www.themarysue.com Open in urlscan Pro
2606:4700:20::681a:9bc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://themarysue.com/
Effective URL:
https://www.themarysue.com/
Submission Tags: tranco_l324
Submission: On October 28 via api (October 28th 2021, 8:58:57 am UTC) from DE — Scanned from DE

Summary HTTP 165 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 49 IPs in 9 countries across 43 domains to perform 165 HTTP transactions. The main IP is 2606:4700:20::681a:9bc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.themarysue.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 10th 2021. Valid for: a year.

This is the only time www.themarysue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:45fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:9bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:10:... 2606:4700:10::6816:3a6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:10:... 2606:4700:10::ac43:1906	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:170... 2a02:26f0:1700:11::b856:679a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.219.42 35.186.219.42	15169 (GOOGLE) (GOOGLE)
3	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02)
1 3	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
5	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	2a02:26f0:170... 2a02:26f0:1700:781::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
4	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
2	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:215... 2600:9000:2156:4c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:215... 2600:9000:2156:a600:11:2a6a:9480:93a1	16509 (AMAZON-02) (AMAZON-02)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:8bc::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	75.101.244.20 75.101.244.20	14618 (AMAZON-AES) (AMAZON-AES)
2	54.154.45.254 54.154.45.254	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:6000:16:f82a:8600:93a1	16509 (AMAZON-02) (AMAZON-02)
4	184.30.25.51 184.30.25.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
16	143.204.98.107 143.204.98.107	16509 (AMAZON-02) (AMAZON-02)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
2	175.41.171.176 175.41.171.176	16509 (AMAZON-02) (AMAZON-02)
2	35.83.59.198 35.83.59.198	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	52.25.225.148 52.25.225.148	16509 (AMAZON-02) (AMAZON-02)
1	54.149.90.128 54.149.90.128	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
2 13	35.164.229.85 35.164.229.85	16509 (AMAZON-02) (AMAZON-02)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	52.30.222.33 52.30.222.33	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	52.58.124.95 52.58.124.95	16509 (AMAZON-02) (AMAZON-02)
1	54.189.240.181 54.189.240.181	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:215... 2600:9000:2156:c400:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	18.214.157.113 18.214.157.113	14618 (AMAZON-AES) (AMAZON-AES)
1 1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
2 2	52.213.37.66 52.213.37.66	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
2	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
165	49

1 2606:4700:20::ac43:45fa (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

themarysue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9bc (United States)

ASN13335 (CLOUDFLARENET, US)

www.themarysue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::6816:3a6e (United States)

ASN13335 (CLOUDFLARENET, US)

am23.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am24.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am21.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:1906 (United States)

ASN13335 (CLOUDFLARENET, US)

am22.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:11::b856:679a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.219.42 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 42.219.186.35.bc.googleusercontent.com

profusesupport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.110 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

ads.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.86 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.134 (United States) 1 redirects

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

themarysue.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:781::f09 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.51 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:4c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:a600:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:8bc::26e5 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 75.101.244.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-244-20.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.45.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-45-254.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:6000:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.25.51 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.209.56 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 143.204.98.107 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-107.fra50.r.cloudfront.net

cmp-consent-tool.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 175.41.171.176 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-171-176.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.83.59.198 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-59-198.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.225.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-225-148.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.149.90.128 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-90-128.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.37 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.164.229.85 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-229-85.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.222.33 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-222-33.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.124.95 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-124-95.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.189.240.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-240-181.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c400:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.157.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-157-113.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.37.66 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-37-66.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.110 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (Ascension Island)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.98.64 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

fancyactivity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	mediaite.com am23.mediaite.com am22.mediaite.com am24.mediaite.com am21.mediaite.com	440 KB
21	privacymanager.io gdpr-wrapper.privacymanager.io gdpr.privacymanager.io cmp-consent-tool.privacymanager.io	530 KB
17	ad.gt 2 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	22 KB
17	postrelease.com jadserve.postrelease.com	11 KB
8	brainlyads.com hb.brainlyads.com	337 KB
8	teads.tv a.teads.tv s8t.teads.tv sync.teads.tv Failed t.teads.tv	134 KB
7	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	148 KB
6	google-analytics.com www.google-analytics.com	22 KB
6	powerad.ai powerad.ai reporting.powerad.ai	78 KB
6	disqus.com 1 redirects disqus.com themarysue.disqus.com	7 KB
4	pubmatic.com 2 redirects ads.pubmatic.com image2.pubmatic.com	114 KB
4	facebook.net connect.facebook.net	193 KB
4	googletagmanager.com www.googletagmanager.com	140 KB
4	cookiebot.com consent.cookiebot.com consentcdn.cookiebot.com	82 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	adthrive.com ads.adthrive.com	238 KB
3	onesignal.com cdn.onesignal.com onesignal.com	73 KB
3	themarysue.com 1 redirects themarysue.com www.themarysue.com	26 KB
2	fancyactivity.com fancyactivity.com	651 B
2	smartadserver.com 1 redirects sync.smartadserver.com	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	openx.net 2 redirects u.openx.net	876 B
2	360yield.com 2 redirects ad.360yield.com	681 B
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	961 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	zprk.io pixel.zprk.io	6 KB
2	adsafeprotected.com static.adsafeprotected.com	499 B
2	quantcount.com rules.quantcount.com	873 B
2	ntv.io s.ntv.io	226 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
1	advertising.com adserver.adtech.advertising.com
1	googlesyndication.com tpc.googlesyndication.com	3 KB
1	taboola.com trc.taboola.com	229 B
1	mathtag.com 1 redirects sync.mathtag.com	652 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	contextweb.com 1 redirects bh.contextweb.com	422 B
1	chartbeat.net ping.chartbeat.net	201 B
1	chartbeat.com static.chartbeat.com	14 KB
1	facebook.com www.facebook.com	313 B
1	sonobi.com sync.go.sonobi.com	474 B
1	aufp.io aufp.io	3 KB
1	profusesupport.com profusesupport.com	30 KB
165	43

	Domain	Requested by
17	jadserve.postrelease.com	s.ntv.io www.themarysue.com
16	cmp-consent-tool.privacymanager.io	gdpr.privacymanager.io cmp-consent-tool.privacymanager.io
13	ids.ad.gt	2 redirects www.themarysue.com
10	am24.mediaite.com	www.themarysue.com
8	hb.brainlyads.com	powerad.ai www.themarysue.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	am22.mediaite.com	www.themarysue.com
6	am23.mediaite.com	www.themarysue.com
5	themarysue.disqus.com	www.themarysue.com am24.mediaite.com themarysue.disqus.com
4	t.teads.tv	www.themarysue.com
4	powerad.ai	am22.mediaite.com powerad.ai consent.cookiebot.com
4	connect.facebook.net	www.themarysue.com connect.facebook.net p.ad.gt
4	am21.mediaite.com	www.themarysue.com
4	www.googletagmanager.com	www.themarysue.com powerad.ai www.googletagmanager.com
3	cm.g.doubleclick.net	2 redirects www.themarysue.com
3	securepubads.g.doubleclick.net	ads.adthrive.com securepubads.g.doubleclick.net
3	gdpr-wrapper.privacymanager.io	ads.adthrive.com gdpr.privacymanager.io
3	sb.scorecardresearch.com	1 redirects www.themarysue.com
3	ads.adthrive.com	www.themarysue.com ads.adthrive.com
2	fancyactivity.com	profusesupport.com
2	sync.smartadserver.com	1 redirects
2	dpm.demdex.net	2 redirects
2	u.openx.net	2 redirects
2	ad.360yield.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	image2.pubmatic.com	2 redirects
2	match.adsrvr.org	2 redirects
2	secure.adnxs.com	2 redirects
2	a.ad.gt	www.themarysue.com
2	pixel.zprk.io	powerad.ai
2	ads.pubmatic.com	www.themarysue.com
2	reporting.powerad.ai	powerad.ai
2	sync.teads.tv	s8t.teads.tv consent.cookiebot.com
2	gdpr.privacymanager.io	gdpr-wrapper.privacymanager.io cmp-consent-tool.privacymanager.io
2	static.adsafeprotected.com	www.themarysue.com profusesupport.com
2	rules.quantcount.com	secure.quantserve.com consent.cookiebot.com
2	s.ntv.io	am22.mediaite.com consent.cookiebot.com
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	cdn.onesignal.com	www.themarysue.com cdn.onesignal.com
2	consent.cookiebot.com	www.themarysue.com consent.cookiebot.com
2	www.themarysue.com	www.themarysue.com
1	adserver.adtech.advertising.com	profusesupport.com
1	tpc.googlesyndication.com	profusesupport.com
1	trc.taboola.com
1	sync.mathtag.com	1 redirects
1	token.rubiconproject.com
1	bh.contextweb.com	1 redirects
1	ping.chartbeat.net
1	static.chartbeat.com	www.themarysue.com
1	www.facebook.com	www.themarysue.com
1	pixels.ad.gt	p.ad.gt
1	sync.go.sonobi.com	www.themarysue.com
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	stats.g.doubleclick.net	www.google-analytics.com
1	s8t.teads.tv	a.teads.tv
1	pixel.quantserve.com	www.themarysue.com
1	onesignal.com	cdn.onesignal.com
1	a.teads.tv	am22.mediaite.com
1	disqus.com	1 redirects
1	secure.quantserve.com	www.themarysue.com
1	profusesupport.com	www.themarysue.com
1	themarysue.com	1 redirects
165	63

This site contains links to these domains. Also see Links.

Domain
www.beeswax.com
www.nativo.com
smartadserver.com
www.cookiebot.com
www.quantcast.com
policies.google.com
www.scorecardresearch.com
www.improvedigital.com
www.appnexus.com
www.thetradedesk.com
pulsepoint.com
www.adobe.com
www.mediamath.com
www.openx.com
pubmatic.com
www.facebook.com
chartbeat.com
www.taboola.com
www.adthrive.com
twitter.com
facebook.com
www.instagram.com
themarysue.tumblr.com
www.youtube.com
shop.spreadshirt.com
shop.themarysue.com
themarysue.us9.list-manage.com
www.dan-abrams.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-10` - `2022-02-09`	a year	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
profusesupport.com R3	`2021-09-03` - `2021-12-02`	3 months	crt.sh
*.adthrive.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2021-08-13` - `2022-09-14`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2020-11-23` - `2021-12-25`	a year	crt.sh
*.zprk.io DigiCert TLS RSA SHA256 2020 CA1	`2020-12-11` - `2021-12-15`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
fancyactivity.com R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.themarysue.com/
Frame ID: ACBE6D391D96C2D58C98F69779F02014
Requests: 134 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: 792EC36F7B19840DFD5E8D913DC04697
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 8E875C61DA9C550A7D5A8E0EED4A4AD6
Requests: 2 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: EEDFD5BFD6B624BD093EB6A4856FAFE8
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: 71F6351EC639DB04441A3C69AF51600A
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 25EBFD08D386199B5A86D9754FF5710D
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 0302C722FF956A517DF38FE2147D7ECD
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: BE24D8B831580771BD2815E615A27504
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 3543C68AE2EFE470B3BAC863885A13AF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: 0D4CB2C3B9B355CBD7A58584FFBBC583
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 887EE2FD43380BFDF57F290E0FA0F6DF
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 45794453B1578BD6985721E36EC16C2C
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 40D46763E157A1A76869805C1BB919F6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: D314FBFC39BDFED4EE0BF5814440B0F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Mary Sue - The Nexus of Pop Culture and the Uncharted UniverseTwitterTwittermascot-7The Mary Sue

Page URL History Show full URLs

http://themarysue.com/ HTTP 301
https://www.themarysue.com/ Page URL

Page Statistics

165
Requests

90 %
HTTPS

36 %
IPv6

43
Domains

63
Subdomains

49
IPs

9
Countries

2891 kB
Transfer

9034 kB
Size

69
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.beeswax.com/cookies/
Title: Beeswax

Search URL Search Domain Scan URL

URL: https://www.nativo.com/privacy-policy
Title: Nativo

Search URL Search Domain Scan URL

URL: http://smartadserver.com/company/privacy-policy/
Title: Smart Adserver

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.quantcast.com/privacy/
Title: Quantcast

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google

Search URL Search Domain Scan URL

URL: http://www.scorecardresearch.com/privacy.aspx?newlanguage=1
Title: Scorecardresearch

Search URL Search Domain Scan URL

URL: https://www.improvedigital.com/privacy-policy/
Title: Improve Digital

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/en/company/privacy-policy
Title: Appnexus

Search URL Search Domain Scan URL

URL: https://www.thetradedesk.com/general/privacy-policy
Title: The Trade Desk

Search URL Search Domain Scan URL

URL: https://pulsepoint.com/legal/website-privacy-policy
Title: Pulsepoint

Search URL Search Domain Scan URL

URL: https://www.adobe.com/privacy.html
Title: Adobe Inc

Search URL Search Domain Scan URL

URL: https://www.adobe.com/uk/privacy.html
Title: Adobe

Search URL Search Domain Scan URL

URL: http://www.mediamath.com/privacy-policy/
Title: Mediamath

Search URL Search Domain Scan URL

URL: https://www.openx.com/legal/privacy-policy/
Title: Openx

Search URL Search Domain Scan URL

URL: https://pubmatic.com/legal/privacy-policy/
Title: Pubmatic

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php
Title: Facebook

Search URL Search Domain Scan URL

URL: https://chartbeat.com/privacy/
Title: Chartbeat

Search URL Search Domain Scan URL

URL: https://www.taboola.com/privacy-policy
Title: Taboola

Search URL Search Domain Scan URL

URL: https://www.adthrive.com/privacy/
Title: Adthrive

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://twitter.com/TheMarySue
Title: Twitter

Search URL Search Domain Scan URL

URL: https://facebook.com/TheMarySue

Search URL Search Domain Scan URL

URL: https://www.instagram.com/themarysue/

Search URL Search Domain Scan URL

URL: http://themarysue.tumblr.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheMarySueTube

Search URL Search Domain Scan URL

URL: https://shop.spreadshirt.com/TheMarySue
Title: Store

Search URL Search Domain Scan URL

URL: http://shop.themarysue.com/
Title: Gizmos and Gadgets

Search URL Search Domain Scan URL

URL: https://themarysue.us9.list-manage.com/subscribe?u=80d42b1145bf804fa20df628b&id=4a0945498c
Title: Want even more TMS goodness? Sign up for The Mary Sue Newsletter & get it delivered on the daily.

Search URL Search Domain Scan URL

URL: http://www.dan-abrams.com/
Title: Dan Abrams, Founder

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://themarysue.com/ HTTP 301
https://www.themarysue.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://disqus.com/forums/themarysue/count.js HTTP 302
https://themarysue.disqus.com/count.js

Request Chain 24

https://sb.scorecardresearch.com/b?c1=2&c2=9304643&ns__t=1635411529188&ns_c=UTF-8&cv=3.5&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c7=https%3A%2F%2Fwww.themarysue.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9304643&ns__t=1635411529188&ns_c=UTF-8&cv=3.5&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c7=https%3A%2F%2Fwww.themarysue.com%2F&c9=

Request Chain 120

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&adnxs_id=4457511829308199002

Request Chain 121

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=43abdd62-181c-4c82-af0f-ab710bf06525&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

Request Chain 122

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=26D0F575-B6E3-4394-BE42-04CBFC8DE7EC&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&google_gid=CAESEOiKgfbY744IIc9PnlVlQcY&google_cver=1&google_ula=450542624,0

Request Chain 124

https://ids.ad.gt/api/v1/g_hosted?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NGUwZmM3OTAtZWNhZi00ZDZlLWIyMmQtMWZhM2UwMzliNDQz

Request Chain 125

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 303
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&_bee_ppp=1 HTTP 303
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAD0WU7C9M0AABxZAb1wvw&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

Request Chain 127

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&impr_uid=1506e538-3ec0-4b4c-902c-15596cfab9e6

Request Chain 133

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=edff2d1d-f5fd-49d2-8b75-0744c27536de&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

Request Chain 156

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=efWHfHQivuUr&ev=1&pid=562316&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

Request Chain 157

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=48567410698059296672055509174565730399&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

Request Chain 158

https://ids.ad.gt/api/v1/rub?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://token.rubiconproject.com/token?pid=50242&puid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&gdpr=0

Request Chain 159

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443%26sas_uid%3D%5bsas_uid%5d HTTP 302
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&sas_uid=[sas_uid]&cklb=1

Request Chain 160

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443 HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=e7b8617a-664c-4200-8010-bf57679277e3&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

165 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.themarysue.com/
Redirect Chain

http://themarysue.com/
https://www.themarysue.com/

116 KB
24 KB

631ms
601ms

Document
text/html

2606:4700:20::681a:9bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.themarysue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c6be2f6b202a8b39ea2cc4fffdf062a417df4f5d745c989bf66eb10793ff75a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-type: text/html; charset=UTF-8
last-modified: Thu, 28 Oct 2021 08:56:56 GMT
cache-control: max-age=3, must-revalidate
expires: Thu, 28 Oct 2021 08:58:06 GMT
vary: Accept-Encoding,Cookie
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOsALgpSfTzLGE6LGYOFfUIlWrsBJCr7w1h2jdvG%2BAt55URlORodsqdErcwS74Z95BkYffK7lbczC2Cn7yxfz3Mzn1QJTRnrM3rJSmaxWDz83YSujSUAnDjBt1xpwEmq4PTfr5Xl4iO3l7ok7%2Bpb4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a52f6e499d163f5-FRA
content-encoding: br

Redirect headers

Date: Thu, 28 Oct 2021 08:58:48 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.themarysue.com/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wQ%2F5qR6U8J7JHZcc8eP4YO5ELN4qgQZMskeeManyzqfXA1i98DoNhuvOzrG7Jgqsq%2FyyhtCyQfmcyqt%2FcccGtgOPmUEiINZzbilTDpycjfAt%2B6QQXXYx0i5Sct%2FnezTl9GKAWUDqeqetvBL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6a52f6e27d035c50-FRA

GET
H2 200 am-asap-500.woff2
am23.mediaite.com/tms/cnt/themes/m2019-tms/fonts/ 12 KB
12 KB 70ms
41ms Font
font/woff2 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am23.mediaite.com/tms/cnt/themes/m2019-tms/fonts/am-asap-500.woff2?2107011725
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f

Request headers

Referer: https://www.themarysue.com/
Origin: https://www.themarysue.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 558017
content-length: 11880
pragma: public
last-modified: Thu, 01 Jul 2021 21:25:53 GMT
server: cloudflare
etag: "60de32e1-2e68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e8accb1f15-FRA
expires: Thu, 28 Oct 2021 21:58:32 GMT

GET
H2 200 am-asap-500i.woff2
am23.mediaite.com/tms/cnt/themes/m2019-tms/fonts/ 12 KB
13 KB 55ms
26ms Font
font/woff2 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am23.mediaite.com/tms/cnt/themes/m2019-tms/fonts/am-asap-500i.woff2?2107011725
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083

Request headers

Referer: https://www.themarysue.com/
Origin: https://www.themarysue.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 558017
content-length: 12764
pragma: public
last-modified: Thu, 01 Jul 2021 21:25:53 GMT
server: cloudflare
etag: "60de32e1-31dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e8accc1f15-FRA
expires: Thu, 28 Oct 2021 21:58:32 GMT

GET
H2 200 crit-main.min.css
am22.mediaite.com/tms/cnt/themes/m2019-tms/css/min/ 44 KB
11 KB 56ms
22ms Stylesheet
text/css 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am22.mediaite.com/tms/cnt/themes/m2019-tms/css/min/crit-main.min.css?2110202027
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15db83d6728f1bdc23d52cdd90b055b7f5d5bd01b116d4d98d0c89a0e5fdfaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Oct 2021 00:27:22 GMT
server: cloudflare
age: 29878
etag: W/"6170b3ea-b096"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 6a52f6e8be2fd6e1-FRA
expires: Thu, 04 Nov 2021 00:40:51 GMT

GET
H2 200 def-main.min.css
am24.mediaite.com/tms/cnt/themes/m2019-tms/css/min/ 290 B
357 B 59ms
30ms Stylesheet
text/css 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am24.mediaite.com/tms/cnt/themes/m2019-tms/css/min/def-main.min.css?2110151600
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 15 Oct 2021 20:00:12 GMT
server: cloudflare
age: 478680
etag: W/"6169ddcc-122"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 6a52f6e8ae6b4ee6-FRA
expires: Fri, 29 Oct 2021 20:00:49 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 90 KB
28 KB 56ms
10ms Script
application/javascript 2a02:26f0:1700:11::b856:679a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:679a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3269900957596b797ed22998c3ecebc6d76fc59144716c4c196f33307627b776

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 08:01:15 GMT
server: Microsoft-IIS/10.0
etag: "6c8cc17dbfc4d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=533
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 27966
expires: Thu, 28 Oct 2021 09:07:42 GMT

GET
H2 200 min.js Show response
am22.mediaite.com/tms/cnt/themes/m2019-tms/js/ 13 KB
5 KB 49ms
16ms Script
application/javascript 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am22.mediaite.com/tms/cnt/themes/m2019-tms/js/min.js?2108231028
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f15a846fbfbe84214000cd7d0f21261e7c7ccdca3cc1eb5edb0019128f47fc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 14:28:13 GMT
server: cloudflare
age: 237958
etag: W/"6123b07d-33df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 6a52f6e8be31d6e1-FRA
expires: Mon, 01 Nov 2021 14:52:51 GMT

GET
H2 200 flying-focus.js Show response
am23.mediaite.com/tms/cnt/themes/m2019-tms/js/ 4 KB
2 KB 28ms
25ms Script
application/javascript 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am23.mediaite.com/tms/cnt/themes/m2019-tms/js/flying-focus.js?2108231028
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceedb3a311e1610e2e62c405b618d40560bd0f068cdf86cfb5bab4cf68e385ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 14:28:13 GMT
server: cloudflare
age: 276575
etag: W/"6123b07d-ecb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 6a52f6e8eef54ee6-FRA
expires: Mon, 01 Nov 2021 04:09:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 47ms
19ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-21433528-1

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

062c6e6703e87cfef79d10a9d31ad244c67d131a575a0704404961da139526f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35786
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Oct 2021 08:58:49 GMT

GET
H2 200 pmpromc.css
am24.mediaite.com/tms/cnt/plugins/pmpro-mailchimp/css/ 220 B
478 B 58ms
29ms Stylesheet
text/css 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am24.mediaite.com/tms/cnt/plugins/pmpro-mailchimp/css/pmpromc.css?ver=5.8.1
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7a013acd7bc1d7d1af8726274c7c9248318846ac1eed864faf22656ba4d6f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 11:12:11 GMT
server: cloudflare
age: 598419
etag: W/"603f6f0b-dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 6a52f6e8ae724ee6-FRA
expires: Thu, 28 Oct 2021 10:45:10 GMT

GET
H2 200 women-of-marvel-avengers-endgame-432x243.jpg
am24.mediaite.com/tms/cnt/uploads/2019/07/ 19 KB
19 KB 26ms
22ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am24.mediaite.com/tms/cnt/uploads/2019/07/women-of-marvel-avengers-endgame-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79d5c49594f04eba68e6b04f85a799145411151977221f02affbf6a60e03eebe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 47837
content-length: 19177
pragma: public
last-modified: Wed, 17 Jul 2019 19:40:07 GMT
server: cloudflare
etag: "5d2f7997-4ae9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 19:41:32 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e8eef14ee6-FRA
cf-bgj: h2pri

GET
H2 200 jaime-mcguire-book-adaptation-news-racist-432x243.jpg
am24.mediaite.com/tms/cnt/uploads/2021/10/ 28 KB
28 KB 19ms
16ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am24.mediaite.com/tms/cnt/uploads/2021/10/jaime-mcguire-book-adaptation-news-racist-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7dc07bea8ecb82e25b395b2e712dc67e9bb8570db3c61129644a7f3db642d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 16733
content-length: 28921
pragma: public
last-modified: Tue, 26 Oct 2021 21:26:29 GMT
server: cloudflare
etag: "61787285-70f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 04 Nov 2021 04:19:56 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e8eef34ee6-FRA
cf-bgj: h2pri

GET
H2 200 promo-gossip.jpg
am21.mediaite.com/tms/cnt/themes/m2019-tms/images/ 4 KB
4 KB 28ms
17ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am21.mediaite.com/tms/cnt/themes/m2019-tms/images/promo-gossip.jpg?v=1
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65c575e04d96e4965bcd2edb9495512dc26169fadadecde00709eaca79ac6971

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 278523
content-length: 3659
pragma: public
last-modified: Mon, 14 Oct 2019 15:08:43 GMT
server: cloudflare
etag: "5da48f7b-e4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 01 Nov 2021 03:36:46 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e8ff0a4ee6-FRA
cf-bgj: h2pri

GET
H2 200 email-decode.min.js Show response
www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
8ms Script
application/javascript 2606:4700:20::681a:9bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
etag: W/"616eb975-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHLM8ayFU4Mj5qsROY%2BgKF9ROQt0Xvm1UTtakc%2F8CdhgrosJvuiHR8shosYBOqMNb%2Ba17wlrqj9HwBF7jrQodPl0s1gNugvfXtonrj6%2FmQ5PWtT3bLwm67dmVe5bl8xZli71iXGrakKNszfF%2F9tlYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a52f6e8ea8e63f5-FRA
vary: Accept-Encoding
expires: Sat, 30 Oct 2021 08:58:49 GMT

GET
H2 200 comment_count.js Show response
am24.mediaite.com/tms/cnt/plugins/disqus-comment-system/public/js/ 889 B
597 B 20ms
16ms Script
application/javascript 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am24.mediaite.com/tms/cnt/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2019 08:40:52 GMT
server: cloudflare
age: 79299
etag: W/"5c91fc94-379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 6a52f6e8eeed4ee6-FRA
expires: Wed, 03 Nov 2021 10:57:10 GMT

GET
H2 200 wp-embed.min.js Show response
am22.mediaite.com/tms/inc/js/ 1 KB
904 B 22ms
18ms Script
application/javascript 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am22.mediaite.com/tms/inc/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 11:13:32 GMT
server: cloudflare
age: 598419
etag: W/"603f6f5c-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 6a52f6e8ee80d6e1-FRA
expires: Thu, 28 Oct 2021 10:45:10 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 43ms
14ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 918
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a52f6e90d384339-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 31 Oct 2021 08:58:49 GMT

GET
H2 200 xhxHt9Ql2QWX7SLo32xJmfVhOwoZRLLNDUA5dEwg2L-XmK-G5ahD6owqYy0BTyPkqHiBqj_Jc0Whw Show response
profusesupport.com/v2/0/ 103 KB
30 KB 290ms
253ms Script
text/javascript 35.186.219.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://profusesupport.com/v2/0/xhxHt9Ql2QWX7SLo32xJmfVhOwoZRLLNDUA5dEwg2L-XmK-G5ahD6owqYy0BTyPkqHiBqj_Jc0Whw

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

42.219.186.35.bc.googleusercontent.com

Software

Resource Hash

0144d5a215fee94ebec7db648bfd91d4e3a1579c6c2550167fd645027fad5a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "a0d5f623eebd6181a7a62bfc47e8adc3c3d7e2f5d2c6f8797d9659280e66e654"
vary: Accept-Encoding, Accept-Language
x-hostname: c20f6cd1
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Thu, 28 Oct 2021 08:58:49 GMT
timing-allow-origin: *

GET
H2 200 ads.min.js Show response
ads.adthrive.com/sites/5ac64c44fdf4d60603abe69d/ 48 KB
11 KB 55ms
22ms Script
application/javascript 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/5ac64c44fdf4d60603abe69d/ads.min.js?referrer=https%3A%2F%2Fwww.themarysue.com%2F&threshold=31
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 39304c3f8317ca87e8deb98f247236d0a86e4a68a156dee7fbe8ae671441ed99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

adthrive-bucket: flex-02:con
date: Wed, 27 Oct 2021 15:21:24 GMT
content-encoding: gzip
adthrive-deployment: ad-1193:pr1900:flex-02:dbbdf75:con
age: 63445
adthrive-commit: 3989f9b
x-cache: Hit from cloudfront
content-length: 11164
adthrive-pathname
server: CloudFront
vary: Accept-Encoding,Referer
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=3600, s-maxage=86400
x-amz-cf-pop: FRA50-C1
access-control-allow-origin: *
x-amz-cf-id: Ua0rLkbT50rcEfIlhey2eCbjTJzxnOTILsV5tLWQiS1uVB-o99QXgg==
adthrive-hostname: www.themarysue.com

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 40ms
11ms Script
application/javascript 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 02:29:28 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 23362
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: xycrqi3Z0JtFzLRQNLw6fXj339ElP0dgyTDB80ru99vyWv38aflYrg==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

305bf3d9ed3814325d8fc60edb431fb1b7e83ba8d9ef2039292ab312c14295ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: PeXgf37uP8bKcKKuCEPP5A==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: GgPmA09j74ajuZRHExlAFQTnpe349y7mqbW3NnVPV1qFrbjrHUTrvheKdHbIfEMK6uL5D5gurVbdqHj/kjFx1g==
x-fb-trip-id: 2050670934
x-fb-content-md5: 1f8b12a3d2dac1e31a6419d43f16fdbc
x-frame-options: DENY
date: Thu, 28 Oct 2021 08:58:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0c7510bc66f589850feda43e61666b42"
timing-allow-origin: *
expires: Thu, 28 Oct 2021 08:59:41 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 53ms
10ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
etag: "f5gpBRZmwYYTVm3LkZ0l2w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 04 Nov 2021 08:58:49 GMT

GET
H/1.1

200
OK

count.js Show response
themarysue.disqus.com/
Redirect Chain

https://disqus.com/forums/themarysue/count.js
https://themarysue.disqus.com/count.js

1 KB
2 KB

6ms
6ms

Script
application/javascript

199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://themarysue.disqus.com/count.js

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

HTTP/1.1

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 172
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 21 Oct 2021 01:03:12 GMT
Server: nginx
ETag: "6170bc50-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: 3546XzkdZRktpwl7xeBD1ZdaOhMWQsHZRDmbRgTLCPxTc6wpGs_tjQ==

Redirect headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
Server: Varnish
Strict-Transport-Security: max-age=300; includeSubdomains
Location: https://themarysue.disqus.com/count.js
Cache-Control: public, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0

GET
H/1.1 200
OK count.js Show response
themarysue.disqus.com/ 1 KB
2 KB 40ms
6ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://themarysue.disqus.com/count.js

Requested by

Host: am24.mediaite.com
URL: https://am24.mediaite.com/tms/cnt/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 172
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 21 Oct 2021 01:03:12 GMT
Server: nginx
ETag: "6170bc50-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: 3546XzkdZRktpwl7xeBD1ZdaOhMWQsHZRDmbRgTLCPxTc6wpGs_tjQ==

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 15ms
15ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 15
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a52f6e96dff4339-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 31 Oct 2021 08:58:49 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9304643&ns__t=1635411529188&ns_c=UTF-8&cv=3.5&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c7=https%3A%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=9304643&ns__t=1635411529188&ns_c=UTF-8&cv=3.5&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c7=https%3A%2...

64 B
330 B

10ms
10ms

Image
image/gif

143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9304643&ns__t=1635411529188&ns_c=UTF-8&cv=3.5&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c7=https%3A%2F%2Fwww.themarysue.com%2F&c9=
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Server: 143.204.98.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ebHP2uQoAvdXpUKYFO2u_PEkHRRQGAGTqaWhy6kxN50e8NwvCSa12w==

Redirect headers

date: Thu, 28 Oct 2021 08:58:49 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=9304643&ns__t=1635411529188&ns_c=UTF-8&cv=3.5&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c7=https%3A%2F%2Fwww.themarysue.com%2F&c9=
content-length: 248
x-amz-cf-id: 7fKYVlXYeC8nehW5dBNhMa5FkRHQ-olGEINZIoLGc4YYR_lz2EjnIw==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 266 KB
76 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=876f9efacdefdfc18a69bd41e77f2c44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71f950aafef6200daf6c96c7627830f94335dc378d1bec0c838517d46c2d3e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.themarysue.com/
Origin: https://www.themarysue.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XU//9vNNbmHkls3G8/TTJQ==
cross-origin-resource-policy: cross-origin
expires: Fri, 28 Oct 2022 08:39:42 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76637
x-fb-rlafr: 0
x-fb-debug: LEEVboil8ZHrqV/qBXw+dhJTjtJ38RCitmMiVOJuXmthyyrym/QCSZsnfYtDeEvghQVJXefQG9RHXwrG3y4HgQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 616d1f21801c234eb3965dd76cf21310
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 28 Oct 2021 08:58:49 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3e256c5c7c593ac25122c2b27b96c399"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 bc-v3.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 792E 2 KB
1 KB 33ms
7ms Document
text/html 2a02:26f0:1700:781::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:781::f09 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified: Tue, 09 Mar 2021 09:55:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=274
expires: Thu, 28 Oct 2021 09:03:23 GMT
date: Thu, 28 Oct 2021 08:58:49 GMT
content-length: 895
server-timing: cdn-cache; desc=HIT edge; dur=1

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/506f50d7-d660-4f15-b95d-bbbbc0f7577e/themarysue.com/ 2 KB
1 KB 33ms
8ms Script
application/x-javascript 2a02:26f0:1700:781::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/506f50d7-d660-4f15-b95d-bbbbc0f7577e/themarysue.com/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:781::f09 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 16bd8a9ac42d65385e4009deeeeb2e68cabd83ab95045445501989ab9c24ea3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 06:29:13 GMT
server: AkamaiNetStorage
etag: "8faa7d516061c6dfbbc03e5af64d0b46:1635229753.088996"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61515
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 785
expires: Fri, 29 Oct 2021 02:04:04 GMT

GET
H2 200 tag Show response
a.teads.tv/page/11449/ 687 B
644 B 81ms
43ms Script
application/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/11449/tag
Requested by: Host: am22.mediaite.com
URL: https://am22.mediaite.com/tms/cnt/themes/m2019-tms/js/min.js?2108231028
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c3bbe732b7a2afa3b48f7799359c4ff436ab23355a8be2136bcfef1a8205f318

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 444
expires: Thu, 28 Oct 2021 09:58:49 GMT

GET
H/1.1 200
OK script.js Show response
powerad.ai/ 177 KB
37 KB 409ms
199ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: am22.mediaite.com
URL: https://am22.mediaite.com/tms/cnt/themes/m2019-tms/js/min.js?2108231028
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: aa04ad3dfbdba4ceb7fd0a8afa48ef5fc8dca84dd6a872fd3e13204543881737

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Oct 2021 20:31:34 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"2c2dc-17cc3736e68"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 387 KB
113 KB 57ms
24ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: am22.mediaite.com
URL: https://am22.mediaite.com/tms/cnt/themes/m2019-tms/js/min.js?2108231028
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
Content-Encoding: gzip
x-amz-request-id: 895P7GZMS448PBGC
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: E1f3G4zwvNTivmbsjwi9gTDTblbRbtJyRdbl9CMpQza/SzA88yTu1Zx0HeDBqc0Pyxav9taZuIY=
Last-Modified: Fri, 08 Oct 2021 20:59:32 GMT
Server: AmazonS3
ETag: "5cac4cabadee93ec669a5ded971f5756"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 rules-p-41YeEX_ui4Qms.js Show response
rules.quantcount.com/ 3 B
436 B 51ms
22ms Script
application/javascript 2600:9000:2156:4c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-41YeEX_ui4Qms.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:20:37 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
age: 9493
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:54:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: uazCHERspAW8vph0VhGOfl_QwL-VqEj9JLam0aWE0q9icmjeODfUrg==

GET
H2 200 adthrive.min.js Show response
ads.adthrive.com/builds/core/3989f9b/js/ 426 KB
99 KB 40ms
40ms Script
application/javascript 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/3989f9b/js/adthrive.min.js?threshold=0&deployment=ad-1193:pr1900:flex-02:dbbdf75:con&cb=1635411529231
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c44fdf4d60603abe69d/ads.min.js?referrer=https%3A%2F%2Fwww.themarysue.com%2F&threshold=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: b4bafa4a9323e8821070ebe4483001b8d3cfc76c66eb8f9ac1ffa1c1541ebbf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 14:54:41 GMT
content-encoding: gzip
server: CloudFront
age: 65048
etag: "adea8d593392d9666c3e5c8624116f98"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=3600, s-maxage=86400
x-amz-cf-pop: FRA50-C1
content-length: 100627
x-amz-cf-id: vq2OjAtoqSbOy4KIA2soqz-5MhT0l5_gpFlw1dDJlW1p-PzFVu7RAg==

GET
H2 200 1-432x243.jpg
am22.mediaite.com/tms/cnt/uploads/2021/10/ 20 KB
20 KB 33ms
32ms Image
image/jpeg 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am22.mediaite.com/tms/cnt/uploads/2021/10/1-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b46932081d665be70ad249265f8612391628b11f846135cf98f7a67aa4878b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 42821
content-length: 20565
pragma: public
last-modified: Wed, 27 Oct 2021 20:22:20 GMT
server: cloudflare
etag: "6179b4fc-5055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 21:05:07 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9dfd8d6e1-FRA
cf-bgj: h2pri

GET
H2 200 Lightyear_1-432x243.jpeg
am22.mediaite.com/tms/cnt/uploads/2021/10/ 27 KB
27 KB 17ms
16ms Image
image/jpeg 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am22.mediaite.com/tms/cnt/uploads/2021/10/Lightyear_1-432x243.jpeg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be3ea412b0d85f60229cd2ea9027587538e1dff6c18e91d7c482908b5db1f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 43777
content-length: 27951
pragma: public
last-modified: Wed, 27 Oct 2021 19:39:56 GMT
server: cloudflare
etag: "6179ab0c-6d2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 20:49:12 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9dfd9d6e1-FRA
cf-bgj: h2pri

GET
H2 200 eternals-432x243.jpg
am21.mediaite.com/tms/cnt/uploads/2021/10/ 28 KB
28 KB 23ms
22ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am21.mediaite.com/tms/cnt/uploads/2021/10/eternals-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e75e76d7f21bd9cb5f99ad1e21baa33b917057c5fe28d391eab20da593c08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 45360
content-length: 28658
pragma: public
last-modified: Wed, 27 Oct 2021 16:00:09 GMT
server: cloudflare
etag: "61797789-6ff2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 20:22:48 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8c34ee6-FRA
cf-bgj: h2pri

GET
H2 200 kenosha-jacob-blake-rittenhouse-shooting-432x243.jpg
am21.mediaite.com/tms/cnt/uploads/2020/08/ 39 KB
39 KB 31ms
30ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am21.mediaite.com/tms/cnt/uploads/2020/08/kenosha-jacob-blake-rittenhouse-shooting-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bb130ef63f527b8938940f528b072514571ecb926464af467a07bc6a3c518a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 66533
content-length: 39980
pragma: public
last-modified: Thu, 27 Aug 2020 18:26:05 GMT
server: cloudflare
etag: "5f47fabd-9c2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 14:29:56 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8c64ee6-FRA
cf-bgj: h2pri

GET
H2 200 skeletor-has-the-power-432x243.jpg
am21.mediaite.com/tms/cnt/uploads/2021/10/ 16 KB
16 KB 29ms
27ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am21.mediaite.com/tms/cnt/uploads/2021/10/skeletor-has-the-power-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df2ce576af6113dfc024ccc17e0b1b27a71a6eb021c9c3c12741271d660355e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 41366
content-length: 16278
pragma: public
last-modified: Wed, 27 Oct 2021 21:08:44 GMT
server: cloudflare
etag: "6179bfdc-3f96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 21:29:23 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8c74ee6-FRA
cf-bgj: h2pri

GET
H2 200 doc-ock-432x243.jpg
am23.mediaite.com/tms/cnt/uploads/2021/08/ 18 KB
18 KB 16ms
14ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am23.mediaite.com/tms/cnt/uploads/2021/08/doc-ock-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a34a543084f4139de897b76c2a02557e941878c0f880ec908070d6bfa98f3c5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 47837
content-length: 18743
pragma: public
last-modified: Tue, 24 Aug 2021 16:54:33 GMT
server: cloudflare
etag: "61252449-4937"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 19:41:32 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8c84ee6-FRA
cf-bgj: h2pri

GET
H2 200 Skeet-Ulrich-Scream-comedy-432x243.jpeg
am24.mediaite.com/tms/cnt/uploads/2021/10/ 16 KB
16 KB 14ms
13ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am24.mediaite.com/tms/cnt/uploads/2021/10/Skeet-Ulrich-Scream-comedy-432x243.jpeg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5a37bae2683e695d00b2610ce6c56c74ae1b5c62b08c117c27ef7ca32c00239

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 16683
content-length: 16366
pragma: public
last-modified: Wed, 27 Oct 2021 18:46:16 GMT
server: cloudflare
etag: "61799e78-3fee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 04 Nov 2021 04:20:46 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8c94ee6-FRA
cf-bgj: h2pri

GET
H2 200 Final-Destination-2-432x243.jpg
am22.mediaite.com/tms/cnt/uploads/2021/10/ 20 KB
20 KB 25ms
24ms Image
image/jpeg 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am22.mediaite.com/tms/cnt/uploads/2021/10/Final-Destination-2-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab617c5f3e849af9ead8c39d269ff73e24985fe0a082c94aa679b1e032059a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 12828
content-length: 20316
pragma: public
last-modified: Wed, 27 Oct 2021 17:34:51 GMT
server: cloudflare
etag: "61798dbb-4f5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 04 Nov 2021 05:25:01 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9dfddd6e1-FRA
cf-bgj: h2pri

GET
H2 200 face-mask-required-432x243.jpg
am24.mediaite.com/tms/cnt/uploads/2021/10/ 28 KB
28 KB 28ms
27ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am24.mediaite.com/tms/cnt/uploads/2021/10/face-mask-required-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfd350f37417bce410548c47c4b0d4bf7d34615143468287f97447255cbe70ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 56725
content-length: 28823
pragma: public
last-modified: Wed, 27 Oct 2021 16:48:05 GMT
server: cloudflare
etag: "617982c5-7097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 17:13:23 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8ca4ee6-FRA
cf-bgj: h2pri

GET
H2 200 tiger-king-image-here-we-go-432x243.jpg
am24.mediaite.com/tms/cnt/uploads/2021/10/ 22 KB
22 KB 20ms
19ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am24.mediaite.com/tms/cnt/uploads/2021/10/tiger-king-image-here-we-go-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f8e1d1844c3c55be72e5c3e03315b8c0f6f1b176c6b8296728192793d0c5cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 16683
content-length: 22597
pragma: public
last-modified: Wed, 27 Oct 2021 16:00:00 GMT
server: cloudflare
etag: "61797780-5845"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 04 Nov 2021 04:20:46 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8cb4ee6-FRA
cf-bgj: h2pri

GET
H2 200 GettyImages-1329022959-432x243.jpg
am24.mediaite.com/tms/cnt/uploads/2021/10/ 48 KB
48 KB 25ms
24ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am24.mediaite.com/tms/cnt/uploads/2021/10/GettyImages-1329022959-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6ac1c52b80ad03638f4aa250a574c947a2eb92a43bcf0afa6780e0e7979dfb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 59682
content-length: 48697
pragma: public
last-modified: Wed, 27 Oct 2021 15:36:25 GMT
server: cloudflare
etag: "617971f9-be39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 16:24:06 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8cc4ee6-FRA
cf-bgj: h2pri

GET
H2 200 dune-432x243.jpeg
am23.mediaite.com/tms/cnt/uploads/2021/10/ 15 KB
15 KB 32ms
31ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am23.mediaite.com/tms/cnt/uploads/2021/10/dune-432x243.jpeg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea94e14baf1f91cc9bc1ce2d5e2787b8e1b78d01289b167180ca2f53441ea63e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 307367
content-length: 14951
pragma: public
last-modified: Sun, 24 Oct 2021 18:49:11 GMT
server: cloudflare
etag: "6175aaa7-3a67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 19:36:02 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8cd4ee6-FRA
cf-bgj: h2pri

GET
H2 200 Idris-Knuckles-432x243.jpg
am24.mediaite.com/tms/cnt/uploads/2021/10/ 22 KB
22 KB 19ms
18ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am24.mediaite.com/tms/cnt/uploads/2021/10/Idris-Knuckles-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967d8a9ecbe1fca8fd7193d6f4f15382d2f7fc95a3684018a5259dd58ab43a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 69014
content-length: 22513
pragma: public
last-modified: Wed, 27 Oct 2021 13:21:53 GMT
server: cloudflare
etag: "61795271-57f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 Nov 2021 13:48:35 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8ce4ee6-FRA
cf-bgj: h2pri

GET
H2 200 live-action-cowboy-bepop-cast-432x243.jpg
am23.mediaite.com/tms/cnt/uploads/2021/10/ 23 KB
23 KB 26ms
25ms Image
image/jpeg 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am23.mediaite.com/tms/cnt/uploads/2021/10/live-action-cowboy-bepop-cast-432x243.jpg
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ef9182bc6e91218206be8a0ee99a8049bc8f06ebc65e0b5dbb3a2e8237de00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cf-cache-status: HIT
age: 217593
content-length: 23502
pragma: public
last-modified: Mon, 25 Oct 2021 19:40:46 GMT
server: cloudflare
etag: "6177083e-5bce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 01 Nov 2021 20:32:16 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a52f6e9d8d24ee6-FRA
cf-bgj: h2pri

GET
H2 200 web Show response
onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/ 3 KB
2 KB 24ms
15ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/0db02b7c-a211-4837-a341-fb19f5134f3b/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40df060ac7513a675044f93b6092447be7be43927472f2f064ccf4a03767b6c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3441
cf-polished: origSize=3421
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 84ed9f47-0e90-495d-87c0-3ff0564ce739
x-runtime: 0.028557
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"85c9ffff3b89dbd4f11e168220da090e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6a52f6e9ff534339-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 28 Oct 2021 09:58:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 3463
date: Thu, 28 Oct 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19747
expires: Thu, 28 Oct 2021 10:01:06 GMT

GET
H/1.1 200
OK count-data.js Show response
themarysue.disqus.com/ 906 B
1 KB 8ms
7ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://themarysue.disqus.com/count-data.js?1=560626%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D560626&1=561088%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561088&1=561093%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561093&1=561100%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561100&1=561101%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561101&1=561104%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561104&1=561119%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561119&1=561131%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561131&1=561132%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561132&1=561136%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561136

Requested by

Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

62a5aca29f40096c0bf169f8b3d5a72cbe9596d425676921fffc10b9eb138d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 404
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 906
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
themarysue.disqus.com/ 903 B
1 KB 18ms
7ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://themarysue.disqus.com/count-data.js?1=561137%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561137&1=561145%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561145&1=561149%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561149&1=561157%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561157&1=561174%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561174&1=561191%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561191&1=561196%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561196&1=561197%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561197&1=561199%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561199&1=561201%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561201

Requested by

Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

27930cfd59e7931f5df3ea2fea1823e7e9ccd2dfc035ac3f4171038da0fb0d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 404
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 903
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
themarysue.disqus.com/ 624 B
1 KB 16ms
8ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://themarysue.disqus.com/count-data.js?1=561210%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561210&1=561217%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561217&1=561243%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561243&1=561253%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561253&1=561257%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561257&1=561280%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D561280

Requested by

Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eaf208cb4c2e515e7e180ea4895c8a8319712caf5be9460e19537a2c9606a1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 417
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 624
X-XSS-Protection: 1; mode=block

GET
H2 200 pixel;r=256453168;rf=0;a=p-41YeEX_ui4Qms;url=https%3A%2F%2Fwww.themarysue.com%2F;uht=2;fpan=1;fpa=P0-1904328558-1635411529326;pbc=;ns=0;ce=1;qjs=1;qv=bb78f58d-20211025154311;cm=;gdpr=0;ref=;d=thema...
pixel.quantserve.com/ 35 B
372 B 12ms
11ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=256453168;rf=0;a=p-41YeEX_ui4Qms;url=https%3A%2F%2Fwww.themarysue.com%2F;uht=2;fpan=1;fpa=P0-1904328558-1635411529326;pbc=;ns=0;ce=1;qjs=1;qv=bb78f58d-20211025154311;cm=;gdpr=0;ref=;d=themarysue.com;je=0;sr=1600x1200x24;dst=0;et=1635411529326;tzo=0;ogl=locale.en_US%2Csite_name.The%20Mary%20Sue%2Ctype.article%2Ctitle.The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe%2Cdescription.The%20Mary%20Sue%20is%20the%20premier%20destination%20for%20entertainment%20geeks%252C%20female%20or%20other%2Curl.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2F%2Cimage.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2Fwp-content%2Fuploads%2F2020%2F12%2Fthemarysue-defult-social%252Ej%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2Fwp-content%2Fuploads%2F2020%2F12%2Fthemarysue-defult-social%252Ej

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 gdpr-liveramp.js Show response
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 447 KB
119 KB 37ms
11ms Script
text/javascript 2600:9000:2156:a600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3989f9b/js/adthrive.min.js?threshold=0&deployment=ad-1193:pr1900:flex-02:dbbdf75:con&cb=1635411529231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f0e1ccdbe6c05f597adca8aa1f26d60055245f7fa0dc2e3be0f9bc34cf0f243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:13:18 GMT
content-encoding: gzip
age: 56732
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="gdpr-liveramp.js"
last-modified: Tue, 19 Oct 2021 15:42:09 GMT
server: AmazonS3
etag: W/"fe9ba68bec7790bc7c3a455a3dbb9986"
vary: Accept-Encoding
x-amz-version-id: Q.KmU34REhUS1gj6lPrTMrk8.Ma5.8nT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: ad3vHRlGltLctyTZWuDht2LMeMz3jGw1qJdy7nKfVtMv_4NyQdV1Yg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 56ms
20ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3989f9b/js/adthrive.min.js?threshold=0&deployment=ad-1193:pr1900:flex-02:dbbdf75:con&cb=1635411529231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

8eedb899fd7fe59d8351b9ef5280ebb38a053d710164d3cafca9185f6f4a267c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1026 / 329 of 1000 / last-modified: 1635410499"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27307
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Oct 2021 08:58:49 GMT

GET
H2 200 prebid.min.js Show response
ads.adthrive.com/builds/core/3989f9b/gdpr/vendor/prebid/ 441 KB
128 KB 9ms
9ms Script
application/javascript 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/3989f9b/gdpr/vendor/prebid/prebid.min.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/3989f9b/js/adthrive.min.js?threshold=0&deployment=ad-1193:pr1900:flex-02:dbbdf75:con&cb=1635411529231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08ab86a5df95fee440402128c18457ead501243f7d43618bff35eae8d69af7ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: z8TUFmz4oaZ7ZM_YSnaONvuIxEk61mIe
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 19:34:16 GMT
server: AmazonS3
age: 2178
etag: W/"0424dcf9b3232ba4f581146e613513ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 28 Oct 2021 08:58:37 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: MaSlxsntr9tDg9MzrePDAu54n8gjU1GyfR11q1BUe_90YcoPc44o1w==

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 601 KB
132 KB 48ms
8ms Script
text/javascript 2a02:26f0:1700:8bc::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/11449/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:8bc::26e5 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4b4f1059472f8e6ea70ef15ba0cdb6234d4a78eea4fae1c7b42e2eaf367bbe51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: A92SX703VMP6JNAN
content-length: 134005
x-amz-id-2: lKFvzSz8KTXM7bCcISwQ3TbNDR/wIPZyOY5X3vxQObVPLxgnQVZ7lvSIF04V+Y+MANpTGKizLh4=
last-modified: Wed, 27 Oct 2021 13:38:42 GMT
etag: "2a9222a9e7906477361741d21dc995e6"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 0
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 28 Oct 2021 09:28:49 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 14 KB
4 KB 319ms
106ms Script
text/javascript 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.themarysue.com%2F&ntv_mvi&us_privacy=1YNY
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a454e625bd8ad001b3f251eec12d3e385cd48a253c652c152c3fd0a972077ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 3508
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 15ms
15ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=387360217&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=547404061&gjid=1455208385&cid=1223140588.1635411529&tid=UA-21433528-1&_gid=863403328.1635411529&_r=1&gtm=2ouar0&z=2016341509

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.themarysue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.themarysue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
259 B 109ms
32ms Image
image/gif 54.154.45.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.45.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-45-254.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 20172652
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

GET
H2 200 gdpr.bundle.js Show response
gdpr.privacymanager.io/latest/ 180 KB
52 KB 37ms
9ms Script
application/x-javascript 2600:9000:2156:6000:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by: Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6000:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8d9561d9ce4e63494bfd9d06ecc8de8b5e84e63f2e2fcaaa694c7bcacdeb1d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: madxOiRlahVx.m6hkkx9Z7cN4_1IERhf
content-encoding: gzip
etag: W/"ff2c891318adebc1e8848cc2a112a126"
age: 2225
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:cf60db08-e897-46db-a477-4a1a777a42df
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 933c11aa61e316bda3d4e643f9a9708e
last-modified: Thu, 23 Sep 2021 11:39:15 GMT
server: AmazonS3
date: Thu, 28 Oct 2021 08:21:45 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 00106520169dd829fead26e43fb3357d2d180b60a9877c251271441e0e76ff54
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: PWkpzIYzdjC2ZpDAMx5z18Q1ku2_5apNQo4AacqSGDVAExE56Ede6A==

GET wigo-no-slot
sync.teads.tv/ Frame 8E87 0
0

GET
H2 200 track
t.teads.tv/ 23 B
113 B 101ms
53ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=eaac0c95-3947-4d82-b102-a83e8f95fc8f&pageId=11449&pid=23130&debug_metadata=4VvCxDKFBP&fv=900&ts=1635411529505&f=1&referer=https%3A%2F%2Fwww.themarysue.com%2F
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 104ms
56ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=eaac0c95-3947-4d82-b102-a83e8f95fc8f&pageId=11449&pid=23130&fv=900&ts=1635411529509&f=1&referer=https%3A%2F%2Fwww.themarysue.com%2F
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame 8E87 325 B
486 B 71ms
32ms Document
text/html 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.2.6
content-length: 325
expires: Thu, 28 Oct 2021 08:58:49 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT

GET
H2 200 pubads_impl_2021102601.js Show response
securepubads.g.doubleclick.net/gpt/ 353 KB
119 KB 16ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063319

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

8156274be416705f770f8d4e0338e9886f99a863f433e105dc497f2e998f1812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 121587
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 08:35:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Oct 2021 08:58:49 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 201 B
151 B 31ms
17ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.themarysue.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

17519e1e3a96da74093d09a6e97a6861fb97d8520ddf8f96f652dd13e23ecb92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 126
x-xss-protection: 0
expires: Thu, 28 Oct 2021 08:58:49 GMT

OPTIONS
H2 200 vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ Frame 0
0 28ms
11ms Preflight 2600:9000:2156:a600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.themarysue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Wed, 27 Oct 2021 17:13:18 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: J6Q_Vw_PXAckBUxeZRN3WKa3IsxoK7Xfq6R5E5Laf1jvQpcWx8ZQ9w==
age: 56732

GET
H2 200 vendor-list.json Show response
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 64 KB
11 KB 12ms
11ms Fetch
application/json 2600:9000:2156:a600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Requested by: Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11ef9d117029ebe6e64e15e07838132bda11d31a93beafdf6709d597c6c10d3d

Request headers

Accept: application/json
Referer: https://www.themarysue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: RM45ncF_4GoEt7NdPCcOZV001WriRKOG
content-encoding: gzip
etag: W/"ccbb94a35072f7c08fc15dacee34af44"
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 17:06:49 GMT
server: AmazonS3
date: Thu, 28 Oct 2021 08:58:49 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: AxNItaMEVop0KDQ2zqAcPKBtUH_TwG2kackPkOgU5y7goD2ealSgaw==

GET
H2 200 index.html Show response
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 1 KB
1 KB 35ms
8ms Document
text/html 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by: Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/

Response headers

content-type: text/html
date: Fri, 22 Oct 2021 02:30:19 GMT
last-modified: Thu, 23 Sep 2021 11:39:21 GMT
etag: W/"b8061b8850e21ea20dba03d10b1747ea"
x-amz-server-side-encryption: AES256
cache-control: must-revalidate,public,max-age=604800
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
x-amz-version-id: _U7a5a15Yz4OF.rTqSs6LDvTBi8PIwnF
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6jEoslcYvLjv48Cl6yUYc0hetXFqWVur25l7WMhNnhZEkUyV7xPLtA==
age: 541711

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 310ms
101ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.themarysue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 71F6 175 KB
57 KB 68ms
7ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 18:51:36 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2bd37-5c9c5cea2ce36"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=74958
accept-ranges: bytes
content-type: text/javascript
content-length: 57427
expires: Fri, 29 Oct 2021 05:48:07 GMT

GET
H2 200 pbjs_wrapper.v1.0.js Show response
hb.brainlyads.com/ Frame 25EB 31 KB
10 KB 312ms
101ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

685a3ff99ed9f1155d77a5a5161788fe867b675f16a9d63b756116d6dc236957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 01:18:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6174b44d-7d58"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 29 Oct 2021 08:58:49 GMT

GET
H2 200 pbjs_wrapper.v1.1.js Show response
hb.brainlyads.com/ Frame 0302 32 KB
10 KB 393ms
194ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.1.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

2abb27a01b311e3f9e3bf05ec733908b88b2b6be03314dbed20bcf7805c93be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 01:18:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6174b44d-813a"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 404 pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame BE24 0
0 579ms
383ms Script
text/html 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 6 KB
2 KB 271ms
93ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.themarysue.com%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 88869833f272b7cbe4aa430ba6fef70f3d98e881dba14e68c675fe95ce426100

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:49 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"17ca-LJ+gqGYy4aM8cHqv4ut07+a0vok"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.themarysue.com
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 95 KB
13 KB 10ms
9ms Stylesheet
text/css 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 21:21:56 GMT
content-encoding: gzip
age: 560214
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:37 GMT
server: AmazonS3
etag: W/"fc91ee31cf2e2dbba65546e19b425c59"
vary: Accept-Encoding
x-amz-version-id: iHQbgsNMmnVH2lvrykpZ9D61trNh8ErA
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: YpgRXbWgOiXMQ-9bBvXESEkcF-il_Kn_CwLtI0h98l_R6xrEngIIqA==

GET
H2 200 openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 26 KB
3 KB 11ms
10ms Stylesheet
text/css 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 21:21:56 GMT
content-encoding: gzip
age: 560214
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:10 GMT
server: AmazonS3
etag: W/"e0df7919fa5e82dca894ac73371effed"
vary: Accept-Encoding
x-amz-version-id: dphnuJtXc3yFXcDh1YjJL2xkxHzW.xQ.
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: AaF6Zq7AVtbZGsNnYImPyl61Zp2hDktnMppxgHhCDrzmeNNDth2Jxg==

GET
H2 200 runtime.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 2 KB
2 KB 11ms
10ms Script
application/x-javascript 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: nKhTv5ve7WsFzJK7gAPyWHzB3Z8PZL7e
content-encoding: gzip
etag: W/"5fe48064a68c5e51f208fb444eb5a84a"
age: 146719
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:21 GMT
server: AmazonS3
date: Tue, 26 Oct 2021 16:13:31 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: PrIhqN3S2MLKXtXBgD4FjuO1gkXT6mIagNWdm5deHUTm426NO7dvtQ==

GET
H2 200 polyfills.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 44 KB
15 KB 15ms
14ms Script
application/x-javascript 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ncoR1PZI195bkLKL4U.CwIVG0U0SBp8.
content-encoding: gzip
etag: W/"d40fc0a76f5b7cbdbb3f7a15f1038a44"
age: 124878
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:14 GMT
server: AmazonS3
date: Tue, 26 Oct 2021 22:17:32 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: RIY7Ix2P0C4uWCzpYldsxPgGCViCI1FG7JwQVQizpc_XDkkABtyhvw==

GET
H2 200 vendor.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 783 KB
200 KB 16ms
16ms Script
application/x-javascript 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Qei6I8ZUwyXs8tHYzRsB908Ox0R4mjsg
content-encoding: gzip
etag: W/"83497fb39f19b4dfaaa958cf6d4558b1"
age: 378143
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:39 GMT
server: AmazonS3
date: Sat, 23 Oct 2021 23:56:27 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: JQyck0bmL6rFcaFPd7hF8vT5TjKf6SFEf06QR0WYBiTtGO_tMQusEA==

GET
H2 200 main.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 41 KB
10 KB 28ms
28ms Script
application/x-javascript 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bb91510affa30b30f4c3ce7bc5609b6f98ca55ff26d51a89b9cc0abd8bbaa7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: myZQinBqqcXUmjYkWht4nhlNPabAKelP
content-encoding: gzip
etag: W/"c90c803d8191a02844ac9246c799db82"
age: 146719
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:23 GMT
server: AmazonS3
date: Tue, 26 Oct 2021 16:13:31 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: _AOogUVxRQzgu5HlYUzxh8D1jo0Q6azcz5Dr_WOLV-zmCxshULxO6g==

GET
H2 200 defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 0
6 KB 28ms
28ms Other
text/css 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: uPN5MfgD4SuwMtRZrmxKANc59FzDE5vc
content-encoding: gzip
etag: W/"ddb5e6d71b353c98624b1784c506f1ee"
age: 124874
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:40 GMT
server: AmazonS3
date: Tue, 26 Oct 2021 22:17:36 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: XHa9ZVinIFKSySHseak96P5AW7PegbD25qRAKSsxlv9QmEzyy1I_Yg==

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 96ms
91ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=594041&ntv_pl=1024382
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 96ms
91ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=0a91569f-a322-42ab-a79c-e523ca9324ef&ntv_fl=MJHEBp62elpdzoY3iljFWJ41km27JNbR3kBBfmeZRmqUNRIr7m7mR-14cJqkIifB5JqO-4Laaw5MTk8jvTLC0ID6_v4Rc-mNnmYJuKx98XOSJwMsokkb-io22o_SAiigshi5knp6VgAsebcshS7oWCR0s4KKiXx8KEP4eOeCF-eMCEDYGipn6-fXiPBtJBiwAz-AvublZ6m5DPxyWy1i3w==&ntv_ht=SWZ6YQA&ntv_at=303,302&ntv_a=AAAAAAAAAAfqEPA&ord=1635411529713&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 98ms
93ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=17d9269b-9cdb-4dcd-8542-d2b5d2541cab&ntv_fl=7NOrgcZZEHeIW4rXPCSBAXO6vK-y_TZGRg6U3CXo5BG5YqfcyD0Uk4GdD35AHY8z3u6cLYtYM72Bghwm32k7NyZBisJsliXiqzhwuizOXHFVPYqf9_jTYZVuwJV9lMSyUSO1IXSKtcHJOTcc2zctsj5ZNuuAPkbrAyOBq6icGbFfUB0Ufeu9npqyMHFrLp5okCwMABIQIDUxlfTCOfSjnA==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAhlwQA&ord=1635411529714&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 97ms
92ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=a14b80e3-1373-42dc-bbc5-654d33f3bf6d&ntv_fl=7FmPwlYUWt6GwMUAJmQfSHX4S_l0GeI5BQD7xi8e8sNNVLaicj2UGHdqxAVFfwa8ko1hcK3M5ck00lbGonfrliMts7TRQd-NE1oI4khXbgmER-L_EA9ZStF3b8XP-hhi-pw2CjnsU0NhILHsRpvy0K-tuQOa-1HyvM12QqcB4cNNF3hWKp5_vN0fk3-ZxEVRQzZmZ5jwqRWXfC8RbHyR3w==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAxvkQA&ord=1635411529715&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 96ms
93ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=a14b80e3-1373-42dc-bbc5-654d33f3bf6d&ntv_fl=7FmPwlYUWt6GwMUAJmQfSHX4S_l0GeI5BQD7xi8e8sNNVLaicj2UGHdqxAVFfwa8ko1hcK3M5ck00lbGonfrliMts7TRQd-NE1oI4khXbgmER-L_EA9ZStF3b8XP-hhi-pw2CjnsU0NhILHsRpvy0K-tuQOa-1HyvM12QqcB4cNNF3hWKp5_vN0fk3-ZxEVRQzZmZ5jwqRWXfC8RbHyR3w==&ntv_ht=SWZ6YQA&ntv_at=323&ntv_a=AAAAAAAAAAxvkQA&ntv_jtr=3&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 97ms
94ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=dff90025-88be-4841-b34d-a4448490c727&ntv_fl=J7y-F5ZkiJtNEPdsQXVh-j7SR9pT7qnb32JOJRUPrWZHCIQyDodOQod-wNahhqWhjZblqtDggxQsOmrnJwGOFEoMMjGcDr0Twmg4EeN6I268xz2_kww4hFDJbbd4auE8L5CNIb7S4yj9kNtJVOWtqwL-_5Dm4KQ8sNEE-AiysAh_8FVctNsu1VqbN1AQfP38Y0OfgBNAqf3BRS-xlABisQ==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAx_kQA&ord=1635411529715&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 96ms
93ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=9429b132-674b-4a7c-9d7b-a2f8c6ba33f9&ntv_fl=RfWAf7wemhRg4x3Ly9jMxZMUsGhXS1AN0w8GWFEEBNzAHx-1nqB3zXZXAbr2l5_bsxYTTM-7Xk8rbnFwvSqROhHSPfJFawixClMKBGSvDr4qHhKJV9ZgKbliSdh-5td8cuzjcFgCXwl-9JX9CP0tk4SaEYIa0mBbskC-KxnIVVM9LGXZgVQlICAvDNszEdZGyfeWb0geo4vL3SwD-Gaz7Q==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAh1wQA&ord=1635411529715&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 95ms
92ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=177b0edb-67b5-4f99-a853-feb1fea80749&ntv_fl=zE25YG5Gtcg9XmYaFXzdJZYqCuB9dPTMwkzw9fjtULuuqtbFGshJ7hFrZ3lq2j1Y1vti1MBABChH560meWMLJFrrZuqTUT7j9iDyKXhIxyMLW1H2l3TeqL0hGqXyZ8Dr0-wMzyaMYpsw8u1F4oqeep-uxTHcBew9EipO0Sn8S3EUWSyHEU7xI7w9NGZjNHplXX4kzWYZ1wQgZGUqxJBQQQ==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAyPkQA&ord=1635411529716&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 177ms
174ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=26385c0c-9a06-4831-a5d1-8653ba7be8fe&ntv_fl=LpNzrrFxlmamIy9qzYYl0xF1Ux5h9h_H8QJSTefzWYSS1yWfGqxU0zc6XyERO2tnR32DwKisqEYFQZIUnAtVu7L29u6JAv7i-UqJ2cDgh4LNC3ZwNj6CvS5cLZX_lObt8TJSu_PZGDBg0oUMmFJC67VmgEY5D9NVB0GDOvQKMNA0Fx6SdWW3Kw7kFg-f2v4xF_4gMc0IY3pE_RSGu3EFlw==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAeXcQA&ord=1635411529716&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 177ms
174ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=23db68ab-3c67-4295-b99b-f8931a0603b9&ntv_fl=DvUyARHh7cKW-flNbAnfKgc8f7QQwKNijwoqf9Gfq8giEJTaBlmi1tw_BiWxrbCcMxG0wkAcIpCSq4Rl-dVkpXoUwTsYu-J8H_rTor9y3DNOvWRwgYA14hhQh22JyF1t5y4YXdYBcySfg9LoZqAwuWuKra49R9mE3742lCDlrZzgZJubMNxEwp6mBCATbYlgE7hAy2kMmN8mXHSTsKq87w==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAyfkQA&ord=1635411529716&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 176ms
173ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=23db68ab-3c67-4295-b99b-f8931a0603b9&ntv_fl=DvUyARHh7cKW-flNbAnfKgc8f7QQwKNijwoqf9Gfq8giEJTaBlmi1tw_BiWxrbCcMxG0wkAcIpCSq4Rl-dVkpXoUwTsYu-J8H_rTor9y3DNOvWRwgYA14hhQh22JyF1t5y4YXdYBcySfg9LoZqAwuWuKra49R9mE3742lCDlrZzgZJubMNxEwp6mBCATbYlgE7hAy2kMmN8mXHSTsKq87w==&ntv_ht=SWZ6YQA&ntv_at=323&ntv_a=AAAAAAAAAAyfkQA&ntv_jtr=5&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 178ms
175ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=08bf1252-80f8-425e-bbe9-40773e518404&ntv_fl=CssEn86p2dhQ7VzHFMVqV1odSqHw_4RULjyfN4sc9dPA6IdYwBUu1pex9nx9gcUHkHiDBPb91XNp5Idei78w9IsMlJILdJeZtnOx4TAshYuzSYIqLeWVXHl_3k1aoYhO0-GRXSB9Q98E9yVZ9GiPpwXKECLIRPvQEQCjKqtd_dZPL7hvr7dm1BbXVQW6exr2giiM40Kyqo7kw9CyE-4BrA==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAencQA&ord=1635411529717&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 178ms
175ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=9342378e-b432-4d12-8b92-ec8ee5bd758a&ntv_fl=6praYqsKYEz1RfbD_J4sbpNagNdM5Db5-Gw0WigymHnPUzrgFfTLNpxZSbQqVNu8W7oVe4b2k0BdIKfQMAlayzPLDwU4mAODtFWPy_2y7iDS8qVIRf3lVIKARoqkBgdYXBu6DegA-LkT5Hv2m_Ox-PHF8ZuVeN4vSiJX1j5xyOrR2Mgd9W8ZSraggniur7YFZjTTTA_SxF8nxxvWV1d28w==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAyvkQA&ord=1635411529717&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 177ms
175ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=b384caa6-0e7a-4c24-a04e-59b589fa3a11&ntv_fl=mbT3eH6v_xbSukP4HaiPxlJdylEDgyQVQlz_b9ahFQ_umBiM0BnLB7h-H-_TbSa-v83FnY6PKaVGMXQXqTB3a0vYwImNQDluCuYmoJYPXeKeQR5X0YuhUGqTfyoXbRhMEAZUo-E6xK-SlLM4sMkYUD5VVLJKJB9i0GM9lBab8J9q0SnsqQyjbRZd4h2r_jkeHk4QRzz5gF6cmaiLi8dOhA==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAPPwQA&ord=1635411529717&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 178ms
176ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=71678613-0f3f-47ee-810a-b7e76f30972f&ntv_fl=h70FNUhYfLIzFAa66qcJz6btuhWKEuZJK_Cyk2rb0evzL9yu-YNGB2y4g6bWE50ayQYyfGp0JHPgGTOQSO8Gcs3IHIhjH21kYy6qvhUGFJ6awtmVAYrlPLvtil3RfB-OIbW6or1z1icC3pUJTQXZKeZNRupww3tXAeGsD-qnKUSsoZt3UL--sKD5IEKFkl8WLzB8RR-y-8i8nAHWF33lyg==&ntv_ht=SWZ6YQA&ntv_at=303&ntv_a=AAAAAAAAAAvfkQA&ord=1635411529718&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 177ms
174ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1079161&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/506f50d7-d660-4f15-b95d-bbbbc0f7577e/ 223 KB
52 KB 173ms
173ms Script
application/x-javascript 2a02:26f0:1700:11::b856:679a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/506f50d7-d660-4f15-b95d-bbbbc0f7577e/cc.js?renew=false&referer=www.themarysue.com&dnt=false&forceshow=false&cbid=506f50d7-d660-4f15-b95d-bbbbc0f7577e&brandid=Cookiebot&framework=&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%2278b283fa-7f7c-4ae2-b3c0-001725d22761%22%7D%5D
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:679a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cc3333c013480f9c4d25357409fb4b451ee0ea1eb500eb4a84fe9e771dcc97bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 08:58:49 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
access-control-allow-headers: cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 52483
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 1.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 57 KB
12 KB 8ms
7ms Script
application/x-javascript 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/1.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17a8edc7506493d958440f90b259891f10788ff6d72d53c61555fde7528f720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 22:28:12 GMT
content-encoding: gzip
age: 469838
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:19 GMT
server: AmazonS3
etag: W/"d87739737a6394a4b5ff953fd4f502f4"
vary: Accept-Encoding
x-amz-version-id: Hc2akRrzdfQYnWcop_QsLxRFuo4KlesR
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: F8eONPTCkGOoAQldgPEzyWjFqv7QQcN1kvFzBrZzT_dTsmP-Xd3lZg==

GET
H2 200 18.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 21 KB
6 KB 8ms
8ms Script
application/x-javascript 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/18.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b4545e593ba3c26b1d9d4964a52360e4abd77b37b42752f6f9e7f00aa9d8ba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 21:21:57 GMT
content-encoding: gzip
age: 560213
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:37 GMT
server: AmazonS3
etag: W/"42c82f222309e65893576bda18d843ab"
vary: Accept-Encoding
x-amz-version-id: IyLT7NaKQygPVj6t4ZT_fo7m67VfjYFQ
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: F1Cz6XBfBwY8ez7RjmqAmknNxUasNYpEa470D2VAZCWLENV-xLLPIQ==

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame 71F6 482 KB
148 KB 281ms
195ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7df67531b2adb38185f21f13535c3b76927370f331dbd59a2b0a6c9ced6b6a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 19:40:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6179ab15-78760"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 29 Oct 2021 08:58:49 GMT

GET
H2 200 blueLagoon.css
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 35 KB
6 KB 7ms
7ms Stylesheet
text/css 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/blueLagoon.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67a9149e10e7c5efbcadfa0f7118dad6a12005f07c969737264465f9346748cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: XFZOPZPL9iEeatm.qdHpYYcHweHKbf17
content-encoding: gzip
etag: W/"cd0a6c34334f3b1b578cbfb13ce625b7"
age: 4074
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:38 GMT
server: AmazonS3
date: Thu, 28 Oct 2021 07:50:56 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: SQ1BvNEAtjnmxVMJirIPeNmz3m9IU3Dewk6TYkMTPZeUA-ayiZ-ZIg==

GET
H2 200 17.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 123 KB
24 KB 7ms
7ms Script
application/x-javascript 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/17.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aef9ed644efb2888474c4e759b3903f5d07645e71cb9da7ebe68c48f3204b6b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 20:02:57 GMT
content-encoding: gzip
age: 564953
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
last-modified: Thu, 23 Sep 2021 11:39:34 GMT
server: AmazonS3
etag: W/"afdc48816aae26885b365838bc1b8958"
vary: Accept-Encoding
x-amz-version-id: qy83iYTfLHu1uhg1R8rbRlnp.sOXDNYH
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: tl_HjvPlx0nUfm6WJjor_QCKH4sbwM0UqV3Mr8x36jgO897NUZy8lA==

GET
H2 200 open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 14 KB
15 KB 7ms
7ms Font
application/octet-stream 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: eQiV9o0YMGqViXraeiI_aPgkp1OZzUnV
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
etag: "ff9d619b59f5cb3529b100448f398ac5"
age: 315373
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
content-length: 14440
last-modified: Thu, 23 Sep 2021 11:39:20 GMT
server: AmazonS3
date: Sun, 24 Oct 2021 17:22:36 GMT
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: 3sPpklYw8X6vSpQJdkOKNpPQYnNGgXf2BUxMQATz2cxFXS_C6SoTsA==

GET
H2 200 fingerprint-logo.png
gdpr.privacymanager.io/1/ Frame EEDF 3 KB
4 KB 8ms
8ms Image
image/png 2600:9000:2156:6000:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdpr.privacymanager.io/1/fingerprint-logo.png
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6000:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ZYefOqCU6WfdLLXp.7u3_LlIFDZsekyD
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
etag: "b7cdca038062eecdc45c7351c6a539ad"
age: 515
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:cf60db08-e897-46db-a477-4a1a777a42df
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 933c11aa61e316bda3d4e643f9a9708e
content-length: 2962
last-modified: Thu, 23 Sep 2021 11:39:15 GMT
server: AmazonS3
date: Thu, 28 Oct 2021 08:50:15 GMT
x-amz-meta-codebuild-content-sha256: 00106520169dd829fead26e43fb3357d2d180b60a9877c251271441e0e76ff54
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: a9GYzHOU23mZlZVo0RREszj8lie9YH8UEFsDT-AHA6HZbTVOrpI0LA==

GET
H2 200 icon-chevron-left.svg
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 441 B
1 KB 7ms
7ms Image
image/svg+xml 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmp-consent-tool.privacymanager.io/latest/icon-chevron-left.svg
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/blueLagoon.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/blueLagoon.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:25:43 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
age: 570787
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
content-length: 441
last-modified: Thu, 23 Sep 2021 11:39:36 GMT
server: AmazonS3
etag: "e2760515a843a0256b4b810489b5426b"
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
cache-control: must-revalidate,public,max-age=604800
x-amz-version-id: kcSc7LsGGVWtL9jmaUR51Vcof5ZD3xqr
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: sFjpGEiUsEb2nuKEU3FiCqYEJW5A-c5BuLwlyCX3pkCB2biNnbazLg==

GET
H2 200 open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 15 KB
15 KB 7ms
7ms Font
application/octet-stream 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: VNmbgvcArGh4nBqDzqRsAZHOV.Uz80ff
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
etag: "b596676fc00af9806c16a12e9a0350f8"
age: 156597
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
content-length: 15112
last-modified: Thu, 23 Sep 2021 11:39:26 GMT
server: AmazonS3
date: Tue, 26 Oct 2021 13:28:53 GMT
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: A3g5CdsSATmOm6wTYI7fxETqihNBc89h0nbTkgLziMQ7XVrBpURIbg==

GET
H2 200 open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame EEDF 15 KB
15 KB 8ms
8ms Font
application/octet-stream 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 9uOwCbO01DfYruakDY9NBbvI.bnj98FV
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
etag: "4334c2753ff9f057d9de926e66882c9e"
age: 220148
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b266ff9e-e096-4f35-a76e-590cd372898c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 776edb05b0dfe7a636849cc95e36547b
content-length: 14956
last-modified: Thu, 23 Sep 2021 11:39:29 GMT
server: AmazonS3
date: Mon, 25 Oct 2021 19:49:42 GMT
x-amz-meta-codebuild-content-sha256: fc84ddd3fccb9b7ef8f1b5188c279b140192f65abc89efed304e2c02f3c9a94f
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: rwjklzsvMh3sZJwwB7sDd0bWgDTHchZvvjiMhvmWqFgplXz1BCuy2Q==

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 634ms
208ms Script
text/plain 175.41.171.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.171.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-171-176.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-173323690-13

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1c0b4fe5568517efed2f1c5079e6dac6a8b6cb28d06a36f094e65c9d146b5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35740
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Oct 2021 08:58:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-173323690-13&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5aab6d668dec04ff18e711ede1b6eed0058aa3107ffec380410386af26ffb804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35755
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Oct 2021 08:58:49 GMT

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 514ms
175ms Script
application/javascript 35.83.59.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.themarysue.com%2F&ref=
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.83.59.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-59-198.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 5febaa5e86b9932b7b209a1363f9dc248021dbd5dd35e6bd60d07ca48c901da8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
server: nginx/1.18.0
content-length: 3256
content-type: application/javascript

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f952ce3e054a92e092480c7532a359442bed9c79f56426338e13061e867b39e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 14ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=387360217&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=579473087&gjid=1081851188&cid=1223140588.1635411529&tid=UA-173323690-13&_gid=863403328.1635411529&_r=1&gtm=2ouar0&z=2033974327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.themarysue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.themarysue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
412 B 45ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-173323690-13&cid=1223140588.1635411529&jid=579473087&gjid=1081851188&_gid=863403328.1635411529&_u=aEDAAUABAAAAAC~&z=1121618752

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.themarysue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 28 Oct 2021 08:58:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.themarysue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 501ms
164ms Script
application/javascript 52.25.225.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.themarysue.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.225.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-225-148.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:52:52 GMT
server: nginx/1.18.0
etag: W/"1635353572.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 28 Oct 2021 20:58:50 GMT

GET
H2 200 251 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 506ms
167ms Script
application/javascript 54.149.90.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/251
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.themarysue.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.90.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-90-128.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:51:14 GMT
server: nginx/1.18.0
etag: W/"1635353474.0-26098-2710964840"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 28 Oct 2021 20:58:50 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&adnxs_id=4457511829308199002

43 B
563 B

480ms
178ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&adnxs_id=4457511829308199002
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:50 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Oct 2021 08:58:50 GMT
X-Proxy-Origin: 91.199.118.72; 91.199.118.72; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 976f76f5-77eb-4bd9-b0fa-3f8212bc12cc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&adnxs_id=4457511829308199002
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://ids.ad.gt/api/v1/t_match?tdid=43abdd62-181c-4c82-af0f-ab710bf06525&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

43 B
568 B

525ms
322ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=43abdd62-181c-4c82-af0f-ab710bf06525&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=43abdd62-181c-4c82-af0f-ab710bf06525&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://ids.ad.gt/api/v1/pbm_match?pbm=26D0F575-B6E3-4394-BE42-04CBFC8DE7EC&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

43 B
572 B

436ms
180ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=26D0F575-B6E3-4394-BE42-04CBFC8DE7EC&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:50 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=26D0F575-B6E3-4394-BE42-04CBFC8DE7EC&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
date: Thu, 28 Oct 2021 08:58:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&google_tc=
https://ids.ad.gt/api/v1/g_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&google_gid=CAESEOiKgfbY744IIc9PnlVlQcY&google_cver=1&google_ula=450542624,0

43 B
570 B

449ms
179ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&google_gid=CAESEOiKgfbY744IIc9PnlVlQcY&google_cver=1&google_ula=450542624,0
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&google_gid=CAESEOiKgfbY744IIc9PnlVlQcY&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NGUwZmM3OTAtZWNhZi00ZDZlLWIyMmQtMWZhM2UwMzliNDQz

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NGUwZmM3OTAtZWNhZi00ZDZlLWIyMmQtMWZhM2UwMzliNDQz

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NGUwZmM3OTAtZWNhZi00ZDZlLWIyMmQtMWZhM2UwMzliNDQz
date: Thu, 28 Oct 2021 08:58:50 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

beeswax_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&_bee_ppp=1
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAD0WU7C9M0AABxZAb1wvw&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

43 B
476 B

492ms
323ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAD0WU7C9M0AABxZAb1wvw&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:50 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAD0WU7C9M0AABxZAb1wvw&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Date: Thu, 28 Oct 2021 08:58:50 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK us
sync.go.sonobi.com/ 0
474 B 50ms
12ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&uid=[UID]

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Oct 2021 08:58:50 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&impr_uid=1506e538-3ec0-4b4c-902c-15596cfab9e6

43 B
483 B

552ms
321ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&impr_uid=1506e538-3ec0-4b4c-902c-15596cfab9e6
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:50 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:50 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/impr_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&impr_uid=1506e538-3ec0-4b4c-902c-15596cfab9e6
date: Thu, 28 Oct 2021 08:58:50 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
650 B 184ms
184ms Image
image/gif 35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&halo_id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:51 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:51 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 495ms
162ms Script
text/plain 54.189.240.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=7fe0b5aa26aed2cb46fe8fe874a6671f&url=https%3A%2F%2Fwww.themarysue.com%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.189.240.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-240-181.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 28 Oct 2021 08:58:51 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: +eeBgu6WxDSqnFi81Elx+NyCHtYfCSmxnWFzpDY/D07wWxUn8RVa4/GR0k8pN5HxegFo/b1jTb3a3dldq3kIng==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 28 Oct 2021 08:58:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Oct 2021 09:01:20 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Oct 2021 09:45:23 GMT

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm...
https://ids.ad.gt/api/v1/openx?openx_id=edff2d1d-f5fd-49d2-8b75-0744c27536de&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1e...

43 B
481 B

179ms
179ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=edff2d1d-f5fd-49d2-8b75-0744c27536de&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:51 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:51 GMT

Redirect headers

date: Thu, 28 Oct 2021 08:58:51 GMT
content-encoding: gzip
server: OXGW/16.217.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ids.ad.gt/api/v1/openx?openx_id=edff2d1d-f5fd-49d2-8b75-0744c27536de&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 308 KB
89 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8df0227deb3092d902654ef27073670e9126534ecb2d41c859781ff6b8de6a90

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 90989
x-xss-protection: 0
pragma: public
x-fb-debug: MUkH50dIkbFdYhGiQfOFWpRwyPK9plmfaXQVx06AWXdkoaIwJSpm5BE1cbBDgbkDVD+j0WHIk4Xaxue5603WvA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 28 Oct 2021 08:58:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 22ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.themarysue.com%2F&rl=&if=false&ts=1635411531093&cd[partner_id]=251&cd[tagger_id]=7fe0b5aa26aed2cb46fe8fe874a6671f&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1635411531092.719476222&it=1635411531051&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 28 Oct 2021 08:58:51 GMT

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
240 B 29ms
29ms Script
application/javascript 54.154.45.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: profusesupport.com
URL: https://profusesupport.com/v2/0/xhxHt9Ql2QWX7SLo32xJmfVhOwoZRLLNDUA5dEwg2L-XmK-G5ahD6owqYy0BTyPkqHiBqj_Jc0Whw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.45.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-45-254.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:51 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 1217913
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 52ms
9ms Script
application/x-javascript 2600:9000:2156:c400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:27:38 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 1873
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _J1YHlLn_9p-uWLnAgEGg6oFgLH468tvYVEkBlBQB2yDqXYMdSUkaQ==
expires: Thu, 28 Oct 2021 10:27:38 GMT

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame 3543 325 B
486 B 31ms
30ms Document
text/html 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.2.6
content-length: 325
expires: Thu, 28 Oct 2021 08:58:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 28 Oct 2021 08:58:51 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 44ms
43ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=61f291f3-bc92-4541-9a1f-b4a38d047080&pageId=11449&pid=23130&debug_metadata=AXuvYq0PIA&fv=900&ts=1635411531531&f=1&referer=https%3A%2F%2Fwww.themarysue.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:51 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 43ms
41ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=61f291f3-bc92-4541-9a1f-b4a38d047080&pageId=11449&pid=23130&fv=900&ts=1635411531534&f=1&referer=https%3A%2F%2Fwww.themarysue.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:51 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK script.js Show response
powerad.ai/ 177 KB
37 KB 397ms
197ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: aa04ad3dfbdba4ceb7fd0a8afa48ef5fc8dca84dd6a872fd3e13204543881737

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Oct 2021 20:31:34 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"2c2dc-17cc3736e68"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 277ms
90ms Image
image/gif 18.214.157.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=themarysue.com&p=%2F&u=i_QgSE3c38DdlkUb&d=themarysue.com&g=3557&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9019&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3465&t=yK4PlDmheSvCG42wdCqIJk-nQml_&V=129&i=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&tz=0&sn=1&sv=Cn7vTmBlNnmWCpJuLWy6HASBfKg4N&sd=1&im=067b2ff0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.157.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-157-113.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:51 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 101ms
100ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.themarysue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 28 Oct 2021 08:58:51 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 0D4C 175 KB
57 KB 10ms
10ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:51 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 18:51:36 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2bd37-5c9c5cea2ce36"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=74956
accept-ranges: bytes
content-type: text/javascript
content-length: 57427
expires: Fri, 29 Oct 2021 05:48:07 GMT

GET
H2 200 pbjs_wrapper.v1.0.js Show response
hb.brainlyads.com/ Frame 887E 31 KB
10 KB 101ms
101ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

685a3ff99ed9f1155d77a5a5161788fe867b675f16a9d63b756116d6dc236957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:52 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 01:18:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6174b44d-7d58"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 29 Oct 2021 08:58:52 GMT

GET
H2 200 pbjs_wrapper.v1.1.js Show response
hb.brainlyads.com/ Frame 4579 32 KB
10 KB 190ms
190ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.1.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

2abb27a01b311e3f9e3bf05ec733908b88b2b6be03314dbed20bcf7805c93be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:52 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 01:18:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6174b44d-813a"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 404 pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame 40D4 0
0 186ms
186ms Script
text/html 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 6 KB
2 KB 274ms
95ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.themarysue.com%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 88869833f272b7cbe4aa430ba6fef70f3d98e881dba14e68c675fe95ce426100

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:52 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"17ca-LJ+gqGYy4aM8cHqv4ut07+a0vok"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.themarysue.com
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 387 KB
113 KB 19ms
19ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 08:58:51 GMT
Content-Encoding: gzip
x-amz-request-id: 895P7GZMS448PBGC
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: E1f3G4zwvNTivmbsjwi9gTDTblbRbtJyRdbl9CMpQza/SzA88yTu1Zx0HeDBqc0Pyxav9taZuIY=
Last-Modified: Fri, 08 Oct 2021 20:59:32 GMT
Server: AmazonS3
ETag: "5cac4cabadee93ec669a5ded971f5756"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 rules-p-41YeEX_ui4Qms.js Show response
rules.quantcount.com/ 3 B
437 B 10ms
10ms Script
application/javascript 2600:9000:2156:4c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-41YeEX_ui4Qms.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:20:37 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
age: 9496
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:54:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: i-nLnWZfbUonluv5bzbIMBU9zG_syZw7on18bSgKw9Ki6UiPdSyQaA==

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame 0D4C 482 KB
148 KB 103ms
103ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.themarysue.com
URL: https://www.themarysue.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7df67531b2adb38185f21f13535c3b76927370f331dbd59a2b0a6c9ced6b6a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:52 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 19:40:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6179ab15-78760"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 29 Oct 2021 08:58:52 GMT

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 208ms
208ms Script
text/plain 175.41.171.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.171.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-171-176.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:52 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-173323690-13

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1c0b4fe5568517efed2f1c5079e6dac6a8b6cb28d06a36f094e65c9d146b5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35740
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Oct 2021 08:58:52 GMT

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
3 KB 173ms
173ms Script
application/javascript 35.83.59.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.themarysue.com%2F&ref=
Requested by: Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.83.59.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-59-198.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: aace8558b1a84bb19ff09e2b8622ff74f4d19cd30018ccfd1048ede207b5348e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:52 GMT
server: nginx/1.18.0
content-length: 3090
content-type: application/javascript

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=387360217&t=pageview&_s=2&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIZAAAAAC~&jid=&gjid=&cid=1223140588.1635411529&tid=UA-173323690-13&_gid=863403328.1635411529&gtm=2ouar0&z=518215065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 12:30:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73719
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://ids.ad.gt/api/v1/ppnt_match?uid=efWHfHQivuUr&ev=1&pid=562316&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

43 B
465 B

178ms
178ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=efWHfHQivuUr&ev=1&pid=562316&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:52 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://ids.ad.gt/api/v1/ppnt_match?uid=efWHfHQivuUr&ev=1&pid=562316&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-bdf4f8784-8scgq
expires: -1

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D4e0fc790-ecaf-4d6e-b22d-1fa3e...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D4e0fc79...
https://ids.ad.gt/api/v1/adb_match?adb=48567410698059296672055509174565730399&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

43 B
478 B

176ms
176ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=48567410698059296672055509174565730399&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:52 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:52 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v019-0a5c96436.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ddbHjXCoRUc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ids.ad.gt/api/v1/adb_match?adb=48567410698059296672055509174565730399&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

204
No Content

token
token.rubiconproject.com/
Redirect Chain

https://ids.ad.gt/api/v1/rub?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://token.rubiconproject.com/token?pid=50242&puid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&gdpr=0

0
214 B

38ms
9ms

Image
text/plain

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&gdpr=0
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://token.rubiconproject.com/token?pid=50242&puid=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&gdpr=0
date: Thu, 28 Oct 2021 08:58:52 GMT
server: nginx/1.18.0
content-length: 417
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443%26sas_uid%3D%5bsas_uid%5d
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&sas_uid=[sas_uid]&cklb=1

0
436 B

16ms
16ms

Image
text/plain

185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&sas_uid=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 08:58:51 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443&sas_uid=[sas_uid]&cklb=1
pragma: no-cache
date: Thu, 28 Oct 2021 08:58:51 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
https://ids.ad.gt/api/v1/mediamath_match?user_id=e7b8617a-664c-4200-8010-bf57679277e3&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443

43 B
483 B

183ms
183ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=e7b8617a-664c-4200-8010-bf57679277e3&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Protocol: H2
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:52 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 28 Oct 2021 20:58:52 GMT

Redirect headers

Date: Thu, 28 Oct 2021 08:58:52 GMT
Server: MT3 4044 0c7f252 master zrh-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=e7b8617a-664c-4200-8010-bf57679277e3&id=4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 28 Oct 2021 08:58:51 GMT

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ 43 B
229 B 37ms
17ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3D4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Thu, 28 Oct 2021 08:58:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1635411532.445480,VS0,VE9
x-served-by: cache-fra19135-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D314 6 KB
3 KB 43ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: profusesupport.com
URL: https://profusesupport.com/v2/0/xhxHt9Ql2QWX7SLo32xJmfVhOwoZRLLNDUA5dEwg2L-XmK-G5ahD6owqYy0BTyPkqHiBqj_Jc0Whw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2973
date: Sun, 24 Oct 2021 10:12:17 GMT
expires: Mon, 24 Oct 2022 10:12:17 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 341195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 ADTECH;v=2;cmd=bid;cors=yes
adserver.adtech.advertising.com/pubapi/3.0/1/43539.58/0/0/ 0
0 459ms
395ms Fetch 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/1/43539.58/0/0/ADTECH;v=2;cmd=bid;cors=yes
Requested by: Host: profusesupport.com
URL: https://profusesupport.com/v2/0/xhxHt9Ql2QWX7SLo32xJmfVhOwoZRLLNDUA5dEwg2L-XmK-G5ahD6owqYy0BTyPkqHiBqj_Jc0Whw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.themarysue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:58:53 GMT
server: awselb/2.0

POST
H2 200 v2nhsZjzOam4QO3nfKv8MH5QlhlKzsAjCQfrGA2VAkrkZ2WHiHO_9pfR55u3Bqm_StLZlINrG7hMDWoAIrw Show response
fancyactivity.com/ 216 B
615 B 51ms
16ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fancyactivity.com/v2nhsZjzOam4QO3nfKv8MH5QlhlKzsAjCQfrGA2VAkrkZ2WHiHO_9pfR55u3Bqm_StLZlINrG7hMDWoAIrw

Requested by

Host: profusesupport.com
URL: https://profusesupport.com/v2/0/xhxHt9Ql2QWX7SLo32xJmfVhOwoZRLLNDUA5dEwg2L-XmK-G5ahD6owqYy0BTyPkqHiBqj_Jc0Whw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

7ae5537d86e0049cd4fc2996f640e3cbdf6e5bedb6123f98d36a84b508821038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.themarysue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 28 Oct 2021 08:58:53 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.themarysue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: c20f6cd1
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Thu, 28 Oct 2021 08:58:52 GMT

POST
H2 200 v2yoy66AgukfK_qag1CYQvKB7E-hZqxGDAVru5txfQ2gT3iCaKeoIXPFdBZM0uMAzyfMuGaA6laEN1lfYGw Show response
fancyactivity.com/ 3 B
36 B 31ms
31ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fancyactivity.com/v2yoy66AgukfK_qag1CYQvKB7E-hZqxGDAVru5txfQ2gT3iCaKeoIXPFdBZM0uMAzyfMuGaA6laEN1lfYGw

Requested by

Host: profusesupport.com
URL: https://profusesupport.com/v2/0/xhxHt9Ql2QWX7SLo32xJmfVhOwoZRLLNDUA5dEwg2L-XmK-G5ahD6owqYy0BTyPkqHiBqj_Jc0Whw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.themarysue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 28 Oct 2021 08:58:53 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.themarysue.com
access-control-allow-credentials: true
x-hostname: c20f6cd1
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.teads.tv
URL: https://sync.teads.tv/wigo-no-slot

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scorecardresearch.com/	1970-01-20 15:33:39	Name: UID Value: 17FKYVLXYEC8NEHW5DBNHMg1635411529
.quantserve.com/	1970-01-20 07:47:05	Name: mc Value: 617a6649-5212b-63380-6c08c
www.themarysue.com/	1970-01-20 07:02:27	Name: ntv_as_us_privacy Value: 1YNY
.themarysue.com/	1970-01-20 15:48:03	Name: _ga Value: GA1.2.1223140588.1635411529
.themarysue.com/	1970-01-19 22:18:17	Name: _gid Value: GA1.2.863403328.1635411529
.themarysue.com/	1970-01-19 22:16:51	Name: _gat_gtag_UA_21433528_1 Value: 1
.themarysue.com/	1970-01-20 07:41:20	Name: __qca Value: P0-1904328558-1635411529326
.themarysue.com/	1970-01-20 07:38:27	Name: gdpr-auditId Value: 70ac29aebbac4a77b2c4ce266f6c475c
.postrelease.com/	1970-01-20 07:02:27	Name: opt_out Value: 1
www.themarysue.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":594041,"placementID":1024382,"lastInteraction":1635411529711,"sessionStart":1635411529711,"sessionEndDate":1635465600000,"experiment":""}
.themarysue.com/	1970-01-19 22:16:51	Name: _gat_gtag_UA_173323690_13 Value: 1
.ad.gt/	1970-01-20 15:48:03	Name: au_id Value: 4e0fc790-ecaf-4d6e-b22d-1fa3e039b443
.adnxs.com/	1970-01-20 00:26:27	Name: uuid2 Value: 4457511829308199002
.pubmatic.com/	1970-01-20 00:26:27	Name: KTPCACOOKIE Value: true
.doubleclick.net/	1970-01-20 07:38:27	Name: IDE Value: AHWqTUkzteBv5JXUlu_jqooSR5d0Ibm7TWEtgndBmlJlNPGc6HWtkD887FF-bItnz3E
.pubmatic.com/	1970-01-20 00:26:27	Name: KADUSERCOOKIE Value: 26D0F575-B6E3-4394-BE42-04CBFC8DE7EC
.360yield.com/	1970-01-20 00:26:27	Name: tuuid Value: 1506e538-3ec0-4b4c-902c-15596cfab9e6
.360yield.com/	1970-01-20 00:26:27	Name: tuuid_lu Value: 1635411530
.adsrvr.org/	1970-01-20 07:02:27	Name: TDID Value: 43abdd62-181c-4c82-af0f-ab710bf06525
.adsrvr.org/	1970-01-20 07:02:27	Name: TDCPM Value: CAEYBSABKAIyCwiE9uDD_P6MOhAFOAE.
.bidr.io/	1970-01-20 07:45:25	Name: bito Value: AAD0WU7C9M0AABxZAb1wvw
.bidr.io/	1970-01-20 07:45:25	Name: bitoIsSecure Value: ok
.ad.gt/	1970-01-20 15:48:03	Name: last_seeng_hosted Value: 1635411530923
.ad.gt/	1970-01-20 15:48:03	Name: g_hosted Value:
.ad.gt/	1970-01-20 15:48:03	Name: last_seenadnxs Value: 1635411530935
.ad.gt/	1970-01-20 15:48:03	Name: adnxs_id Value: 4457511829308199002
.ad.gt/	1970-01-20 15:48:03	Name: first_seenadnxs Value: 1635411530935
.ad.gt/	1970-01-20 15:48:03	Name: last_seenadx Value: 1635411530936
.ad.gt/	1970-01-20 15:48:03	Name: google_gid Value: CAESEOiKgfbY744IIc9PnlVlQcY
.ad.gt/	1970-01-20 15:48:03	Name: first_seenadx Value: 1635411530936
.ad.gt/	1970-01-20 15:48:03	Name: last_seenpbm Value: 1635411530936
.ad.gt/	1970-01-20 15:48:03	Name: pbm Value: 26D0F575-B6E3-4394-BE42-04CBFC8DE7EC
.ad.gt/	1970-01-20 15:48:03	Name: first_seenpbm Value: 1635411530936
.openx.net/	1970-01-20 07:02:27	Name: i Value: 17130b21-d5f6-49d9-8258-dbfcb12dca27\|1635411531
.themarysue.com/	1970-01-20 00:26:27	Name: _fbp Value: fb.1.1635411531092.719476222
.ad.gt/	1970-01-20 15:48:03	Name: last_seenimprove Value: 1635411530936
.ad.gt/	1970-01-20 15:48:03	Name: impr_uid Value: 1506e538-3ec0-4b4c-902c-15596cfab9e6
.ad.gt/	1970-01-20 15:48:03	Name: last_seentd Value: 1635411530936
.ad.gt/	1970-01-20 15:48:03	Name: tdid Value: 43abdd62-181c-4c82-af0f-ab710bf06525
.ad.gt/	1970-01-20 15:48:03	Name: first_seentd Value: 1635411530936
.ad.gt/	1970-01-20 15:48:03	Name: last_seenbeeswax Value: 1635411530963
.ad.gt/	1970-01-20 15:48:03	Name: beeswax_id Value: AAD0WU7C9M0AABxZAb1wvw
.ad.gt/	1970-01-20 15:48:03	Name: last_seenhaloid Value: 1635411531126
.ad.gt/	1970-01-20 15:48:03	Name: halo_id Value: 0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 15:48:03	Name: first_seenhaloid Value: 1635411531126
.ad.gt/	1970-01-20 15:48:03	Name: last_seenopenx Value: 1635411531197
.ad.gt/	1970-01-20 15:48:03	Name: openx_id Value: edff2d1d-f5fd-49d2-8b75-0744c27536de
www.themarysue.com/	1970-01-20 07:45:39	Name: _cb_ls Value: 1
www.themarysue.com/	1970-01-20 07:45:39	Name: _cb Value: i_QgSE3c38DdlkUb
www.themarysue.com/	1970-01-20 07:45:39	Name: _chartbeat2 Value: .1635411531587.1635411531587.1.Cn7vTmBlNnmWCpJuLWy6HASBfKg4N.1
www.themarysue.com/	1970-01-19 22:16:53	Name: _cb_svref Value: null
.ad.gt/	1970-01-19 22:18:17	Name: au_idmatch Value: {"apn": "2021-10-28", "ttd": "2021-10-28", "pub": "2021-10-28", "adx": "2021-10-28", "halo": "2021-10-28", "goo": "2021-10-28", "bees": "2021-10-28", "son": "2021-10-28", "impr": "2021-10-28", "ppnt": "2021-10-28", "ado": "2021-10-28", "rub": "2021-10-28", "smart": "2021-10-28", "mediamath": "2021-10-28", "taboola": "2021-10-28"}
.mathtag.com/	1970-01-20 07:42:46	Name: uuid Value: e7b8617a-664c-4200-8010-bf57679277e3
.smartadserver.com/	1970-01-20 07:47:05	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 07:47:05	Name: pbw Value: %24b%3d16950%3b%24o%3d11100
.smartadserver.com/	1970-01-20 07:47:05	Name: pid Value: 3150718567560010247
.smartadserver.com/	1970-01-20 07:47:05	Name: pdomid Value: 10
.demdex.net/	1970-01-20 02:36:03	Name: demdex Value: 48567410698059296672055509174565730399
.dpm.demdex.net/	1970-01-20 02:36:03	Name: dpm Value: 48567410698059296672055509174565730399
.ad.gt/	1970-01-20 15:48:03	Name: last_seenrub Value: 1635411532504
.ad.gt/	1970-01-20 15:48:03	Name: rub Value:
.ad.gt/	1970-01-20 15:48:03	Name: last_seenmediamath Value: 1635411532573
.ad.gt/	1970-01-20 15:48:03	Name: user_id Value: e7b8617a-664c-4200-8010-bf57679277e3
.ad.gt/	1970-01-20 15:48:03	Name: last_seenadb Value: 1635411532676
.ad.gt/	1970-01-20 15:48:03	Name: adb Value: 48567410698059296672055509174565730399
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 93f79de2990e97e9
.ad.gt/	1970-01-20 15:48:03	Name: last_seenpulsepoint Value: 1635411533010
.ad.gt/	1970-01-20 15:48:03	Name: uid Value: efWHfHQivuUr
.themarysue.com/	1970-01-21 00:33:39	Name: _awl Value: 2.1635411533.0.4-6a6f6442-a248cf5350644a0e45d86004ad97ae07-6763652d6575726f70652d7765737431-617a664d-0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.teads.tv
ad.360yield.com
ads.adthrive.com
ads.pubmatic.com
adserver.adtech.advertising.com
am21.mediaite.com
am22.mediaite.com
am23.mediaite.com
am24.mediaite.com
aufp.io
bh.contextweb.com
cdn.onesignal.com
cm.g.doubleclick.net
cmp-consent-tool.privacymanager.io
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
disqus.com
dpm.demdex.net
fancyactivity.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
hb.brainlyads.com
ids.ad.gt
image2.pubmatic.com
jadserve.postrelease.com
match.adsrvr.org
match.prod.bidr.io
onesignal.com
p.ad.gt
ping.chartbeat.net
pixel.quantserve.com
pixel.zprk.io
pixels.ad.gt
powerad.ai
profusesupport.com
reporting.powerad.ai
rules.quantcount.com
s.ntv.io
s8t.teads.tv
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.mathtag.com
sync.smartadserver.com
sync.teads.tv
t.teads.tv
themarysue.com
themarysue.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.themarysue.com
sync.teads.tv
142.250.185.194
143.204.98.107
143.204.98.110
143.204.98.86
151.101.192.134
172.217.18.98
175.41.171.176
178.162.133.149
18.211.226.152
18.214.157.113
184.30.21.51
184.30.25.51
185.29.132.241
185.64.190.80
185.86.137.110
199.232.196.134
2.18.233.180
2.18.234.163
23.20.158.212
23.218.209.56
2600:9000:2156:4c00:6:44e3:f8c0:93a1
2600:9000:2156:6000:16:f82a:8600:93a1
2600:9000:2156:a600:11:2a6a:9480:93a1
2600:9000:2156:c400:18:1fcd:34f:cdc1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:10::6816:3a6e
2606:4700:10::ac43:1906
2606:4700:20::681a:9bc
2606:4700:20::ac43:45fa
2606:4700::6812:e234
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2008
2a00:1450:4001:828::200e
2a00:1450:4001:830::2001
2a00:1450:400c:c07::9c
2a02:26f0:1700:11::b856:679a
2a02:26f0:1700:781::f09
2a02:26f0:1700:8bc::26e5
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::300
3.33.220.150
35.164.229.85
35.186.219.42
35.201.98.64
35.244.159.8
35.83.59.198
37.252.172.37
52.213.37.66
52.25.225.148
52.30.222.33
52.58.124.95
54.149.90.128
54.154.45.254
54.189.240.181
54.234.151.247
69.173.144.165
74.214.196.131
75.101.244.20
0144d5a215fee94ebec7db648bfd91d4e3a1579c6c2550167fd645027fad5a12
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
062c6e6703e87cfef79d10a9d31ad244c67d131a575a0704404961da139526f4
08ab86a5df95fee440402128c18457ead501243f7d43618bff35eae8d69af7ab
08ef9182bc6e91218206be8a0ee99a8049bc8f06ebc65e0b5dbb3a2e8237de00
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb91510affa30b30f4c3ce7bc5609b6f98ca55ff26d51a89b9cc0abd8bbaa7a
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11ef9d117029ebe6e64e15e07838132bda11d31a93beafdf6709d597c6c10d3d
16bd8a9ac42d65385e4009deeeeb2e68cabd83ab95045445501989ab9c24ea3a
17519e1e3a96da74093d09a6e97a6861fb97d8520ddf8f96f652dd13e23ecb92
1b4545e593ba3c26b1d9d4964a52360e4abd77b37b42752f6f9e7f00aa9d8ba7
1e86f06372b01fa5c0138d09a06ac3f8a4632168b558fbcc7765655a8c74aa1f
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27930cfd59e7931f5df3ea2fea1823e7e9ccd2dfc035ac3f4171038da0fb0d6e
2abb27a01b311e3f9e3bf05ec733908b88b2b6be03314dbed20bcf7805c93be9
2c6be2f6b202a8b39ea2cc4fffdf062a417df4f5d745c989bf66eb10793ff75a
305bf3d9ed3814325d8fc60edb431fb1b7e83ba8d9ef2039292ab312c14295ad
3269900957596b797ed22998c3ecebc6d76fc59144716c4c196f33307627b776
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
39304c3f8317ca87e8deb98f247236d0a86e4a68a156dee7fbe8ae671441ed99
3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059
40df060ac7513a675044f93b6092447be7be43927472f2f064ccf4a03767b6c2
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a
4b4f1059472f8e6ea70ef15ba0cdb6234d4a78eea4fae1c7b42e2eaf367bbe51
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7
533e75e76d7f21bd9cb5f99ad1e21baa33b917057c5fe28d391eab20da593c08
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5aab6d668dec04ff18e711ede1b6eed0058aa3107ffec380410386af26ffb804
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5febaa5e86b9932b7b209a1363f9dc248021dbd5dd35e6bd60d07ca48c901da8
62a5aca29f40096c0bf169f8b3d5a72cbe9596d425676921fffc10b9eb138d72
65c575e04d96e4965bcd2edb9495512dc26169fadadecde00709eaca79ac6971
67a9149e10e7c5efbcadfa0f7118dad6a12005f07c969737264465f9346748cc
685a3ff99ed9f1155d77a5a5161788fe867b675f16a9d63b756116d6dc236957
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f15a846fbfbe84214000cd7d0f21261e7c7ccdca3cc1eb5edb0019128f47fc5
71f950aafef6200daf6c96c7627830f94335dc378d1bec0c838517d46c2d3e1f
72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4
79d5c49594f04eba68e6b04f85a799145411151977221f02affbf6a60e03eebe
7ae5537d86e0049cd4fc2996f640e3cbdf6e5bedb6123f98d36a84b508821038
7df67531b2adb38185f21f13535c3b76927370f331dbd59a2b0a6c9ced6b6a90
8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6
8156274be416705f770f8d4e0338e9886f99a863f433e105dc497f2e998f1812
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
88869833f272b7cbe4aa430ba6fef70f3d98e881dba14e68c675fe95ce426100
8be3ea412b0d85f60229cd2ea9027587538e1dff6c18e91d7c482908b5db1f55
8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0
8df0227deb3092d902654ef27073670e9126534ecb2d41c859781ff6b8de6a90
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8eedb899fd7fe59d8351b9ef5280ebb38a053d710164d3cafca9185f6f4a267c
8f0e1ccdbe6c05f597adca8aa1f26d60055245f7fa0dc2e3be0f9bc34cf0f243
967d8a9ecbe1fca8fd7193d6f4f15382d2f7fc95a3684018a5259dd58ab43a86
9ab617c5f3e849af9ead8c39d269ff73e24985fe0a082c94aa679b1e032059a3
9b46932081d665be70ad249265f8612391628b11f846135cf98f7a67aa4878b4
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7
9bb130ef63f527b8938940f528b072514571ecb926464af467a07bc6a3c518a5
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a34a543084f4139de897b76c2a02557e941878c0f880ec908070d6bfa98f3c5b
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a454e625bd8ad001b3f251eec12d3e385cd48a253c652c152c3fd0a972077ea2
a6ac1c52b80ad03638f4aa250a574c947a2eb92a43bcf0afa6780e0e7979dfb1
aa04ad3dfbdba4ceb7fd0a8afa48ef5fc8dca84dd6a872fd3e13204543881737
aace8558b1a84bb19ff09e2b8622ff74f4d19cd30018ccfd1048ede207b5348e
aef9ed644efb2888474c4e759b3903f5d07645e71cb9da7ebe68c48f3204b6b8
af7dc07bea8ecb82e25b395b2e712dc67e9bb8570db3c61129644a7f3db642d3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b15db83d6728f1bdc23d52cdd90b055b7f5d5bd01b116d4d98d0c89a0e5fdfaf
b17a8edc7506493d958440f90b259891f10788ff6d72d53c61555fde7528f720
b4bafa4a9323e8821070ebe4483001b8d3cfc76c66eb8f9ac1ffa1c1541ebbf0
b5a37bae2683e695d00b2610ce6c56c74ae1b5c62b08c117c27ef7ca32c00239
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c3bbe732b7a2afa3b48f7799359c4ff436ab23355a8be2136bcfef1a8205f318
c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7a013acd7bc1d7d1af8726274c7c9248318846ac1eed864faf22656ba4d6f3
cc3333c013480f9c4d25357409fb4b451ee0ea1eb500eb4a84fe9e771dcc97bb
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
ceedb3a311e1610e2e62c405b618d40560bd0f068cdf86cfb5bab4cf68e385ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c0b4fe5568517efed2f1c5079e6dac6a8b6cb28d06a36f094e65c9d146b5e0
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df2ce576af6113dfc024ccc17e0b1b27a71a6eb021c9c3c12741271d660355e9
dfd350f37417bce410548c47c4b0d4bf7d34615143468287f97447255cbe70ab
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f8e1d1844c3c55be72e5c3e03315b8c0f6f1b176c6b8296728192793d0c5cc
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ea94e14baf1f91cc9bc1ce2d5e2787b8e1b78d01289b167180ca2f53441ea63e
eaf208cb4c2e515e7e180ea4895c8a8319712caf5be9460e19537a2c9606a1a1
f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962
f8d9561d9ce4e63494bfd9d06ecc8de8b5e84e63f2e2fcaaa694c7bcacdeb1d9
f952ce3e054a92e092480c7532a359442bed9c79f56426338e13061e867b39e0
fbfff043ea2bf6fb2c1ecfbc16176670c9023c34fd57a992f261a0e6f1bd6083
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

www.themarysue.com Open in urlscan Pro 2606:4700:20::681a:9bc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

165 Requests

90 %HTTPS

36 %IPv6

43 Domains

63 Subdomains

49 IPs

9 Countries

2891 kBTransfer

9034 kBSize

69 Cookies

30 Outgoing links

Page URL History

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.themarysue.com Open in urlscan Pro
2606:4700:20::681a:9bc Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

90 %
HTTPS

36 %
IPv6

43
Domains

63
Subdomains

49
IPs

9
Countries

2891 kB
Transfer

9034 kB
Size

69
Cookies

165 HTTP transactions
2 data transactions