJTIlJTNBJTIlJTIlJTJDJTIlYWRVp2VlSWQyMwIyM0EmMTAlMvUlQlUlMzJwYXQyMwIyM0EyMwIyMwIyMxMyMwJvYXNyRzkio3IyMwIyM0ElLwYyMxMyMwJyrHQyMwIyM0EyN0IyMwJjYXJ0ozVlJTIlJTNBJTIlMTIkJTIlJTJDJTIlpzV2U2uupzUyMwIyM0EyMwIkLwAjJTIlJTJDJTIlpGkuY2VgZW50SWQyMwIyM0EyMwJQpzygnXNsR2VhZXJuoF9SVEIyMwIyMxMyMwJmqXBjoGyypy9cZCUlMvUmQSUlMwQlJTIlJTqEJTJDJTIlpzVzZXJyozNySWQyMwIyM0EkMSUlQlUlMzJcZGZfo29lJTIlJTNBJTIlMv4mNCUlMvUlQlUlMaNwnGFcovUlMvUmQSU3QvUlMaZypvUlMvUmQSUlMwEhMCUlMvUlQlUlMzNioXBfZXRyJTIlJTNBMSUlQlUlMz5iZGVmJTIlJTNBJTVCJTqCJTIlYXNcJTIlJTNBJTIlpHJcoWymLaRyY2tyMwIyMxMyMwJmnWQyMwIyM0EyMwIlOTU2OSUlMvUlQlUlMzujJTIlJTNBMSUlQlUlMaJcZCUlMvUmQSUlMwVxYTyyYwA0LTYkZDtgNDt0OC1vODZyLTp3ZwQkZWI4OTE5NSUlMvU3RCU1RCU3RCU3RCU3RCUlQlUlMaBfYWNyoWVhqENuqCUlMvUmQSU1QvUlMxyBQwEgMvUlMvU1RCUlQlUlMaBuZ2VwYXQyMwIyM0EyNUIyMwJJQUI5LTMjJTIlJTVEJTJDJTIlY29hqGVhqGNuqCUlMvUmQSU1QvUlMxyBQwEgMvUlMvU1RCU3RA%3D%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2146:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:24:00 GMT
via
1.1 d12f243c0eac340525d6f4e735c01b64.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
SFO53-C1
content-type
text/html; charset=UTF-8
x-amz-cf-id
C3tHAEKaYYbdn5-qd1EiuWaxYhIdYEHNOYrfUr0bxziFtOm1i-xRsQ==
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 8A92 		67 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1652081040476&pKey=931988615&_fw_gdpr_consent=&_fw_gdpr=true&schain=1.0%2C1!primis.tech%2C29569%2C1%2C5da9eb04-61d8-4848-b86e-77f41eb89195%2C%2C&loc=https%3A%2F%2Fwww.themarysue.com%2F&playerSize=260x146
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.79 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-79.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 09 May 2022 07:24:00 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1652081040383063-369
Expires
Mon, 09 May 2022 07:24:00 GMT
cygnus
htlb.casalemedia.com/ Frame 8A92 		37 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2230f769a7119cec7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223176bf44ac883a5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22sid%22%3A%22260x146%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2F110295%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B260%2C146%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A260%2C%22h%22%3A146%7D%2C%22bidfloor%22%3A2.34%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2229569%22%2C%22hp%22%3A1%2C%22rid%22%3A%225da9eb04-61d8-4848-b86e-77f41eb89195%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4fec0b481f5cad7e9a6f22f0bfcdc1c2efe3ea44fc4047c48679ab2215a3d877

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:24:00 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Mon, 09 May 2022 07:24:00 GMT
v1
btlr.sharethrough.com/universal/ Frame 8A92 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.145.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-145-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:24:00 GMT
access-control-allow-credentials
true
vary
Origin
mvo
tag.1rx.io/rmp/246181/0/ Frame 8A92 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/246181/0/mvo?z=1r&hbv=6.18,2.1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Mon, 09 May 2022 07:24:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
v1
prg.smartadserver.com/prebid/ Frame 8A92 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:23:59 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 8A92 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Mon, 09 May 2022 07:24:00 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
avjp
primis-d.openx.net/v/1.0/ Frame 8A92 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.themarysue.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=39427a23-7c2a-4fa8-984d-590d7a258e0d&nocache=1652081040479&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C29569%2C1%2Cedaee671-6335-44fa-91d8-1b048b310f22%2C%2C&auid=540289187&vwd=260&vht=146&aucs=adUnit_7&aumfs=2160
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:24:00 GMT
via
1.1 google
server
OXGW/18.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.themarysue.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 8A92 		0
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.themarysue.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 09 May 2022 07:24:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 09 May 2022 07:24:00 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
liveView.php
live.primis.tech/live/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mantodea.mantisadnetwork.com
URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1652081029278&secure=true&version=9&mobile=false&title=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&url=https%3A%2F%2Fwww.themarysue.com%2F&measurable=true&property=61aea1e3e80a27001e1bcc49&bids[0][bidId]=themarysue_728x90-1&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[1][bidId]=themarysue_728x90-2&bids[1][sizes][0][width]=728&bids[1][sizes][0][height]=90&bids[2][bidId]=themarysue_160x600-1&bids[2][sizes][0][width]=160&bids[2][sizes][0][height]=600&bids[3][bidId]=themarysue_160x600-2&bids[3][sizes][0][width]=160&bids[3][sizes][0][height]=600&bids[4][bidId]=themarysue_160x600-3&bids[4][sizes][0][width]=160&bids[4][sizes][0][height]=600&bids[5][bidId]=themarysue_300x250-1&bids[5][sizes][0][width]=300&bids[5][sizes][0][height]=250&bids[6][bidId]=themarysue_300x250-2&bids[6][sizes][0][width]=300&bids[6][sizes][0][height]=250&bids[7][bidId]=themarysue_300x250-3&bids[7][sizes][0][width]=300&bids[7][sizes][0][height]=250&bids[8][bidId]=themarysue_300x250-4&bids[8][sizes][0][width]=300&bids[8][sizes][0][height]=250&bids[9][bidId]=themarysue_300x600-1&bids[9][sizes][0][width]=300&bids[9][sizes][0][height]=600&bids[10][bidId]=themarysue_300x600-2&bids[10][sizes][0][width]=300&bids[10][sizes][0][height]=600&bids[11][bidId]=themarysue_300x600-3&bids[11][sizes][0][width]=300&bids[11][sizes][0][height]=600&bids[12][bidId]=themarysue_300x600-4&bids[12][sizes][0][width]=300&bids[12][sizes][0][height]=600&foo
Domain
live.primis.tech
URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQ5JaNypaZypyRcoWU9MTY1MwA4MTAmMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEjMwx1JaN0YT0jJat9MwYjJax9MTQ2JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTJuMDEyM0E0YTAyM0ElYlUmQSUmQTEjJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMS4jLwQ5NTEhNDEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNmuwMTt1NwZvZTMzqxygpE9jpG9lqHVhnXR5TXVfqGyjoGyypw01JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NTIjODEjNDEkMwMzqWyxPVNyn2yhZG9TUGkurWVlNwI3OGMkODYjZwA5ZvZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| phpProps object| Cookies function| admiral object| googletag function| __tcfapi function| __uspapi object| special_ops object| propertag object| _comscore function| gtag object| dataLayer object| GlobalSnowplowNamespace function| snowplow boolean| haveWeGotAds undefined| $ function| jQuery function| powerpress_pinw function| documentInitOneSignal function| OneSignal object| properSpecialOps boolean| payload_loaded object| google_tag_manager object| COMSCORE function| udm_ object| ns_p object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properSpaNewSection function| properSpaNewPageView function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device object| amazon_crid_map object| ADAGIO string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId number| alias_accountId object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| FB object| webVitals function| 4dm1r11545242527 function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| sas object| apntag object| _ADAGIO object| gaplugins object| gaData string| proper_ad_page_uuid object| apstag object| link1 object| link2 function| proper_b5d0cc61_93ba3024_1 function| proper_b21b03c7_71c06575_2 number| proper_rps string| proper_ad_session_uuid function| google_sa_impl object| googleToken object| googleIMState boolean| apstagLOADED object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent969 object| Criteo string| x string| placementId string| disqus_shortname object| countVars object| themeMyLogin number| lazyEmbedsYMargin number| lazyEmbedsTimeout object| aax function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| convertToGeoRiotLinks function| extractItunesLinkFromAffiliateUrl function| getLinkType object| Georiot object| Genius object| PublisherCommonId object| DISQUSWIDGETS undefined| disqus_domain object| ats number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| ID5 object| regeneratorRuntime object| admrlWpJsonP object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 boolean| sekindoFlowingPlayerOn object| freewheelssp_cache number| google_global_correlator object| closure_lm_362923

70 Cookies

Domain/Path Name / Value
themarysue.com/ Name: pmpro_visit
Value: 1
www.themarysue.com/ Name: pmpro_visit
Value: 1
www.themarysue.com/ Name: _sp_ses.8cf7
Value: *
www.themarysue.com/ Name: _sp_id.8cf7
Value: 1579e091-f50e-4f49-8e06-368f312a332c.1652081028.1.1652081028.1652081028.affe10a2-66a3-4759-bcb0-1f4ba180ffcc
.scorecardresearch.com/ Name: UID
Value: 1ABf1fd4551fdb2f00617ef1652081028
.themarysue.com/ Name: _ga_7PGVNEX4L0
Value: GS1.1.1652081028.1.0.1652081028.0
.themarysue.com/ Name: _sp_cookie
Value: 842929bd-7df5-44c2-b793-127b52bd9cf6
.themarysue.com/ Name: _ga
Value: GA1.2.1284264339.1652081029
.themarysue.com/ Name: _gid
Value: GA1.2.1035489975.1652081029
.themarysue.com/ Name: _gat_gtag_UA_21433528_1
Value: 1
www.themarysue.com/ Name: _lr_retry_request
Value: true
www.themarysue.com/ Name: _lr_env_src_ats
Value: false
.yahoo.com/ Name: A3
Value: d=AQABBIXBeGICEJO5OtDmMhAsZHOVEVJApswFEgEBAQETemKCYgAAAAAA_eMAAA&S=AQAAAhTVO_Ihf-Y_YsruP1UPrtQ
.themarysue.com/ Name: usprivacy
Value: 1---
.analytics.yahoo.com/ Name: IDSYNC
Value: 190z~24s7
.bidswitch.net/ Name: tuuid
Value: 0b1f376a-7b81-4f41-a36a-6055b756d962
.bidswitch.net/ Name: c
Value: 1652081029
.bidswitch.net/ Name: tuuid_lu
Value: 1652081029
.postrelease.com/ Name: opt_out
Value: 1
www.themarysue.com/ Name: ntvSession
Value: {"id":4253724,"placementID":1024382,"lastInteraction":1652081029401,"sessionStart":1652081029401,"sessionEndDate":1652140800000,"experiment":""}
.go.sonobi.com/ Name: HAPLB5A
Value: s569|YnjBi
.rubiconproject.com/ Name: khaos
Value: L2YEE0RS-G-AOFM
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB00XD9Pp6jS6a2qEsFCZ0ctSdOhPT1GMTlU9xyqbwjHyyqAQ3wb6bHrT2Auwp9voJN7U3HAScTA0OCAnekPgJibWwUZhu5bAzzc6UO785F0Pw==
www.themarysue.com/ Name: _lr_geo_location
Value: DE
.proper.io/ Name: verizon_media
Value: y-04DLvWJE2uErps7qjY5EjIDIu6a.gKO9~A
.proper.io/ Name: mediagrid
Value: 0b1f376a-7b81-4f41-a36a-6055b756d962
www.themarysue.com/ Name: __aaxsc
Value: 2
.proper.io/ Name: __cf_bm
Value: o54z3ignLDjqvfcIWIxrMZQ90rXS0bJSoSRnJmm.KQU-1652081028-0-Abp93UUrRBJKTrt1pCW8P2C0t5D96SRgcvk%2B1V528OP6YsFjzHzD2dVgQN0xWD6rsKHZJJ2OYOG94udRH8HDRfIAyd2KLlWTf6bz6cue%2FIRt
.themarysue.com/ Name: _awl
Value: 2.1652081030.0.5-7294f4dfa7ce4450a6689321a2957fe6-6763652d6575726f70652d7765737431-0
.themarysue.com/ Name: properSessionData
Value: eyJ1dWlkIjoiY2IyOTRmZjYtZDVhNi00MzY0LTk2NDYtMmNhYzhhYTM5NjhhIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwib3BlbngiOjEsInNvdnJuIjoxLCJ0ZWFkcyI6MSwiY3JpdGVvIjoxLCJtYW50aXMiOjEsInNvbm9iaSI6MSwicnViaWNvbiI6MSwiYXBwbmV4dXMiOjEsIm1lZGlhbmV0IjoxLCJwdWJtYXRpYyI6MSwicmh5dGhtb25lIjoxLCJ0cmlwbGVsaWZ0IjoxLCJqdXN0cHJlbWl1bSI6MSwic2hhcmV0aHJvdWdoIjoxLCJ0aGlydHl0aHJlZWFjcm9zcyI6MSwibWVkaWFncmlkX3MycyI6MSwidmVyaXpvbl9tZWRpYV9zMnMiOjF9LCJhdWN0aW9uX2NvdW50IjoxLCJsYXN0X3RocmVzaG9sZCI6MH0=
.adnxs.com/ Name: uuid2
Value: 7641965637758625676
.3lift.com/ Name: tluid
Value: 3455833921465557833701
.spotxchange.com/ Name: audience
Value: f9994ce1-cf68-11ec-b585-129210fe0206
.media.net/ Name: data-pri
Value: 6278c18566be3~~34
.casalemedia.com/ Name: CMID
Value: YnjBh19sSZlV4kpMFrOXAgAA
.casalemedia.com/ Name: CMPS
Value: 1839
.tremorhub.com/ Name: tvid
Value: d4c0bf37934b4958afdc88ef1ef5d9f3
.casalemedia.com/ Name: CMPRO
Value: 302
.creativecdn.com/ Name: u
Value: LyQYfYO0uUfA0Vb6Lodo
.creativecdn.com/ Name: ts
Value: 1652081031
www.themarysue.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adscale.de/ Name: uu
Value: afa14595c42b4c549402dbaaf5e015e2
ads.stickyadstv.com/ Name: UID
Value: 54d64c471eaa7a3794ef72459a1536a
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307080
Value: LyQYfYO0uUfA0Vb6Lodo
.console.adtarget.com.tr/ Name: a550070
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550214
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: vmuid
Value: ccf331cb71a25bb4
.console.adtarget.com.tr/ Name: a307565
Value: afa14595c42b4c549402dbaaf5e015e2
.ibillboard.com/ Name: ibbid
Value: BBID-01-03267950324719862-16598232
.casalemedia.com/ Name: CMST
Value: YnjBh2J4wYgA
ads.stickyadstv.com/ Name: sessionId
Value: 5efbb7fe343a299d1b74d8e1d683bf
www.themarysue.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-05-09T07%3A23%3A53%22%7D
www.themarysue.com/ Name: pbjs-unifiedid_last
Value: Mon%2C%2009%20May%202022%2007%3A23%3A53%20GMT
.themarysue.com/ Name: panoramaId_expiry
Value: 1652167433549
.fwmrm.net/ Name: _uid
Value: "l0b85_7095634007077604143"
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l0b85_7095634007077604143
ads.stickyadstv.com/ Name: MRM_UID
Value: l0b85_7095634007077604143
.themarysue.com/ Name: cto_bundle
Value: CDDpzF9lRXVFRE9Kc3JqWkRTYTAzSVdGamFFNFBLZDFncFVoUGJZMm1Gbk9vUGdCbGZGMGJ4dHQ5N2xYTEU0UlpoOFVCeVJlMnB4NzU5Y3R3Unc3UiUyRnBJZmdVd2tHdDVoSFgwczVyMDFRdWVTcWRvYTh3NFk1bm9SckthanlrYWw2Tjln
.themarysue.com/ Name: cto_bidid
Value: SHsk519XUHRuJTJCODJBUE44QU9XMnNDNmVzOFlXeSUyRks2ZnlkMXN1Z3pMNkFoc3oxNGdOVnp3TiUyQmNFdGdaajJIR05zRllQTno1MGhYc2p0anlXMnJhdXdhMms4QSUzRCUzRA
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7303995348562619484
.criteo.com/ Name: uid
Value: 0271b404-24e1-4145-b3ec-90f9bf8a8918
.mathtag.com/ Name: uuid
Value: ccb66278-c18a-4800-af69-0bf650df577d
.doubleclick.net/ Name: IDE
Value: AHWqTUn4eM8-5dpZffYUEhRWqu29EwaLKYqj7Nx0z_ClxG7Wrr5wWooH03tn-q9_Yeo
.adscale.de/ Name: cct
Value: 1652081035311
.ih.adscale.de/ Name: tu
Value: 4#1722809190#48~~458911~458911~1#101~BBID-01-03267950324719862-16598232~458911~0~0#38~CAESED28hsqbFiaUE2bjuMUim0Q~458911~0~0#39~ccb66278-c18a-4800-af69-0bf650df577d~458911~0~0#40~0271b404-24e1-4145-b3ec-90f9bf8a8918~458911~0~0#42~7303995348562619484~458911~0~0#108~bd4b6278-c18a-4700-a57d-52fda1264514~458911~0~0#63~YnjBh19sSZlV4kpMFrOXAgAA&302~458911~0~0
.m6r.eu/ Name: test
Value: true

1 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
60687.publishers.tremorhub.com
a.teads.tv
abcheck.proper.io
ads.pubmatic.com
ads.stickyadstv.com
adx.adform.net
am22.mediaite.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
bbnaut.ibillboard.com
bidder.criteo.com
bids.proper.io
btlr.sharethrough.com
c.aaxads.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn.id5-sync.com
cdn.onesignal.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.media.net
csync.loopme.me
dis.criteo.com
disqus.com
eb.proper.io
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geniuslinkcdn.com
geo.privacymanager.io
global.proper.io
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
ih.adscale.de
image6.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js-sec.indexww.com
js.adscale.de
l3.aaxads.com
live.primis.tech
mantodea.mantisadnetwork.com
match.adsrvr.org
mug.criteo.com
onesignal.com
p.skimresources.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pre.ads.justpremium.com
prebid.media.net
prg.smartadserver.com
primis-d.openx.net
propermedia-d.openx.net
r.skimresources.com
rules.quantcount.com
s.console.adtarget.com.tr
s.ntv.io
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
spc.themarysue.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
superficialeyes.com
sync.console.adtarget.com.tr
sync.mathtag.com
sync.search.spotxchange.com
t.skimresources.com
tag.1rx.io
terrifictooth.com
themarysue.com
themarysue.disqus.com
tlx.3lift.com
track.adform.net
tracking.m6r.eu
u.openx.net
unpkg.com
ups.analytics.yahoo.com
usync.proper.io
video.primis.tech
www.aaxdetect.com
www.google-analytics.com
www.googletagmanager.com
www.themarysue.com
x.bidswitch.net
live.primis.tech
mantodea.mantisadnetwork.com
103.229.205.243
104.36.113.23
104.79.89.16
104.79.89.79
104.89.31.187
104.90.179.41
104.92.105.214
108.157.4.121
108.157.4.92
13.226.159.202
141.95.98.64
142.250.186.66
142.250.186.98
151.101.0.134
151.139.128.11
178.162.133.150
178.250.0.157
178.250.0.163
178.250.2.131
18.134.84.19
18.156.0.31
18.156.195.47
18.157.218.241
18.195.145.239
18.196.86.25
18.202.123.28
184.87.212.24
185.184.8.90
185.86.139.85
185.94.180.126
199.232.196.134
2.20.157.55
2.21.111.28
204.237.133.116
213.19.147.42
216.52.2.30
23.227.139.243
23.88.75.187
2600:1f18:612b:4200:ada2:2974:cd33:9395
2600:9000:206f:e00:6:44e3:f8c0:93a1
2600:9000:2146:4e00:1a:5235:f980:93a1
2600:9000:224a:8200:8:48e:53c0:93a1
2600:9000:2490:2a00:f:4f64:8940:93a1
2602:803:c004:200::141
2606:4700:10::6816:3a6e
2606:4700:10::6816:4085
2606:4700:10::6816:4185
2606:4700:20::681a:8a9
2606:4700::6810:7eaf
2606:4700::6811:4f22
2606:4700::6812:e134
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200a
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f02d:100:face:b00c:0:3
2a06:8640:464:0:92e2:baff:fed9:e201
3.120.166.248
34.107.148.139
34.120.133.55
34.120.157.206
34.149.20.76
35.190.39.246
35.190.59.101
35.190.91.160
35.201.67.47
35.201.96.133
35.244.159.8
35.83.57.60
37.157.3.28
37.252.172.38
37.252.173.215
46.105.202.126
52.223.40.198
52.24.77.206
52.57.7.236
52.9.210.200
62.209.227.211
63.250.60.65
65.9.63.76
69.173.144.139
72.251.244.141
76.223.111.18
83.136.253.58
92.122.144.184
92.122.147.28
004c9bc8693626f44a16223ac6f811ea475dfab016ffb7fdc8ab294895773cfa
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
057fa9ca2929d63d04db738da053f9d3fcd862d6906fde189d289bf68c6828ea
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
07e7ab130606c54cabaf0443d311b46601c7014da3cba159a90ace70bd0f437a
08b03eef0da14c1243cc76b16af2c14013630955d69538f5eb1670dcf6dd07bf
0e2feaac065f212c61f008b13b6d0522459e97c38d3876017887f3dbeb66362e
12eb2bc0ae6531a7e14a1db935b87ab3cb19af9fc097ada63afb42d0c12a9cb2
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1c7b340a74180ec6988f6552d72444f1247f1c5ab0138fa9045c47189153ebba
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d26c395006fe4f53b2fff048aa5a8fc376c2f362386deb30aa903cddade4d8d
1d7886e5fe1d82681fc3b48305f9ac2b187cf193e6d5c7622d7aef8f4371169c
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f
1ede980eeb961f57ee8d7920d34ac7a599b2a9ae1c2253872ac162b75731ddb4
209821ad1ea321ba3f839f7c812954993e5848c028f0b91c60e3314412748d95
2398d6b7ba3a2bb4629530ae998e22f7314eb802629c1f826c4b669a7833dd05
23ce982c197f34ffd7893339b068771fddfc4948f3f2f21e46793cdcec3844ac
23d2f398f069ce57747f5be7cb0ce51602c8ffefe6cf651438ac7753f3f7656c
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
260561a7eb727dcab19e6a6fcf626183fb3abe0b46a122d7cdae9c6d6dca97b4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2c1d3381ceefe91d05c46c8985bd51dae98808d088e93212d64802f8525b0ca4
2d415c1f468838c2e44920adeae714edaa41b30c3c3e9f76b031310aa8d8be3a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e95bcc1d51302added6bad654c12c789b25780c0d03b1e7e54aac653a66a55b
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
354f768ba846887f8611f5467b39e9dcaa0e7e86912cce7810bbedf452adad27
36b7395dd803f1704b9917058f1e3bdd56f050213c694824a6f87f5b3467eda6
3826db73fbe6bfb4a1b8b1e8087ba8dcf7973d4b7c07e5e77115b934ad82e23d
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b8936138d86bebaf23910489b6b4c373cabd7a14589edc7fece69840a4acc29
3cbeb1e5978920a40cadf4ebd8c6b99ac34aeccd49a255273099543cecc1f3e9
3cd49cdd222664a3ae53a485e192b420aad3cf05a17f89e7e42558b43c9a4c46
3f9ffe66762b6198aa1a830a416d80f6fc9961def1145c91dd3ceecabf7ee995
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
439aa86a4e7892312867d1ba15cc9e71a8a01c94b0bab0fff4d7d3ef9ebb3923
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
45faff320479dae433fb95a88117cf9da0342cec93f928330a7648896670d48a
4601547c2bdd0f876e2042b8c20e2040c6e4b9cf01374bbaa8c2088bbb81008f
463f3a36ad85e31f7b490397a006aeb2b9ebcaa9929f50c35fb766e6ee3005a6
47a4fbb602888ac947ab9087fee7bb8a0fd17a01a1031a6e8328355960c43997
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
496ab035dbce61beb9230fa5db9def2566c6ec741b0ed47a401023913716e408
4971f90988d3288ecf12d7bd22957409da96e6ed46953e14486983767be1626f
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f
4fec0b481f5cad7e9a6f22f0bfcdc1c2efe3ea44fc4047c48679ab2215a3d877
50d0dce52f491031af70252b907dbfabbbc8cfbcd6dcd85cb36c5d9285d06255
51146dea49d250745b8b671153d9f97922b2a8c13fb785746449a1f3369a854f
516fb604fb9b385996d297bfe61bf9e7bb5172aaae91ff7d8263d4a304c3e7f9
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188
53bf43d38f7609aff6e52dfa3d1ece4e55f8458e585fe353c4ff78cc4eadc8be
5409669d8ef0dc2d10976f9fbfb86010c67e57c9b5315f08255cc0fb7378ec63
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5cbaa50905cbfd614dc889e6155550145a3ed92a0085f7cbfcdd5df69145dfdf
5d1107dd863c1ba43c1487b9a3055e9022be594aeb9d9842571b654a6a51424d
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
607b53ecfe4d32c5de8659eec9204d22fac9d151d48fb6b8fbc6c9e779fa51df
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
6181012d7679e425e21a6623f3990bb579bb9bf645fdcfa201c1c1dd85519df8
63e5fea5ff9e647534f5790e62c79b2da10c7d06fa7835d66f8d27e6f7e5dcb1
640d3602939994cd1c59d0bfa30ecd8f1ab2b141bfdb11e02b4fa94a112b89d4
64cfe94ef0d05d138c265702612a9c413066826dca7b59d41d06a3e1d95204de
6551ee1c159cbd13cafedfad877333e649a0803668c2cb7e230acf1679299e3b
65860e387da1a66713fa721e8c8b257f3ae474564a68aa9e0969bff57c53a4f7
6631a642c185d94d8507330f511f803e05890bba8b1d89bb0151d6055a181b6d
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d861557eb9ebf623f534bda4f9524c02b1533bb40b086f9c4873cc7e6265b7c
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
6f187aadf15d1e2c4492b48429656c40b3ae4eb139b1b0a5eaa1332586f152f2
70acaad5a88b0640f98caeb63133bf5e271d710158ac3844bd9935d1c1231640
729df9f410ff2d213c922a41cf67e0e6871c30b42385720e27333109a087e046
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73c4a685ecbdfc4b0a0eab7ce9d2c53107456aef8aaf21c42466437fa03b7f06
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7601dc37799101cb59fd4286c2ccf863e9a0e5599d2e39e6bfb977729bd88c8e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
80e9d68f9a8a7120fb28beb530eda1e046c7f2ba986108dc3d0832b8b41d0393
80f314f2be12995ec9badad6d0ae7a48cd3a72bd87b72e4216cc26cdeb05cfb6
8123647776b78318bac540672281ab42cbb607d4369d90eaf8232d3f3999cfcd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856ac0fc21af484f3c9548199a0078ef70d57b580d186c25db8527394e6dd152
85d723836386e4112e75b3557a11adbc9655f01011ab1a80afb91211d267f44c
876e13e576923df52c6d877e76ff318edc4be2369cb9052646b7327557394464
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
8a6c45a420102d5aaf3badf3949e984fe9d66d788cedffb6451568ce7bfec96c
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9319494d1a29700c2fbd8768baa8c9b9038b30ff3c91218029153dfbb273181d
93b0a9157ad681abf042372dc212a1de60dfbb910ce751a4a7803cba7121bac3
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9738044857e8dc992a28268ada64e78e8f6095e1ad6c1df1260fcb1bd04563a1
9b51a836ae7316739f0c4ff04aa3f769b13f1700b512d7d8c36334b30400c863
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7
9c568b90c053eead7e8b550d62178753e4206048853c461bc9f77d26d8e60e14
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a4d417eee5d11dbdeb66ad029a0f4ca0d1910db235c29c5ea684822532fb70
a0ffe316dd4c1077d25a5047aef8cf5cc5d9dc13367bb7a395ce99ad6122b5d0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ffed190a7ea36dd6b98e73a7663e84d8a5cf5aed7bb788380895ca29fa23ed
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
acc29ee48cfb18f75d06dc7f21f8ebdfc2b516a5ccd412630916f993cd896bf2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b698a2b5ec66fb84f316ecbb7aa89c6a440dd84d8a3f0d74a0d0c8503da5e265
b760e50c6e98edf85a10979af93355e821d3e09826430a1363c881cec0bcec99
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
ba9dfb9279f25eacc3eab71b4261a5bd036145eaf9b9ce6c197607111f675c2b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdfc8b08482e3691e3650f7e4d66a0e554f2f1fe983048caf3631f32aad48b78
be3d5f80bc50b26188d62dcb665657378588c1ed8ac472579203433b8f4d9102
c059f1e8343e304a52f6dcca2f18dde140312e3ff2cbd7cb6a74bab4f7f5863e
c2fd2385572554e2fdad194d4143c52550096f624afc782069a3ecbf7a647437
c4465fb196d3f4453c794333627f3f64dbf194943603908f289c37c08f5b98f0
c543985155ec9d4a38342a017e372037db393e26e3c16a291f9eee793f6b93a0
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cca7de749081f0868084e09b6a38da49b164256d750edbb5e873c7faad7a1473
d09f5218e36211e885a46e71fbb22e837045f014f01a37856d04d08719d805dc
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d396b523e99c1b5183cd448012c20ae6a31c23bc82c892d01e6407f9b57a12b8
d3d51a8a1497c0ac4985a8caf8a13f51b62a0ca2509412c992ee45d358f28af7
d41a49cc73c39409aa92484fc91b51c036a2d375b503f8e783b4da5920a0f78d
d62e5b787e64fe71fc85ae0a2f3f54c31c81199234792aa584a8952a7b6c31d2
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
dafa6b54913c182eac7badf529d5722e41ef262723ce2bd4eda1ca2ed9538491
dc04242a405180168f69f3511895f4ddb85b590880f65ce73d3300ea5b9e82dc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddddf95da39eff0113e52d9ee1629adae2a5f8644043661b6e3959dcdc671f8d
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
e249297b9fd3c953b76b6ec838197f731957631d02f51af50b052cda2910f741
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f1fdadde06d2446e18faf5115c44b382d1ddde082a7af3719f961db76ddab
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927
f92c0d25094e0daa52af343b0e47602ee822be47391110a199beeb7eb2270380
f9409a6da72fadffd9c2e43b8a9099f1c33e2c3a21c48a07e1d3be04a53f0588
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd6a637d7dd3b025abe1b78f89b3c4296d2789b4f47dbcf87bc9c43afe382375
fec21a05e6e8c47ab1730a94d620bbd76eaa92849c15dfc7cb3b5c9b057a8753